Bug 11162 - Startup error with multiple SSL certificates
Summary: Startup error with multiple SSL certificates
Alias: None
Product: Red Hat Secure Web Server
Classification: Retired
Component: secureweb
Version: 3.2
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2000-05-01 21:24 UTC by Bailey, Greg
Modified: 2008-05-01 15:37 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2000-05-08 23:08:09 UTC

Attachments (Terms of Use)

Description Bailey, Greg 2000-05-01 21:24:34 UTC
I'm trying to configure multiple SSL-enabled sites with Secure Web Server
version 3.2 as included with RedHat 6.2 Professional.  I have working
KEY/CERTIFICATE combinations for both sites, currently being used with

In trying to replace Apache-SSL with RedHat Secure Web Server, I am unable
to start the webserver when both IP-based virtual hosts are configured.

I'm getting the following error:

[Fri Apr 28 09:49:01 2000] [error] mod_ssl: Couldn't recover size of server
key www.enhancecom.com:443/KEY_LENGTH

Does anyone have a simple configuration file that simply adds an IP-based
virtual host that is SSL enabled?

Comment 1 Bailey, Greg 2000-05-02 18:43:59 UTC
I have tested these keys and configuration with Apache 1.3.12 + mod_ssl 2.6.3 +
OpenSSL 0.9.5a, and DID NOT encounter this bug.

Consequently, I believe this to be a bug either in BSAFE or with RedHat's
integration w/BSAFE, although without the source it's difficult to tell, isn't
it?  :-(

Comment 2 Nalin Dahyabhai 2000-05-03 18:57:59 UTC
What sort of keys are the certificates generated with?  Are they signed by a
root CA, or local?

Comment 3 Nalin Dahyabhai 2000-05-04 15:29:59 UTC
This is a confirmed bug.  An errata is being tested.

Comment 4 Need Real Name 2000-07-28 21:16:43 UTC
Bug is not fixed.  Now even when trying to use SSL with a single domain 
environment, errors are generated in the ssl_engine_log file and the server 

I was running 3.2-12, and I applied the errata to v3.2.1-1 and I still get the 
error with the SSL engine being unable to determine the length of the key.

Mr. Kang in Incident support has copies of all of our log files and our 
configuration file.  This error is reproduceable, and support feels that it is 
a bug.

Note You need to log in before you can comment on or make changes to this bug.