Tue Mar 19 2024 06:04:38 UTC
42
Hide Search Description
109 bugs found.
ID Product Comp Assignee Status Resolution Summary Changed
42688 Apache h mod_ssl bugs NEW --- engine managed keys: per process openssl context 2011-12-19
45054 Apache h mod_ssl bugs NEW --- SSLVerifyClient optional_no_ca is broken 2013-11-21
45058 Apache h mod_ssl bugs NEW --- Mod_SSL does not set AUTH_TYPE with client certificate authentication 2019-09-11
47514 Apache h mod_ssl bugs NEW --- Personal data and restrictions based on subject directory attributes extension 2009-07-13
49717 Apache h mod_ssl bugs NEW --- PATCH: Enable SSL Timeout 2011-02-12
52495 Apache h mod_ssl bugs NEW --- CACertificate, CADNCertificate, CARevocation, CertificateChain, Certifcate and CertificateKey per directory context 2012-02-04
52874 Apache h mod_ssl bugs NEW --- Support Use TrustedFirst checking when verifying client certificate chain 2012-03-13
53156 Apache h mod_ssl bugs NEW --- CRL validation fails if CRL is missing 2014-07-03
53899 Apache h mod_ssl bugs NEW --- SSL_OP_ALL disables the mitigation code for CVE-2011-3389 2013-06-23
54385 Apache h mod_ssl bugs NEW --- SSL configuration independent from virtual hosts, automatic certificate selection. 2013-01-08
54830 Apache h mod_ssl bugs NEW --- Make SSLPProxyMachineCertificateFile configurable per location 2013-04-11
55458 Apache h mod_ssl bugs NEW --- allow to configure what mod_ssl responds when one doesn't talk TLS/SSL to the port 2013-08-20
55467 Apache h mod_ssl bugs NEW --- Support for OpenSSL custom TLS extensions and supplemental data 2014-02-18
55942 Apache h mod_ssl bugs NEW --- 400 - Bad Request on POST (Windows Server 2012 Hyper-V with SSL) 2019-06-19
56028 Apache h mod_ssl bugs NEW --- Add http/1.0, http/1.1 NPN advertisement to enable TLS False Start 2015-01-27
56135 Apache h mod_ssl bugs NEW --- Add DC to list of x509 components 2014-02-13
56475 Apache h mod_ssl bugs NEW --- Allow TLS record size to be configured 2014-04-30
56508 Apache h mod_ssl bugs NEW --- Requiring SNI - SSLStrictSNIVHostCheck semantics 2014-07-16
56587 Apache h mod_ssl bugs NEW --- Many VirtualHost's with SSLEngine On 2014-06-03
56843 Apache h mod_ssl bugs NEW --- Support different OCSP stapling max ages 2014-08-12
57121 Apache h mod_ssl bugs NEW --- ocsp stapling should not pass temporary server outages to clients 2020-04-04
57131 Apache h mod_ssl bugs NEW --- OCSP Stapling scalability concern 2015-05-23
57159 Apache h mod_ssl bugs NEW --- mod_ssl OCSP Stapling directives don't support per-certificate settings 2014-10-28
57360 Apache h mod_ssl bugs NEW --- Fail gracefully on certificate/key mismatch 2023-01-06
57646 Apache h mod_ssl bugs NEW --- SSLEngine inside If directive 2015-02-27
57680 Apache h mod_ssl bugs NEW --- SSLSessionCacheTimeout has no effect 2015-03-09
57949 Apache h mod_ssl bugs NEW --- new mod_ssl environment variable SSL_{CLIENT|SERVER}_EXT_KEYUSAGE_purpose 2015-05-25
58007 Apache h mod_ssl bugs NEW --- 400 Bad Request with fully qualified domain name over HTTPS 2018-09-06
58288 Apache h mod_ssl bugs NEW --- Semaphore amount increase until crash when enabling SSLProxyCACertificateFile 2018-05-07
58901 Apache h mod_ssl bugs NEW --- Download of large file is aborted in SSL_write on EINTR 2019-01-06
59049 Apache h mod_ssl bugs NEW --- Apache doesn't recover from OCSP decode error 2017-09-22
59626 Apache h mod_ssl bugs NEW --- mod_ssl configuration directives ExportCertData and StdEnvVars, and other ssl environment variables can't be used with a fastcgi authenticator 2016-05-24
59957 Apache h mod_ssl bugs NEW --- Suppress or reduce severity of AH01906 for self-signed certificates 2016-08-07
60028 Apache h mod_ssl bugs NEW --- mod_ssl does not accept expired client certificates even with SSLVerifyClient optional_no_ca 2016-08-22
60182 Apache h mod_ssl bugs NEW --- SSLStaplingFakeTryLater Deviates From Documented Behavior of Only Being Effective When SSLStaplingReturnResponderErrors is On 2021-11-09
60186 Apache h mod_ssl bugs NEW --- Adding a SSL Verify directive to accept expired client certificate 2016-09-29
60456 Apache h mod_ssl bugs NEW --- export SSL_CLIENT_SAN_IPaddr variable 2017-08-08
60457 Apache h mod_ssl bugs NEW --- SSLOCSPEnable setting is not inherited from server config into vhost config 2016-12-08
60739 Apache h mod_ssl bugs NEW --- SSLProtocol settings seem to have no effect 2019-12-10
60843 Apache h mod_ssl bugs NEW --- mod_ssl_ct sends empty SCT TLS extension 2017-03-09
60943 Apache h mod_ssl bugs NEW --- mod_ssl enables all of OpenSSL's built-in engines, even when in FIPS mode. 2017-03-30
60947 Apache h mod_ssl bugs NEW --- Segfault on startup when using mod_ssl with APR-crypto 2021-06-26
61081 Apache h mod_ssl bugs NEW --- per-domain SNI (to override per-vhost SNI) 2018-08-29
61453 Apache h mod_ssl bugs NEW --- OCSP Stapling: SSLStaplingFakeTryLater responses cached too long 2020-03-17
61500 Apache h mod_ssl bugs NEW --- unable to compile mod_ssl_ct using CMAKE and win32 2017-09-18
61531 Apache h mod_ssl bugs NEW --- SSLStaplingReturnResponderErrors should return last cached response if is an error upstream 2017-09-17
61818 Apache h mod_ssl bugs NEW --- OCSP "SSLUseStapling on" completely blocking the server when something is off with the responder 2021-09-22
61929 Apache h mod_ssl bugs NEW --- Configure mod_ssl for send empty distinguished names list 2019-02-11
61984 Apache h mod_ssl bugs NEW --- mod_ssl has SSLProxyVerify set to none by default 2018-01-10
62346 Apache h mod_ssl bugs NEW --- LibreSSL 2.7.2+ blocks load of mod_ssl, Undefined symbol "OPENSSL_malloc_init" 2018-05-02
62400 Apache h mod_ssl bugs NEW --- OCSP Stapling should not serve OCSP responses from the cache even after they expire 2018-05-23
63000 Apache h mod_ssl bugs NEW --- SSLCA* based directives never honoured for the client certificate auth for providing the CA names 2018-12-10
63096 Apache h mod_ssl bugs NEW --- TLS 1.3: Client certificates don't work if they are optional on virtual host but required on location 2023-03-09
63097 Apache h mod_ssl bugs NEW --- TLS 1.3: Support "SSLOptions OptRenegotiate" 2019-01-21
63171 Apache h mod_ssl bugs NEW --- SSLProxy: SSLOCSPResponderCertificateFile not loaded on HTTP to HTTPS proxy 2019-11-25
63426 Apache h mod_ssl bugs NEW --- Excessive logging: AH02227: Failed to set r->user to 'SSL_CLIENT_S_DN' & AH02261: Re-negotiation handshake failed 2019-05-13
63924 Apache h mod_ssl bugs NEW --- SSLProxyMachineKeyFile 2019-11-14
63925 Apache h mod_ssl bugs NEW --- Wrong "cert does not match for name" 2019-11-14
64071 Apache h mod_ssl bugs NEW --- [PATCH] Add wolfSSL SSL/TLS support and configure option 2020-01-10
64124 Apache h mod_ssl bugs NEW --- TLS1.3 sessions not resumable after graceful restart 2020-02-13
64262 Apache h mod_ssl bugs NEW --- Unsafe error handling: when using OpenSSL API 2020-03-25
64263 Apache h mod_ssl bugs NEW --- TLSv1.3 with SSLVerifyClient optional inside a Location returns 403 2023-10-13
64306 Apache h mod_ssl bugs NEW --- Error "AH01977: failed reading line from OCSP server" with local OCSP proxy due to timeout 2024-01-12
64352 Apache h mod_ssl bugs NEW --- Add an equivalent of SSLOpenSSLConfCmd for proxy HTTPS connections 2020-04-15
64434 Apache h mod_ssl bugs NEW --- Implement TLS 1.3 random record padding to mitigate BREACH 2020-05-14
64531 Apache h mod_ssl bugs NEW --- mod_ssl doesn't log client IP although it would be available many times 2020-06-17
64554 Apache h mod_ssl bugs NEW --- Wrong soft link causes config file not loaded 2020-06-24
64781 Apache h mod_ssl bugs NEW --- mod_ssl_ct does not send SCT extension with TLS 1.3 2020-09-30
64847 Apache h mod_ssl bugs NEW --- Incomplete SSL virtual host config seems to work but tells php it is not using SSL 2020-10-24
64966 Apache h mod_ssl bugs NEW --- "SSLStaplingReturnResponderErrors off" still returning errors to client 2020-12-08
64970 Apache h mod_ssl bugs NEW --- drop unmaintained ocsp support from mod_ssl 2020-12-09
65025 Apache h mod_ssl bugs NEW --- SSL error "ca key too small" is reported at info level instead of error level 2020-12-22
65162 Apache h mod_ssl bugs NEW --- Ambigous error message related to wildcard SSL certificate sharing 2021-03-01
65415 Apache h mod_ssl bugs NEW --- ERR_BAD_SSL_CLIENT_AUTH_CERT by client certificate 2021-09-19
65554 Apache h mod_ssl bugs NEW --- http to https redirect doesn't work when only TLSv1.2 is specified 2021-09-06
65591 Apache h mod_ssl bugs NEW --- Standard + non-standard SSL port + name-based vhosts + SNI: Port number disregarded when selecting certificate? 2021-09-22
65605 Apache h mod_ssl bugs NEW --- Default configuration of the ssl module should be conditional 2021-09-30
65900 Apache h mod_ssl bugs NEW --- SSL still enabled without SSLEngine 2022-02-19
65902 Apache h mod_ssl bugs NEW --- modules/ssl/ssl_engine_vars.c: Add check after calling ASN1_STRING_new 2022-02-24
65903 Apache h mod_ssl bugs NEW --- modules/ssl/ssl_engine_kernel.c: Add check for X509_STORE_CTX_init 2022-02-24
65904 Apache h mod_ssl bugs NEW --- modules/ssl/ssl_util_stapling.c: Fix memory leak 2022-02-24
65905 Apache h mod_ssl bugs NEW --- modules/ssl/ssl_engine_init.c: Add check for X509_STORE_CTX_init 2022-02-25
65922 Apache h mod_ssl bugs NEW --- modules/ssl/ssl_util_ssl.c: Add check for BIO_read 2023-06-06
66036 Apache h mod_ssl bugs NEW --- pkcs#11: parent httpd not issuing C_Login() after graceful reload causing on-going connections to fail SSL/TLS handshake 2022-05-23
66199 Apache h mod_ssl bugs NEW --- RFC 9266: Channel Bindings for TLS 1.3 support 2023-11-18
66224 Apache h mod_ssl bugs NEW --- Lacking a check for the return value of SSL_peek() 2022-08-17
66345 Apache h mod_ssl bugs NEW --- Apache2 not working properly when mod_ssl is loaded 2022-11-22
66440 Apache h mod_ssl bugs NEW --- The maximum effective value of SSLSessionCacheTimeout is 3600 2023-04-11
66481 Apache h mod_ssl bugs NEW --- SSL_CLIENT_SAN_Email (without _n) doesn't work 2023-02-20
66525 Apache h mod_ssl bugs NEW --- document when certificate/key/CRL/etc. files are reloaded 2023-03-11
66657 Apache h mod_ssl bugs NEW --- Support for OCSP Caching 2023-06-19
66664 Apache h mod_ssl bugs NEW --- Request for crl fallback enabling 2023-06-27
66677 Apache h mod_ssl bugs NEW --- Enable OCSP https URI 2023-07-05
68143 Apache h mod_ssl bugs NEW --- Global ECC certificate takes precedence on local RSA certificate 2023-11-14
49277 Apache h mod_ssl bugs NEW --- Expose a variable to identify SSL Session renegotiated 2021-03-30
35154 Apache h mod_ssl bugs REOP --- Support for NID_serialNumber, etc. in SSLUserName 2021-07-14
40513 Apache h mod_ssl bugs REOP --- Seeding PRNG with 0 bytes of entropy 2021-08-18
44503 Apache h mod_ssl bugs REOP --- Errors during SSL handshake 2021-03-30
45801 Apache h mod_ssl bugs REOP --- SSLRequireSSL with strictrequire and satisfy any does not behave as expected 2013-08-07
52616 Apache h mod_ssl bugs REOP --- SSLUserName uses SSL_CLIENT_S_DN insted of SSL_CLIENT_S_DN_CN (or any x509) 2020-09-26
57553 Apache h mod_ssl bugs REOP --- mod_ssl_ct causes connection failures when configured 'empty' 2021-03-30
14104 Apache h mod_ssl bugs REOP --- not documented: must restart server to load new CRL 2022-03-31
31418 Apache h mod_ssl bugs REOP --- SSLUserName is not usable by other modules 2020-09-26
43997 Apache h mod_ssl bugs REOP --- Only issue "Init: SSL server IP/Port conflict" if certificates are different. 2011-05-10
46037 Apache h mod_ssl bugs NEED --- Configuration of trusted OCSP responder certificates 2017-03-02
61436 Apache h mod_ssl bugs NEED --- Permissive TLS connection allowed when connecting from localhost 2021-03-30
65594 Apache h mod_ssl bugs NEED --- Incorrect certificate chain sent to client 2021-09-23
65682 Apache h mod_ssl bugs NEED --- Apache won't start with mod_ssl and openssl 1.1.1l or newer 2022-04-26
65860 Apache h mod_ssl bugs NEED --- Revoked certificate block httpd start 2022-02-07
109 bugs found.

as

File a new bug in the "mod_ssl" component of the "Apache httpd-2" product