Re: [users@httpd] old game - method POST not allowed when using SSL client certs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

there wasn patch for 2.0.54, thers also an BugReport at http://issues.apache.org/bugzilla/show_bug.cgi?id=12355, i know
k will try the patch for 2.0.54 which hopefully works with 2.0.59, cant update to 2.2.0 because of some third-party modules 

regards

Serge Dubrouski schrieb:

The only way is upgrading to 2.2.3. It's a well known bug in 2.0.XX
that was fixed in 2.2.X

On 10/12/06, masro <masro@xxxxxxx> wrote:

Hi List,
i do an update from Apache 2.0.54 to 2.0.59, now i've the following problem: 

The following VHOST configuration dosent work, when i use POST requests
within the secured directory

<VirtualHost *:443>
       ServerName xgames.org
       DocumentRoot "/htdocs/"
       SSLEngine On
       SSLCertificateFile conf/cert/server.crt
       SSLCertificateKeyFile conf/cert/server.key
       SSLCACertificateFile conf/cert/ca-bundle.cer
       SSLVerifyDepth 3
       SSLOptions +StdEnvVars +OptRenegotiate +ExportCertData
       SSLVerifyClient optional
       <Directory /htdocs/secure>
               SSLVerifyClient require
       </Directory>
</VirtualHost>

Got errors like:
[Thu Oct 12 11:09:32 2006] [error] SSL Re-negotiation in conjunction
with POST method not supported! hint: try SSLOptions +OptRenegotiate

When i use the following configuration it work's. I've to use
"SSLVerifyClient none" instead of "SSLVerifyClient optional", may it be
a bug or a feature, possibly im only to stupid, please tell me if i'm a
dump fool ;-)

<VirtualHost *:443>
       ServerName xgames.org
       DocumentRoot "/htdocs/"
       SSLEngine On
       SSLCertificateFile conf/cert/server.crt
       SSLCertificateKeyFile conf/cert/server.key
       SSLCACertificateFile conf/cert/ca-bundle.cer
       SSLVerifyDepth 3
       SSLOptions +StdEnvVars +OptRenegotiate +ExportCertData
       SSLVerifyClient none
       <Directory /htdocs/secure>
               SSLVerifyClient require
       </Directory>
</VirtualHost>

Why i can't use "SSLVerifyClient optional" ?

regards
Christian Gottschalch



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project. 
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project. 
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux