Bug 39705 - Bug in Apache2.0 mod_ssl which prevents from jointly treating method POST with an authentification customer by certificate?
Summary: Bug in Apache2.0 mod_ssl which prevents from jointly treating method POST wit...
Status: RESOLVED DUPLICATE of bug 12355
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_ssl (show other bugs)
Version: 2.0.58
Hardware: Other Linux
: P5 critical (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-06-02 11:56 UTC by richard chen
Modified: 2006-06-02 15:54 UTC (History)
0 users


Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description richard chen 2006-06-02 11:56:55 UTC 
I find this article at internet and I am facing the same problem as mentioned 
in the article below. I would like know whether Apache did come out the fix 
for the below problem. Thanks alot.



##########################
There is a bug in Apache2.0 mod_ssl which prevents from jointly treating 
method POST with an authentification customer by certificate.

The problem appears when the level of authentification (SSLVerifyClient) is 
higher on the level of a Location directive than on the level of the virtual 
host.

The message which appears in the logs is then 
[error] SSL Re-negotiation in conjunction with POST method not supported! \ 
nhint: try SSLOptions +OptRenegotiate

Possible parades:


To use a as constraining directive on the level of the virtual host as in the 
directive hiring (walk with optional)
to use a special port for the forms requiring method POST and SSLVerifyClient. 
To bring the SSLVerifyClient directive to the level of the virtual host. The 
directive is then extended to all the virtual host
############################
Comment 1 Ruediger Pluem 2006-06-02 22:54:42 UTC 

*** This bug has been marked as a duplicate of 12355 ***