2020-03-04 08:30:41 |
fluff |
description |
Upgraded from apache2-2.4.29-1ubuntu4.11 to apache2-2.4.29-1ubuntu4.12 caused SSL Client certificate verification to stop working. Downgrading apache2, apache2-bin, apache2-data, apache2-utils back to 2.4.29-1ubuntu4.11 restored SSL Client certificate verification functionality. No configuration changes where made.
---
In /etc/apache2/mods-enabled/ssl.conf:
SSLCACertificateFile "/etc/ssl/certs/ca.pem"
In /etc/apache2/sites-enabled/000-default-le-ssl.conf:
<Location "/wp-login.php">
<If "! -R 'n.n.n.n/32'">
SSLOptions +StdEnvVars
SSLVerifyClient require
</If>
</Location>
---
root@www:/var/log# lsb_release -rd
Description: Ubuntu 18.04.4 LTS
Release: 18.04 |
Upgraded from apache2-2.4.29-1ubuntu4.11 to apache2-2.4.29-1ubuntu4.12 caused SSL Client certificate verification to stop working. Downgrading apache2, apache2-bin, apache2-data, apache2-utils back to 2.4.29-1ubuntu4.11 restored SSL Client certificate verification functionality. No configuration changes where made.
---
In /etc/apache2/mods-enabled/ssl.conf:
SSLCACertificateFile "/etc/ssl/certs/ca.pem"
In /etc/apache2/sites-enabled/000-default-le-ssl.conf:
<Location "/wp-login.php">
<If "! -R 'n.n.n.n/32'">
SSLOptions +StdEnvVars
SSLVerifyClient require
</If>
</Location>
---
Log output when connecting to apache2-2.4.29-1ubuntu4.12:
[Wed Mar 04 08:03:21.266624 2020] [ssl:error] [pid 20037:tid 140559339464448] [client 1.2.3.4] AH: verify client post handshake
[Wed Mar 04 08:03:28.654651 2020] [ssl:error] [pid 20037:tid 140559339464448] [client 1.2.3.4] AH02263: Re-negotiation handshake failed: Client certificate missing
---
root@www:/var/log# lsb_release -rd
Description: Ubuntu 18.04.4 LTS
Release: 18.04 |
|