Bug 1161328

Summary: [mod_ssl] Revoked Certificates are logged at the DEBUG level
Product: Red Hat Enterprise Linux 6 Reporter: Timothy Williams <tiwillia>
Component: httpdAssignee: Luboš Uhliarik <luhliari>
Status: CLOSED ERRATA QA Contact: Filip Holec <fholec>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.5CC: dkutalek, jkaluza, jorton, psplicha
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: httpd-2.2.15-40.el6 Doc Type: Bug Fix
Doc Text:
When a client presented a revoked certificate, log entries were created only at the debug level. With this update, the log level of messages regarding a revoked certificate has been increased to INFO, and administrators are now properly informed of this situation.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2015-07-22 05:53:36 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Timothy Williams 2014-11-06 22:22:03 UTC 
Description of problem:

When a client presents a revoked certificate, log entries are created only at the debug level. This is an error that, in production, needs to be logged. However, production servers generally should not be running the debug log level.

Version-Release number of selected component (if applicable):
2.2.15

Upstream patch: https://issues.apache.org/bugzilla/show_bug.cgi?id=52162
Comment 6 errata-xmlrpc 2015-07-22 05:53:36 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-1249.html