+++ This bug was initially created as a clone of Bug #488886 +++ Description of problem: If SSLClientVerify for a <directory> is configured, such as: <Directory "/var/www/html/site"> SSLVerifyClient require SSLVerifyDepth 10 </Directory> And mod rewrite is configured for this site: (via .htaccess in before mentioned directory) RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !=/favicon.ico RewriteRule ^(.*)$ index.php?q=$1 [L,QSA] Submitting a POST with variables defined do NOT show up on the script/php side. Disabling mod_rewrite or SSLVerifyClient for the path will cause POST variables to be defined. Version-Release number of selected component (if applicable): How reproducible: every time Steps to Reproduce: 1. setup an https server with a certificate bundle and turn on sslVerifyClient 2. install a client certificate in your browser 3. setup mod rewrite rules 4. load any page, and try to submit POST variables. phpinfo() will show no $_POST is defined. Actual results: no $_POST variables in php land with this configuration Expected results: need those $_POST variables Additional info: --- Additional comment from jorton on 2009-03-06 05:39:07 EDT --- Ah, this is a known bug in the mod_ssl per-dir-reneg code; I fixed it upstream a while back. Thanks for the report. --- Additional comment from jorton on 2009-03-06 05:40:39 EDT --- Fixed upstream by: http://svn.apache.org/viewvc?rev=591393&view=rev
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause: Consequence: Fix: Result:
Please be so kind and add a few key words to the technical note of this bugzilla entry using the following structure: Cause: Consequence: Fix: Result: Thanks
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0237.html