There is an issue in the interaction of the mod_ssl/openssl buffer handling which results in a hanging connection, when the server is using a certificate from the CERN CA and there are more than 85 trusted CA certificates. The original issue with a suggested workaround: https://savannah.cern.ch/bugs/?48458 mod_ssl follow up with test case: https://issues.apache.org/bugzilla/show_bug.cgi?id=46952 related openssl bug (guest/guest): http://rt.openssl.org/Ticket/Display.html?id=1949 upstream mod_ssl patch http://svn.apache.org/viewvc?view=rev&revision=787722
Note that the fix required for this is: http://svn.apache.org/viewvc?view=rev&revision=788715 not r787722 as indicated above, which only helps with if the associated OpenSSL patch is applied. It is sufficient to apply r788715 and we'll backport just that change.
~~ Attention Customers and Partners - RHEL 5.5 Beta is now available on RHN ~~ RHEL 5.5 Beta has been released! There should be a fix present in this release that addresses your request. Please test and report back results here, by March 3rd 2010 (2010-03-03) or sooner. Upon successful verification of this request, post your results and update the Verified field in Bugzilla with the appropriate value. If you encounter any issues while testing, please describe them and set this bug into NEED_INFO. If you encounter new defects or have additional patch(es) to request for inclusion, please clone this bug per each request and escalate through your support representative.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2010-0252.html