Seg-fault when using SSLProxyMachineCertificateFile

[Florian S.]

Hi all,

I'm running an Apache/2.2.14(Unix) + mod_ssl/2.2.14 + mpm_worker as
reverse proxy. Everything with SSL worked fine so far (including
verifying clientcerts). Now, I wanted Apache to use some certs when
talking to the backends.

My SSLProxyMachineCertificateFile contains the following:
Certificate:
    Data:
        Version: 3 (0x2)
        Signature Algorithm: md5WithRSAEncryption
        Issuer: C=lk, ST=lkj, L=lkj, O=lkj, OU=lkj, CN=ca
asd/emailaddress=...@$
        Validity
            Not Before: Feb 16 16:00:00 2010 GMT
            Not After : Feb 16 16:00:00 2011 GMT
        Subject: C=lk, ST=lkj, O=lkj, OU=lkj, CN=cert 2
ccert/emailaddress=...@$
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:d5:83:0f:03:5e:a9:b6:08:16:2e:c2:7d:1e:b7:
                    ...
                    28:b2:55:e3:df:64:ed:8e:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
                    ...other stuff
    Signature Algorithm: md5WithRSAEncryption
        74:e8:8d:3f:57:0a:33:94:37:7b:bc:31:b9:81:71:5c...
-----BEGIN CERTIFICATE-----
TLSdtQnWynaZERayZO2BOXmAvd/m8xIkqM3ffmiLJbIwGu5vNBu3AvhQv2CJM...
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDVgw8DXqm2CBYuwn0et9N5rO8uwSDPdiaFMSJisyxcW0S9+...
-----END RSA PRIVATE KEY-----

There is nothing strange to see in the debuglog. There is even:
[debug] ssl_engine_init.c(965): loaded 1 client certs for SSL proxy

Now, running:
strace /apache/bin/httpd -k restart -DDEBUG -DONE_PROCESS -DNO_DETACH
gives:

...
open("/var/run/openssl/clientcerts.pem", O_RDONLY|O_LARGEFILE) = 7
fstat64(7, {st_mode=S_IFREG|0644, st_size=4455, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0xb7159000
read(7, "\nCertificate:\n    Data:\n        "..., 4096) = 4096
read(7, "2/vhohhuk5fYKSNwXMYw+n2\nMXe2ubUo"..., 4096) = 359
read(7, "", 4096)                       = 0
close(7)                                = 0
munmap(0xb7159000, 4096)                = 0

^ this part four times the same. And then:

gettimeofday({1266931804, 383328}, NULL) = 0
write(2, "[Tue Feb 23 13:30:04 2010] [noti"..., 108) = 108
gettimeofday({1266931804, 383549}, NULL) = 0
write(2, "[Tue Feb 23 13:30:04 2010] [noti"..., 137) = 137
time(NULL)                              = 1266931804
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++
Process 13391 detached

^ The last two entries written to logfile

Read about segfault for missing a private key, but it is present..
Can't see anything strange.. Any ideas? Reasons? Further investigation
tips?
Or would this issue fit better on the user-list?

Best regards:
        Florian Schröder