Yesterday (2019-06-24) I updated Ubuntu 18.04 and got OpenSSL 1.1.1; after
that, every GET-request with a client certificate causes a delay > 15sec.
I use the source-download of apache 2.4.39 (the latest version), TLS 1.3 is not
configured.
Because only access to parts of the virtual host should be protected with
SSLVerifyClient require
I think I have to use it in a LocationMatch block like
<Location /mylocation>
SSLVerifyClient require
SSLVerifyDepth 1
SSLOptions +StdEnvVars +ExportCertData +OptRenegotiate
</Location>
Behind apache, tomcat 8.5 is used via AJP.
I tried to downgrade OpenSSL to the prior version (with no errors), but
the apache log still shows using OpenSSL 1.1.1 (?) and the delay
remains.
Because this is a production server, any quick help/workaround is
appreciated...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1833896
Title:
Ubuntu 18.04: slow page loads with client cert auth after upgrade to
openssl 1.1.1
To manage notifications about this bug go to:
https://bugs.launchpad.net/apache2/+bug/1833896/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
