You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2022/02/19 23:21:30 UTC
[Bug 65900] New: SSL still enabled without SSLEngine
https://bz.apache.org/bugzilla/show_bug.cgi?id=65900
Bug ID: 65900
Summary: SSL still enabled without SSLEngine
Product: Apache httpd-2
Version: 2.4.52
Hardware: PC
OS: Linux
Status: NEW
Severity: minor
Priority: P2
Component: mod_ssl
Assignee: bugs@httpd.apache.org
Reporter: jhilgeman@gmail.com
Target Milestone: ---
Had a barebones setup with a single conf file where the only 4 references to
SSL were:
1. The LoadModule for mod_ssl.
2. Listen 443 https
3. Certificate and key specified inside a single vhost.
The "SSLEngine on" directive was removed completely and the server restarted.
After the restart, tried to access a file via HTTPS and could see the handshake
occur and a successful file retrieval via HTTPS.
Same setup on Windows using an Apache Lounge build on the same version seems to
partially work (although the error log indicates a bad request).
The documentation for SSLEngine indicates the default value is "SSLEngine off"
and the documentation for the other 3 related directives do not indicate that
they enable the SSL engine.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org