Bug 1161328 – [mod_ssl] Revoked Certificates are logged at the DEBUG level

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1161328 - [mod_ssl] Revoked Certificates are logged at the DEBUG level

Summary:	[mod_ssl] Revoked Certificates are logged at the DEBUG level

Status:	CLOSED ERRATA

Aliases:	None

Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	httpd (Show other bugs)
Sub Component:
Version:	6.5
Hardware:	x86_64 Linux

Priority	unspecified Severity medium
Target Milestone:	rc
Target Release:	---
Assigned To:	Web Stack Team
QA Contact:	Filip Holec
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2014-11-06 17:22 EST by Timothy Williams
Modified:	2016-04-18 06:27 EDT (History)
CC List:	4 users (show)

See Also:
Fixed In Version:	httpd-2.2.15-40.el6
Doc Type:	Bug Fix
Doc Text:	When a client presented a revoked certificate, log entries were created only at the debug level. With this update, the log level of messages regarding a revoked certificate has been increased to INFO, and administrators are now properly informed of this situation.
Story Points:	---
Clone Of:
Environment:
Last Closed:	2015-07-22 01:53:36 EDT
Type:	Bug
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2015:1249	normal	SHIPPED_LIVE	Low: httpd security, bug fix, and enhancement update	2015-07-20 13:50:12 EDT

Groups: None (edit)

Description Timothy Williams 2014-11-06 17:22:03 EST

Description of problem:

When a client presents a revoked certificate, log entries are created only at the debug level. This is an error that, in production, needs to be logged. However, production servers generally should not be running the debug log level.

Version-Release number of selected component (if applicable):
2.2.15

Upstream patch: https://issues.apache.org/bugzilla/show_bug.cgi?id=52162

Comment 6 errata-xmlrpc 2015-07-22 01:53:36 EDT

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-1249.html

Note You need to log in before you can comment on or make changes to this bug.