Description of problem: Ever since we started using the newer mod_nss RPM (mod_nss-1.0.8-3.el5), a number of these errors started appearing in the /var/log/httpd/error_log file: [error] Unable to read from pin store for slot: NSS FIPS 140-2 Certificate DB APR err: 11 [error] Unable to read from pin store for slot: NSS FIPS 140-2 Certificate DB APR err: 70007 Version-Release number of selected component (if applicable): mod_nss-1.0.8-3.el5 How reproducible: As long as the RPM is installed and enabled, the errors keep appearing. Steps to Reproduce: 1. yum install mod_nss 2. Verify that NSSFIPS is enabled in the nss.conf 3. Restart Apache process 4. Test SSL connectivity Additional info: I have used the workaround as per Bugzilla case #669963 (https://bugzilla.redhat.com/show_bug.cgi?id=669963) for getting httpd to actually start since the permissions and ownership had changed with the new build release.
Created attachment 487040 [details] Current nss.conf configuration file
*** This bug has been marked as a duplicate of bug 677698 ***
"You are not authorized to access bug #677698. " May I ask that What The F^HSituation with that bug? I cannot think any reason to be secretive about a bug in an open source product but security hole. Soon we will have an anniversary. A security bug must not take so much time to fix.
It is fixed in RHEL 5.8.
What is fixed exactly?
When is the mod_nss-1.0.8-5.el5 RPM going to be released?