You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2006/06/02 13:56:56 UTC
DO NOT REPLY [Bug 39705] New: - Bug in Apache2.0 mod_ssl which prevents from jointly treating method POST with an authentification customer by certificate?
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39705>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39705
Summary: Bug in Apache2.0 mod_ssl which prevents from jointly
treating method POST with an authentification customer
by certificate?
Product: Apache httpd-2
Version: 2.0.58
Platform: Other
OS/Version: Linux
Status: NEW
Severity: critical
Priority: P5
Component: mod_ssl
AssignedTo: bugs@httpd.apache.org
ReportedBy: cc.chen@fsd.com.my
I find this article at internet and I am facing the same problem as mentioned
in the article below. I would like know whether Apache did come out the fix
for the below problem. Thanks alot.
##########################
There is a bug in Apache2.0 mod_ssl which prevents from jointly treating
method POST with an authentification customer by certificate.
The problem appears when the level of authentification (SSLVerifyClient) is
higher on the level of a Location directive than on the level of the virtual
host.
The message which appears in the logs is then
[error] SSL Re-negotiation in conjunction with POST method not supported! \
nhint: try SSLOptions +OptRenegotiate
Possible parades:
To use a as constraining directive on the level of the virtual host as in the
directive hiring (walk with optional)
to use a special port for the forms requiring method POST and SSLVerifyClient.
To bring the SSLVerifyClient directive to the level of the virtual host. The
directive is then extended to all the virtual host
############################
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 39705] - Bug in Apache2.0 mod_ssl which prevents from jointly treating method POST with an authentification customer by certificate?
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39705>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39705
rpluem@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |DUPLICATE
------- Additional Comments From rpluem@apache.org 2006-06-02 22:54 -------
*** This bug has been marked as a duplicate of 12355 ***
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org