You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2010/10/26 04:19:45 UTC
DO NOT REPLY [Bug 50155] New: httpd -s attempts to read SSL
certificates
https://issues.apache.org/bugzilla/show_bug.cgi?id=50155
Summary: httpd -s attempts to read SSL certificates
Product: Apache httpd-2
Version: 2.0.52
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_ssl
AssignedTo: bugs@httpd.apache.org
ReportedBy: sparr0@gmail.com
I am attempting to get the status of a running httpd and a list of its vhosts.
Both of these commands
httpd -s
httpd -t -D DUMP_VHOSTS
insist on reading in the SSL certificates for defined https vhosts, which fails
for non-root users who can't read those files but are otherwise able to
interact with httpd.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 50155] httpd -s attempts to read SSL certificates
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=50155
Kaspar Brand <as...@velox.ch> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |lingpeng123321@hotmail.com
--- Comment #4 from Kaspar Brand <as...@velox.ch> 2012-03-10 06:04:15 UTC ---
*** Bug 52867 has been marked as a duplicate of this bug. ***
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 50155] httpd -s attempts to read SSL certificates
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=50155
Joe Orton <jo...@redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
--- Comment #1 from Joe Orton <jo...@redhat.com> 2011-02-12 09:40:41 EST ---
This is expected; "httpd -t" is intended to check the validity of the config
file and testing for existence of the cert/key files is one of the validity
tests.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 50155] httpd -s attempts to read SSL certificates
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=50155
Joe Orton <jo...@redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |NEEDINFO
--- Comment #3 from Joe Orton <jo...@redhat.com> 2011-02-25 12:00:23 EST ---
I can't see mod_ssl opening certs in -t mode here. The code doesn't show that
either; it shows a stat() of the cert file, not an open().
# strace httpd -t -D DUMP_VHOSTS 2>&1 | grep /etc/pki
stat("/etc/pki/tls/certs/localhost.crt", {st_mode=S_IFREG|0600, st_size=1115,
...}) = 0
stat("/etc/pki/tls/private/localhost.key", {st_mode=S_IFREG|0600, st_size=887,
...}) = 0
Please show e.g. the strace output for httpd failing in open().
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 50155] httpd -s attempts to read SSL certificates
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=50155
Clarence Risher <sp...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|WONTFIX |
--- Comment #2 from Clarence Risher <sp...@gmail.com> 2011-02-12 14:05:50 EST ---
Testing for the existence of the cert/key files is not the issue here.
Attempting to open them is. If THAT is intended behavior then please re-WONTFIX
this.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org