Bug 128669

Summary: First certificate in the certificate chain file is ignored
Product: [Fedora] Fedora Reporter: Kuba Ober <kuba>
Component: httpdAssignee: Joe Orton <jorton>
Status: CLOSED WORKSFORME QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 1   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-08-09 13:40:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Kuba Ober 2004-07-27 19:43:53 UTC
Description of problem: 
First certificate given in the SSLCertificateChainFile seems to be 
ignored by mod_ssl. 
If debug LogLevel is set in the secured VirtualHost directive, the 
following debug message will be seen in the ssl'd hosts' error log: 
'Configuring server certificate chain (0 CA certificates)'. The 
number "0" is invalid. 
 
Workaround: 
Pasting the first certificate twice works. The second certificate 
will be properly recognized and "1 CA certificates" will appear in 
the server certificate chain debug log message.

Comment 1 Joe Orton 2004-08-07 21:53:16 UTC
What version of httpd and mod_ssl are you using? This is supposed to
be fixed in 2.0.49 and later.

# rpm -q mod_ssl httpd


Comment 2 Kuba Ober 2004-08-09 13:40:14 UTC
Yep, it's 2.0.40. My bad.