68143 – Global ECC certificate takes precedence on local RSA certificate

Bug 68143 - Global ECC certificate takes precedence on local RSA certificate

Summary: Global ECC certificate takes precedence on local RSA certificate

Status:	NEW

Alias:	None

Product:	Apache httpd-2
Classification:	Unclassified
Component:	mod_ssl (show other bugs)
Version:	2.4.54
Hardware:	PC All

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Apache HTTPD Bugs Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-11-14 11:58 UTC by Marc Stern
Modified:	2023-11-14 11:58 UTC (History)
CC List:	0 users

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marc Stern 2023-11-14 11:58:04 UTC

SSLCertificateFile      conf/ssl/default.pem
SSLCertificateKeyFile   conf/ssl/default.pem
<Location />
 SSLCertificateFile      conf/ssl/specific.pem
 SSLCertificateKeyFile   conf/ssl/specific.pem
</Location>

We expect specific.pem to be used.
If both certificates are RSA or ECC, that's what happens.
If default.pem is ECC and specific.pem is RSA, default.pem wins!

This is abnormal and very perturbating when trying to figure out what happens.