** Changed in: openssl (Ubuntu) Status: Incomplete => Won't Fix ** Changed in: apache (Ubuntu) Status: Confirmed => Won't Fix
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/795355 Title: Intermittent SSL connection faults when using TLSv1 Status in OEM Priority Project: Won't Fix Status in OEM Priority Project lucid series: Won't Fix Status in apache package in Ubuntu: Won't Fix Status in openssl package in Ubuntu: Won't Fix Bug description: Binary package hint: openssl Reported intermittent SSL connection issue on some apache mod_ssl vhosts. Platform: Ubuntu 10.04.2 LTS Tested: Apache2-2.2.14-5ubuntu8.4 and backported 2.2.17-1ubuntu1 from Natty Firefox client will intermittently report: Secure Connection Failed An error occurred during a connection to oem-ibs.canonical.com. Peer's certificate has an invalid signature. (Error code: sec_error_bad_signature) Condition will clear on reload. Occassionally the server will alternately serve a good page followed by an SSL error until Apache is restarted. I am unable to reproduce the condition on demand, but have output from when the fault occurs. When the fault condition occurs it can be reproduced with any SSL client. The fault presents on multiple distinct servers. Initially suspected to be a bug with mod_ssl https://issues.apache.org/bugzilla/show_bug.cgi?id=46952, backport has eliminated this as has anecdotal reports of this same error presented from Dovecot. Tested with SSL certs from different CAs. Example: $ openssl s_client -connect oem-ibs.canonical.com:443 CONNECTED(00000003) depth=2 /C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA verify error:num=20:unable to get local issuer certificate verify return:0 14563:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:100: 14563:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:697: 14563:error:1408D07B:SSL routines:SSL3_GET_KEY_EXCHANGE:bad signature:s3_clnt.c:1449: To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/795355/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp