Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 968389

Summary: private key before PEM certificate causes Segfault
Product: [JBoss] JBoss Enterprise Web Server 2 Reporter: Eric Rich <erich>
Component: httpdAssignee: Mladen Turk <mturk>
Status: CLOSED WONTFIX QA Contact: Michal Karm Babacek <mbabacek>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 2.0.1CC: aogburn, bsikora, cdewolf, jawilson, jclere, jdoyle, jstefl, mturk, myarboro, pslavice, rmarwaha, rsvoboda, smumford
Target Milestone: ---Flags: mturk: needinfo-
mturk: needinfo-
mturk: needinfo-
Target Release: 2.1.0   
Hardware: All   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Known Issue
Doc Text:
In JBoss Enterprise Web Server sending a request via a mod_proxy reverse proxy to a https backend results in a segfault. Using gdb shows that having the private key before the certificate in <classname>SSLProxyMachineCertificateFile</classname> triggers the segfault. This is a known issue in JBoss Enterprise Web Server 3.0 and there is currently no workaround for this problem.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2017-10-10 15:50:58 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Eric Rich 2013-05-29 15:33:34 UTC 
Description of problem:

Bug 52212 - SSLProxyMachineCertificateFile key first causes segfault
https://issues.apache.org/bugzilla/show_bug.cgi?id=52212

This is fixed in RHEL per http://rhn.redhat.com/errata/RHSA-2013-0512.html

EWS needs a fix.
Comment 5 Jean-frederic Clere 2013-12-06 15:49:38 UTC 
It seems it require an openssl upgrade.
Comment 6 Jean-frederic Clere 2014-02-13 13:42:36 UTC 
It seems there is a fix in  httpd-2.2.25 for it.
Comment 9 Libor Fuka 2014-06-16 13:58:48 UTC 
There is a difference in patch behaviour on MS Windows. It writes only: 
for SSL proxy (missing or encrypted private key?) 
to httpd error_log.
The log message on RHEL and Solaris:
incomplete client cert configured for SSL proxy (missing or encrypted private key?)

Do we know why is this difference ?
Comment 11 Jan Stefl 2014-07-25 07:30:14 UTC 
Could we please do conclusion here?
Comment 12 Bogdan Sikora 2015-07-21 11:43:19 UTC 
https://issues.jboss.org/browse/JWS-27
Comment 15 Red Hat Bugzilla 2023-09-14 01:44:42 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days