Bug 968389 - private key before PEM certificate causes Segfault [NEEDINFO]
private key before PEM certificate causes Segfault
Status: CLOSED WONTFIX
Product: JBoss Enterprise Web Server 2
Classification: JBoss
Component: httpd (Show other bugs)
2.0.1
All Unspecified
unspecified Severity medium
: ---
: 2.1.0
Assigned To: Mladen Turk
Michal Karm Babacek
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-05-29 11:33 EDT by Eric Rich
Modified: 2017-10-10 11:50 EDT (History)
13 users (show)

See Also:
Fixed In Version:
Doc Type: Known Issue
Doc Text:
In JBoss Enterprise Web Server sending a request via a mod_proxy reverse proxy to a https backend results in a segfault. Using gdb shows that having the private key before the certificate in <classname>SSLProxyMachineCertificateFile</classname> triggers the segfault. This is a known issue in JBoss Enterprise Web Server 3.0 and there is currently no workaround for this problem.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-10-10 11:50:58 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
myarboro: needinfo? (jawilson)
lfuka: needinfo? (mturk)
weli: needinfo? (mturk)
bsikora: needinfo? (mturk)


Attachments (Terms of Use)

  None (edit)
Description Eric Rich 2013-05-29 11:33:34 EDT
Description of problem:

Bug 52212 - SSLProxyMachineCertificateFile key first causes segfault
https://issues.apache.org/bugzilla/show_bug.cgi?id=52212

This is fixed in RHEL per http://rhn.redhat.com/errata/RHSA-2013-0512.html

EWS needs a fix.
Comment 5 Jean-frederic Clere 2013-12-06 10:49:38 EST
It seems it require an openssl upgrade.
Comment 6 Jean-frederic Clere 2014-02-13 08:42:36 EST
It seems there is a fix in  httpd-2.2.25 for it.
Comment 9 Libor Fuka 2014-06-16 09:58:48 EDT
There is a difference in patch behaviour on MS Windows. It writes only: 
for SSL proxy (missing or encrypted private key?) 
to httpd error_log.
The log message on RHEL and Solaris:
incomplete client cert configured for SSL proxy (missing or encrypted private key?)

Do we know why is this difference ?
Comment 11 Jan Stefl 2014-07-25 03:30:14 EDT
Could we please do conclusion here?
Comment 12 Bogdan Sikora 2015-07-21 07:43:19 EDT
https://issues.jboss.org/browse/JWS-27

Note You need to log in before you can comment on or make changes to this bug.