enterprise-support team mailing list archive

[Virsacer <1803689@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

Appartently due to the inclusion of OpenSSL 1.1.1 a login with a client
certificate times out.

This is propably fixed in Apache 2.4.37 (already available in sid and
buster):

*) mod_ssl: Fix crash during SSL renegotiation with OptRenegotiate set,
     when client certificates are available from the original handshake
     but were originally not verified and should get verified now.
     This is a regression in 2.4.36 (unreleased). [Ruediger Pluem]

*) mod_ssl: Correctly merge configurations that have client certificates set
     by SSLProxyMachineCertificate{File|Path}. [Ruediger Pluem]

*) ab: Add client certificate support. [Graham Leggett]

*) mod_ssl: Add support for OpenSSL 1.1.1 and TLSv1.3.  TLSv1.3 has
     behavioural changes compared to v1.2 and earlier; client and
     configuration changes should be expected.  SSLCipherSuite is
     enhanced for TLSv1.3 ciphers, but applies at vhost level only.
     [Stefan Eissing, Yann Ylavic, Ruediger Pluem, Joe Orton]

** Affects: apache2 (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1803689

Title:
  Login with client cert times out

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1803689/+subscriptions