apport information ** Tags added: apport-collected bionic
** Description changed: Ubuntu 18.04.4 LTS, after update from apache 2.4.29-1ubuntu4.11 to apache 2.4.29-1ubuntu4.12 authentication with client certificate stopped working. No certificate is requested from client browser and apahce log has error: [Tue Mar 03 16:03:34.964389 2020] [ssl:debug] [pid 12384:tid 139853354215168] ssl_engine_kernel.c(2217): AH02041: Protocol: TLSv1.3, Cipher: TLS_AES_256_GCM_SHA384 (256/256 bits) [Tue Mar 03 16:03:36.499614 2020] [ssl:debug] [pid 12383:tid 139853481088768] ssl_engine_io.c(1106): AH02001: Connection closed to child 1 with standard shutdown [Tue Mar 03 16:03:37.714744 2020] [ssl:debug] [pid 12384:tid 139853481088768] ssl_engine_kernel.c(383): AH02034: Initial (No.1) HTTPS request received for child 65 (server devel.liisi.ee:443), referer: https://devel.liisi.ee:8950/accounts/login/ [Tue Mar 03 16:03:37.714941 2020] [ssl:error] [pid 12384:tid 139853481088768] AH: verify client post handshake, referer: https://devel.liisi.ee:8950/accounts/login/ A temporary workaround is to disable the whole TLSv1.3 protocol in the vhost configuration. + --- + ProblemType: Bug + Apache2ConfdDirListing: False + Apache2Modules: + AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.20.4.138. Set the 'ServerName' directive globally to suppress this message + httpd (pid 13567) already running + ApportVersion: 2.20.9-0ubuntu7.11 + Architecture: amd64 + DistroRelease: Ubuntu 18.04 + InstallationDate: Installed on 2010-05-21 (3576 days ago) + InstallationMedia: Ubuntu-Server 10.04 LTS "Lucid Lynx" - Release amd64 (20100427) + Package: apache2 2.4.29-1ubuntu4.12 + PackageArchitecture: amd64 + ProcEnviron: + TERM=xterm-256color + PATH=(custom, no user) + XDG_RUNTIME_DIR=<set> + LANG=en_US.UTF-8 + SHELL=/bin/bash + ProcVersionSignature: Ubuntu 4.15.0-88.88-generic 4.15.18 + Tags: bionic + Uname: Linux 4.15.0-88-generic x86_64 + UpgradeStatus: Upgraded to bionic on 2018-10-16 (505 days ago) + UserGroups: + + _MarkForUpload: True + error.log: + [Thu Mar 05 06:25:05.942445 2020] [ssl:warn] [pid 13567:tid 140475868056512] AH01909: klient.liisi.ee:443:0 server certificate does NOT include an ID which matches the server name + [Thu Mar 05 06:25:05.945212 2020] [mpm_worker:notice] [pid 13567:tid 140475868056512] AH00292: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.1 mod_wsgi/4.5.17 Python/3.6 configured -- resuming normal operations + [Thu Mar 05 06:25:05.945234 2020] [core:notice] [pid 13567:tid 140475868056512] AH00094: Command line: '/usr/sbin/apache2' + modified.conffile..etc.apache2.mods-available.reqtimeout.conf: [modified] + modified.conffile..etc.apache2.ports.conf: [modified] + modified.conffile..etc.apache2.sites-available.000-default.conf: [modified] + mtime.conffile..etc.apache2.mods-available.reqtimeout.conf: 2020-03-03T16:33:43.294515 + mtime.conffile..etc.apache2.ports.conf: 2014-10-22T16:31:31.217125 + mtime.conffile..etc.apache2.sites-available.000-default.conf: 2019-10-16T13:29:08.811073 ** Attachment added: "Dependencies.txt" https://bugs.launchpad.net/bugs/1865900/+attachment/5333776/+files/Dependencies.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1865900 Title: apache 2.4.29-1ubuntu4.12 authentication with client certificate broken To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1865900/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
