Bug 11162 - Startup error with multiple SSL certificates
Startup error with multiple SSL certificates
Status: CLOSED ERRATA
Product: Red Hat Secure Web Server
Classification: Retired
Component: secureweb (Show other bugs)
3.2
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-05-01 17:24 EDT by Bailey, Greg
Modified: 2008-05-01 11:37 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-05-08 19:08:09 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Bailey, Greg 2000-05-01 17:24:34 EDT
I'm trying to configure multiple SSL-enabled sites with Secure Web Server
version 3.2 as included with RedHat 6.2 Professional.  I have working
KEY/CERTIFICATE combinations for both sites, currently being used with
Apache-SSL.

In trying to replace Apache-SSL with RedHat Secure Web Server, I am unable
to start the webserver when both IP-based virtual hosts are configured.

I'm getting the following error:

[Fri Apr 28 09:49:01 2000] [error] mod_ssl: Couldn't recover size of server
key www.enhancecom.com:443/KEY_LENGTH

Does anyone have a simple configuration file that simply adds an IP-based
virtual host that is SSL enabled?
Comment 1 Bailey, Greg 2000-05-02 14:43:59 EDT
I have tested these keys and configuration with Apache 1.3.12 + mod_ssl 2.6.3 +
OpenSSL 0.9.5a, and DID NOT encounter this bug.

Consequently, I believe this to be a bug either in BSAFE or with RedHat's
integration w/BSAFE, although without the source it's difficult to tell, isn't
it?  :-(
Comment 2 Nalin Dahyabhai 2000-05-03 14:57:59 EDT
What sort of keys are the certificates generated with?  Are they signed by a
root CA, or local?
Comment 3 Nalin Dahyabhai 2000-05-04 11:29:59 EDT
This is a confirmed bug.  An errata is being tested.
Comment 4 Need Real Name 2000-07-28 17:16:43 EDT
Bug is not fixed.  Now even when trying to use SSL with a single domain 
environment, errors are generated in the ssl_engine_log file and the server 
crashes.

I was running 3.2-12, and I applied the errata to v3.2.1-1 and I still get the 
error with the SSL engine being unable to determine the length of the key.

Mr. Kang in Incident support has copies of all of our log files and our 
configuration file.  This error is reproduceable, and support feels that it is 
a bug.

Note You need to log in before you can comment on or make changes to this bug.