You have been subscribed to a public bug: After upgrade to openssl 1.1.1 on Ubuntu 18.04 i encountered slow page loads (>15 sec delay for each GET) when client cert auth is used.
Apache logs show delays like this (LogLevel debug): [Fri Jun 21 11:36:13.760861 2019] [socache_shmcb:debug] [pid 14032] mod_socache_shmcb.c(516): AH00834: leaving socache_shmcb_store successfully [Fri Jun 21 11:36:30.229486 2019] [authz_core:debug] [pid 14032] mod_authz_core.c(835): [client XXX.XXX.XXX.XXX:XXXX] AH01628: authorization result: granted (no directives) This appears to be a problem in apache that has been triggered with Openssl 1.1.1 and was fixed in 2.4.34, see https://bz.apache.org/bugzilla/show_bug.cgi?id=62691 The workaround mentioned there worked for me, so after moving the "SSLVerifyClient require" part out of an LocationMatch block into the containing VirtualHost stopped the delays instantly. Thanks a lot! Andreas Ubuntu 18.04 apache2 2.4.29-1ubuntu4.6 openssl 1.1.1-1ubuntu2.1~18.04.3 ** Affects: apache2 (Ubuntu) Importance: Undecided Status: New -- Ubuntu 18.04: slow page loads with client cert auth after upgrade to openssl 1.1.1 https://bugs.launchpad.net/bugs/1833896 You received this bug notification because you are a member of Ubuntu Server/Client Support Team, which is subscribed to apache2 in Ubuntu. -- Mailing list: https://launchpad.net/~enterprise-support Post to : enterprise-support@lists.launchpad.net Unsubscribe : https://launchpad.net/~enterprise-support More help : https://help.launchpad.net/ListHelp
