You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2010/07/22 18:09:26 UTC

DO NOT REPLY [Bug 49638] New: Re-negotiation request failed

https://issues.apache.org/bugzilla/show_bug.cgi?id=49638

           Summary: Re-negotiation request failed
           Product: Apache httpd-2
           Version: 2.2.15
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: regression
          Priority: P2
         Component: mod_ssl
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: sistemi@erptech.it


Created an attachment (id=25794)
 --> (https://issues.apache.org/bugzilla/attachment.cgi?id=25794)
error log

Re-negotiation request between server and client failed.
Versions:
httpd-2.2.15
openssl-0.9.8a.

#SSL configuration
SSLVerifyClient optional
SSLOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate
SSLVerifyDepth 2
SSLRequireSSL
SSLRequire ...................

Same configuration works fine with httpd.2.2.14 and openssl-0.9.7a

thanks

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

DO NOT REPLY [Bug 49638] Re-negotiation request failed

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=49638

William A. Rowe Jr. <wr...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |INVALID

--- Comment #1 from William A. Rowe Jr. <wr...@apache.org> 2010-07-22 12:24:39 EDT ---
0.9.8a is insecure, and doesn't support OptRenegotiate.

Please don't raise purely OpenSSL issues on this tracker, it is not for user
support.  See the users@ lists instead.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

DO NOT REPLY [Bug 49638] Re-negotiation request failed

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=49638

--- Comment #2 from William A. Rowe Jr. <wr...@apache.org> 2010-07-22 12:30:55 EDT ---
My mistake, 0.9.8a does support OptRenegotiate, but not a secure variety.

See http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslinsecurerenegotiation
and again, this belongs on the user list, not here.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org