You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Steffen <in...@apachelounge.com> on 2019/08/03 10:36:01 UTC

changelog mod_md ssl patch


Changelog says mod_ssl needs patch.

That is a typo or where is the patch.


  *) mod_md: new features
     - supports the ACMEv2 protocol
     - new challenge method 'tls-alpn-01' implemented, needs mod_ssl 
patch to become available

Re: changelog mod_md ssl patch

Posted by Stefan Eissing <st...@greenbytes.de>.

As Rainer said. This should have been removed after the mod_ssl backport.

> Am 03.08.2019 um 13:00 schrieb Rainer Jung <ra...@kippdata.de>:
> 
> Hi Steffen,
> 
> Am 03.08.2019 um 12:36 schrieb Steffen:
>> Changelog says mod_ssl needs patch.
>> That is a typo or where is the patch.
>>  *) mod_md: new features
>>     - supports the ACMEv2 protocol
>>     - new challenge method 'tls-alpn-01' implemented, needs mod_ssl patch to become available
> 
> I would say it's conatined in:
> 
>  *) mod_ssl/mod_md: reversing dependency by letting mod_ssl offer hooks for
>     adding certificates and keys to a virtual host. An additional hook allows
>     answering special TLS connections as used in ACME challenges.
>     Adding 2 new hooks for init/get of OCSP stapling status information when
>     other modules want to provide those. Falls back to own implementation with
>     same behaviour as before.
>     [Stefan Eissing]
> 
> especially in "An additional hook allows answering special TLS connections as used in ACME challenges.".
> 
> The refence to a needed mod_ssl patch is a bit hard tu understand here and probably had a historical reason, before that patch actually got applied to mod_ssl (and if you are using mod_md from github and mod_ssl is older).
> 
> Regards,
> 
> Rainer

Re: changelog mod_md ssl patch

Posted by Rainer Jung <ra...@kippdata.de>.

Hi Steffen,

Am 03.08.2019 um 12:36 schrieb Steffen:
> 
> 
> Changelog says mod_ssl needs patch.
> 
> That is a typo or where is the patch.
> 
> 
>   *) mod_md: new features
>      - supports the ACMEv2 protocol
>      - new challenge method 'tls-alpn-01' implemented, needs mod_ssl 
> patch to become available

I would say it's conatined in:

   *) mod_ssl/mod_md: reversing dependency by letting mod_ssl offer 
hooks for
      adding certificates and keys to a virtual host. An additional hook 
allows
      answering special TLS connections as used in ACME challenges.
      Adding 2 new hooks for init/get of OCSP stapling status 
information when
      other modules want to provide those. Falls back to own 
implementation with
      same behaviour as before.
      [Stefan Eissing]

especially in "An additional hook allows answering special TLS 
connections as used in ACME challenges.".

The refence to a needed mod_ssl patch is a bit hard tu understand here 
and probably had a historical reason, before that patch actually got 
applied to mod_ssl (and if you are using mod_md from github and mod_ssl 
is older).

Regards,

Rainer