From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7) Gecko/20040616

Description of problem:
When ssl is turned on, system-config-httpd insists on a CA chain file (to be exact, httpd crashes if the field is left blank). I don't know enough about key systems to know if this is correct behaviour or not. What I _do_ know is that the Makefile in /etc/pki/tls/certs supports the creation of self-signed keys, but in the process, does _not_ create a CA chain file. 

Version-Release number of selected component (if applicable):
system-config-httpd-1.3.2-2

How reproducible:
Always

Steps to Reproduce:
1.Follow the well-documented processes around the web to use /etc/pki/tls/certs/Makefile to create a self-signed certificate
2. Run system-config-httpd, turn on ssl, and fill the fields for which files have been created
3. save the configuration
4. restart httpd
  

Actual Results:  httpd crashes

Expected Results:  system-config-httpd should have created a valid httpd.conf file

Additional info:

I don't know what the correct behaviour should be here. I can think of at least four (not entirely mutually exclusive)
.system-config-httpd doesn't create a CA chain file directive if none is specified (I don't know if this is a reasonable behaviour or not)
.system-config-httpd _gives a helpful error message_ if a null CA chain file is specified
./etc/pki/tls/certs/Makefile creates a dummy CA chain file when it creates a self-signed certificate
.the documentation (should be both the Makefile and system-config-httpd) tells you what to do about the CA chain file when you create a self-signed certificate

I also don't know how serious this bug is; I seem to have gotten around it by pointing the CA chain file to the default CA-bundle file, but I have no idea whether this is a reasonable solution or if I have just opened up a huge security hole.