apache2-2.4.29-1ubuntu4.12 causes SSL Client Certificate verification to fail

Bug #1865999 reported by fluff on 2020-03-04
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
apache2 (Ubuntu)
Undecided
Unassigned

Bug Description

Upgraded from apache2-2.4.29-1ubuntu4.11 to apache2-2.4.29-1ubuntu4.12 caused SSL Client certificate verification to stop working. Downgrading apache2, apache2-bin, apache2-data, apache2-utils back to 2.4.29-1ubuntu4.11 restored SSL Client certificate verification functionality. No configuration changes where made.

---
In /etc/apache2/mods-enabled/ssl.conf:

SSLCACertificateFile "/etc/ssl/certs/ca.pem"

In /etc/apache2/sites-enabled/000-default-le-ssl.conf:
<Location "/wp-login.php">
   <If "! -R 'n.n.n.n/32'">
      SSLOptions +StdEnvVars
      SSLVerifyClient require
   </If>
</Location>
---
Log output when connecting to apache2-2.4.29-1ubuntu4.12:

[Wed Mar 04 08:03:21.266624 2020] [ssl:error] [pid 20037:tid 140559339464448] [client 1.2.3.4] AH: verify client post handshake
[Wed Mar 04 08:03:28.654651 2020] [ssl:error] [pid 20037:tid 140559339464448] [client 1.2.3.4] AH02263: Re-negotiation handshake failed: Client certificate missing

---
root@www:/var/log# lsb_release -rd
Description: Ubuntu 18.04.4 LTS
Release: 18.04

fluff (dune-fluffigt) on 2020-03-04
description: updated
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in apache2 (Ubuntu):
status: New → Confirmed
Paride Legovini (paride) wrote :

I'm marking this bug as a duplicate of #1865900. Please comment back if you don't agree the two bug reports are for the same issue.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers