Just an idea, run a separate stance locally on a random port (to avoid collisions) with the certificate, if it fails to start bingo, if it doesn't fail you are good to put the cert on the main instance.
On Thu, Jul 2, 2020 at 5:09 PM Yves Goergen <nospam.l...@unclassified.de> wrote: > Hello, > > I'd like to let my users install their own SSL certificates through a > web interface for self-management services. If a user provides a > malicious certificate, the entire server will fail to start and the > whole system is down. This is a bit hard but that's how it is. > > So I'll have to make sure the certificate and key are usable by apache > before generating the config that will use it. > > I could run basic checks like let openssl parse it. But I've managed to > break my test server by providing it a perfectly working certificate and > key - from an old domain from 2016. The server complained with this > message: > > > SSL Library Error: error:140AB18E:SSL > routines:SSL_CTX_use_certificate:ca md too weak > > That's from my letsencrypt archives. A newer one of the same domain from > 2018 works just fine on the same new dev server. So there are obviously > circumstances that let apache fail on the certificate that I can't fully > analyse. > > Is there a method to have apache check that certificate and key in > advance, considering its usual configuration, before I expect it to use > the certificate? I don't want to let it try out the file on a production > system, and learn about an unsupported certificate by a web server > that's down. There has to be a smarter way to handle this. > > -Yves > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- [ ]'s Filipe Cifali Stangler
