Re: SSL_CTX_get_{first,next}_certificate (Re: svn commit: r1562500 - /httpd/httpd/branches/2.4.x/STATUS)

On 20.02.2014 21:37, Falco Schwarz wrote: As I read through the changed code I found a smaller issue with the deprecation warning of SSLCertificateChainFile: + ap_log_error(APLOG_MARK, APLOG_WARNING|APLOG_STARTUP, 0, cmd-server, + APLOGNO(02559) + The SSLCertificateChainFile directive

RE: SSL_CTX_get_{first,next}_certificate (Re: svn commit: r1562500 - /httpd/httpd/branches/2.4.x/STATUS)

Perhaps I am missing something here, but if it is printed to stderr I should see it in the console when starting, right? Because I am unable to see it anywhere. Even when reloading or restarting it is not written to the error log. It does not show up with -t either. Any clues? Date: Sat, 22

Re: SSL_CTX_get_{first,next}_certificate (Re: svn commit: r1562500 - /httpd/httpd/branches/2.4.x/STATUS)

On 22.02.2014 11:06, Falco Schwarz wrote: Perhaps I am missing something here, but if it is printed to stderr I should see it in the console when starting, right? Because I am unable to see it anywhere. Even when reloading or restarting it is not written to the error log. It does not show

RE: SSL_CTX_get_{first,next}_certificate (Re: svn commit: r1562500 - /httpd/httpd/branches/2.4.x/STATUS)

Date: Sat, 22 Feb 2014 11:22:14 +0100 Does your current config still include an SSLCertificateChainFile directive? Kaspar Yes, for testing I am currently using these directives (without comment): SSLCertificateFile      conf/ssl/foo.bar.cer    # leaf only SSLCertificateKeyFile  

Re: SSL_CTX_get_{first,next}_certificate (Re: svn commit: r1562500 - /httpd/httpd/branches/2.4.x/STATUS)

On 22.02.2014 11:27, Falco Schwarz wrote: Yes, for testing I am currently using these directives (without comment): SSLCertificateFile conf/ssl/foo.bar.cer# leaf only SSLCertificateKeyFile conf/ssl/foo.bar.key# key only SSLCertificateChainFile conf/ssl/foo.bar.ca # chain

RE: SSL_CTX_get_{first,next}_certificate (Re: svn commit: r1562500 - /httpd/httpd/branches/2.4.x/STATUS)

Date: Sat, 22 Feb 2014 15:16:27 +0100 The only explanation I can imagine then is that your mod_ssl.so / httpd binary does not include the complete mod_ssl-2.4.x-certkeyfile-v3.diff patch. Does strings mod_ssl.so | grep AH02559 show any output? Kaspar   Unfortunately yes. I checked out a

Re: modules calling ap_lingering_close()!!!

On 20.02.2014 18:24, Jeff Trawick wrote: BTW, do you know if there's a known collection of patches for 2.4 support or for other critical fixes? mod_wsgi is running on eos and reliably serves wiki.apache.org using the following patch on top of 3.4 in combination with 2.4.4, 2.4.6 and 2.4.6

Re: 2.4.8 This Month

On 19.02.2014 14:08, Jim Jagielski wrote: I'd like to shoot for a TR sometime next week... I updated aurora our US server for www.apache.org, the project sites and also mail-archives.a.o to 2.4.8 dev svn revision 1570851 plus apr/apu head revision of their 1.5 branches. Looks good, but only

Re: mod_ssl openssl ./configure particularity

Understood and this would explain assigning them to MOD_SSL_LIBS etc. But added to MOD_LIBS? That struck me as very odd. On Feb 22, 2014 1:41 AM, Kaspar Brand httpd-dev.2...@velox.ch wrote: On 20.02.2014 04:18, William A. Rowe Jr. wrote: Can anyone offer background as to why httpd 2.4 branch

RE: SSL_CTX_get_{first,next}_certificate (Re: svn commit: r1562500 - /httpd/httpd/branches/2.4.x/STATUS)

Kaspar, I switched back to your version and realized, that the directive SSLCertificateChainFile was always used in a VirtualHost. If the directive is in server scope, the warning is written correctly.