Activity log for bug #1865900

Date Who What changed Old value New value Message
2020-03-03 16:04:20 Riho Kalbus bug added bug
2020-03-04 19:36:44 Bryce Harrington apache2 (Ubuntu): status New Incomplete
2020-03-04 19:36:52 Bryce Harrington tags regression-update
2020-03-04 19:37:05 Bryce Harrington bug added subscriber Canonical Server Team
2020-03-04 19:37:06 Simon Déziel bug added subscriber Simon Déziel
2020-03-04 19:47:39 Marc Deslauriers bug added subscriber Marc Deslauriers
2020-03-05 10:39:03 Riho Kalbus tags regression-update apport-collected bionic regression-update
2020-03-05 10:39:04 Riho Kalbus description Ubuntu 18.04.4 LTS, after update from apache 2.4.29-1ubuntu4.11 to apache 2.4.29-1ubuntu4.12 authentication with client certificate stopped working. No certificate is requested from client browser and apahce log has error: [Tue Mar 03 16:03:34.964389 2020] [ssl:debug] [pid 12384:tid 139853354215168] ssl_engine_kernel.c(2217): AH02041: Protocol: TLSv1.3, Cipher: TLS_AES_256_GCM_SHA384 (256/256 bits) [Tue Mar 03 16:03:36.499614 2020] [ssl:debug] [pid 12383:tid 139853481088768] ssl_engine_io.c(1106): AH02001: Connection closed to child 1 with standard shutdown [Tue Mar 03 16:03:37.714744 2020] [ssl:debug] [pid 12384:tid 139853481088768] ssl_engine_kernel.c(383): AH02034: Initial (No.1) HTTPS request received for child 65 (server devel.liisi.ee:443), referer: https://devel.liisi.ee:8950/accounts/login/ [Tue Mar 03 16:03:37.714941 2020] [ssl:error] [pid 12384:tid 139853481088768] AH: verify client post handshake, referer: https://devel.liisi.ee:8950/accounts/login/ A temporary workaround is to disable the whole TLSv1.3 protocol in the vhost configuration. Ubuntu 18.04.4 LTS, after update from apache 2.4.29-1ubuntu4.11 to apache 2.4.29-1ubuntu4.12 authentication with client certificate stopped working. No certificate is requested from client browser and apahce log has error: [Tue Mar 03 16:03:34.964389 2020] [ssl:debug] [pid 12384:tid 139853354215168] ssl_engine_kernel.c(2217): AH02041: Protocol: TLSv1.3, Cipher: TLS_AES_256_GCM_SHA384 (256/256 bits) [Tue Mar 03 16:03:36.499614 2020] [ssl:debug] [pid 12383:tid 139853481088768] ssl_engine_io.c(1106): AH02001: Connection closed to child 1 with standard shutdown [Tue Mar 03 16:03:37.714744 2020] [ssl:debug] [pid 12384:tid 139853481088768] ssl_engine_kernel.c(383): AH02034: Initial (No.1) HTTPS request received for child 65 (server devel.liisi.ee:443), referer: https://devel.liisi.ee:8950/accounts/login/ [Tue Mar 03 16:03:37.714941 2020] [ssl:error] [pid 12384:tid 139853481088768] AH: verify client post handshake, referer: https://devel.liisi.ee:8950/accounts/login/ A temporary workaround is to disable the whole TLSv1.3 protocol in the vhost configuration. --- ProblemType: Bug Apache2ConfdDirListing: False Apache2Modules: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.20.4.138. Set the 'ServerName' directive globally to suppress this message httpd (pid 13567) already running ApportVersion: 2.20.9-0ubuntu7.11 Architecture: amd64 DistroRelease: Ubuntu 18.04 InstallationDate: Installed on 2010-05-21 (3576 days ago) InstallationMedia: Ubuntu-Server 10.04 LTS "Lucid Lynx" - Release amd64 (20100427) Package: apache2 2.4.29-1ubuntu4.12 PackageArchitecture: amd64 ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash ProcVersionSignature: Ubuntu 4.15.0-88.88-generic 4.15.18 Tags: bionic Uname: Linux 4.15.0-88-generic x86_64 UpgradeStatus: Upgraded to bionic on 2018-10-16 (505 days ago) UserGroups: _MarkForUpload: True error.log: [Thu Mar 05 06:25:05.942445 2020] [ssl:warn] [pid 13567:tid 140475868056512] AH01909: klient.liisi.ee:443:0 server certificate does NOT include an ID which matches the server name [Thu Mar 05 06:25:05.945212 2020] [mpm_worker:notice] [pid 13567:tid 140475868056512] AH00292: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.1 mod_wsgi/4.5.17 Python/3.6 configured -- resuming normal operations [Thu Mar 05 06:25:05.945234 2020] [core:notice] [pid 13567:tid 140475868056512] AH00094: Command line: '/usr/sbin/apache2' modified.conffile..etc.apache2.mods-available.reqtimeout.conf: [modified] modified.conffile..etc.apache2.ports.conf: [modified] modified.conffile..etc.apache2.sites-available.000-default.conf: [modified] mtime.conffile..etc.apache2.mods-available.reqtimeout.conf: 2020-03-03T16:33:43.294515 mtime.conffile..etc.apache2.ports.conf: 2014-10-22T16:31:31.217125 mtime.conffile..etc.apache2.sites-available.000-default.conf: 2019-10-16T13:29:08.811073
2020-03-05 10:39:05 Riho Kalbus attachment added Dependencies.txt https://bugs.launchpad.net/bugs/1865900/+attachment/5333776/+files/Dependencies.txt
2020-03-05 10:39:06 Riho Kalbus attachment added ProcCpuinfoMinimal.txt https://bugs.launchpad.net/bugs/1865900/+attachment/5333777/+files/ProcCpuinfoMinimal.txt
2020-03-05 10:39:07 Riho Kalbus attachment added linkweb.conf.txt https://bugs.launchpad.net/bugs/1865900/+attachment/5333778/+files/linkweb.conf.txt
2020-03-05 10:39:08 Riho Kalbus attachment added tangoweb.conf.txt https://bugs.launchpad.net/bugs/1865900/+attachment/5333779/+files/tangoweb.conf.txt
2020-03-05 14:02:40 Robie Basak tags apport-collected bionic regression-update apport-collected bionic bionic-openssl-1.1 regression-update
2020-03-05 14:02:50 Robie Basak bug added subscriber Robie Basak
2020-03-05 14:21:48 Marc Deslauriers bug watch added https://github.com/urllib3/urllib3/issues/1634
2020-03-05 14:24:13 Dan Streetman bug added subscriber Dan Streetman
2020-03-05 15:17:43 Ken Dreyer (Red Hat) bug watch added https://bugzilla.redhat.com/show_bug.cgi?id=1761403
2020-03-05 15:17:43 Ken Dreyer (Red Hat) bug watch added http://bugs.python.org/issue37428
2020-03-05 19:01:15 Andreas Hasenack bug watch added http://bugs.python.org/issue37440
2020-03-09 17:41:50 Robie Basak tags apport-collected bionic bionic-openssl-1.1 regression-update apport-collected bionic bionic-openssl-1.1 regression-update server-next
2020-03-09 17:41:58 Robie Basak bug added subscriber Ubuntu Server
2020-03-10 11:19:03 Robie Basak apache2 (Ubuntu): status Incomplete New
2020-03-16 16:07:38 Christian Ehrhardt  apache2 (Ubuntu): status New In Progress
2020-03-16 16:07:48 Christian Ehrhardt  apache2 (Ubuntu): assignee Marc Deslauriers (mdeslaur)
2020-03-16 16:30:44 Christian Ehrhardt  bug task added requests (Ubuntu)
2020-03-16 16:31:02 Christian Ehrhardt  requests (Ubuntu): status New Confirmed
2020-03-16 16:31:50 Christian Ehrhardt  bug task added python-urllib3 (Ubuntu)
2020-03-16 16:32:02 Christian Ehrhardt  python-urllib3 (Ubuntu): status New Confirmed
2020-03-16 16:32:29 Andreas Hasenack bug task added ubuntu-release-notes
2020-03-16 16:32:38 Andreas Hasenack ubuntu-release-notes: status New Confirmed
2020-03-16 16:33:37 Andreas Hasenack bug added subscriber Andreas Hasenack
2020-03-25 09:48:48 Vladimir Mencl bug watch added https://bz.apache.org/bugzilla/show_bug.cgi?id=64263
2020-03-26 12:06:42 Marc Deslauriers bug watch added https://bz.apache.org/bugzilla/show_bug.cgi?id=63368
2020-06-17 14:10:59 Christian Ehrhardt  tags apport-collected bionic bionic-openssl-1.1 regression-update server-next apport-collected bionic bionic-openssl-1.1 regression-update