Bug#414855: wildcard cert not working in apache 2.2

To: submit@bugs.debian.org
Subject: Bug#414855: wildcard cert not working in apache 2.2
From: Craig Sanders <csanders@unimelb.edu.au>
Date: Wed, 14 Mar 2007 16:53:36 +1100
Message-id: <[🔎] 45F78DE0.7050808@unimelb.edu.au>
Reply-to: Craig Sanders <csanders@unimelb.edu.au>, 414855@bugs.debian.org

Package: apache2
Version: 2.2.3-3.3

a wildcard SSL certificate (for *.chemistry.unimelb.edu.au) that works
fine in apache 2.0.49 on a SUSE server, doesn't work in apache 2.2.3
on debian. (i'm building a pair of debian etch boxes as an LVS
load-balanced replacement for our SUSE web server box, and am currently
deep in the compatibility-testing stage of the migration).

the error message is:

[Wed Mar 14 14:56:55 2007] [warn] RSA server certificate CommonName (CN)
`*.chemistry.unimelb.edu.au' does NOT match server name!?

the domain name in this case is 'it.chemistry.unimelb.edu.au', which
does match the wildcard cert.

i tried googling for similar problems and found this:

http://marc.theaimsgroup.com/?l=apache-cvs&m=114017665119886&w=2

which mentions a patch for apache 2.3 which fixes a similar sounding
problem:

+  *) mod_ssl: Fix spurious hostname mismatch warning for valid
+     wildcard certificates.  PR 37911.  [Nick Burch <nick torchbox.com>]


the date of that patch is 2006-02-17 - has it been backported to
apache2.2 yet?

craig

--
Craig Sanders
Systems Administrator
School of Chemistry
University of Melbourne
Ph: +61 3 83447309

Reply to:

Prev by Date: A request for your input.
Next by Date: configuring virtual hosting in apache2 for debian
Previous by thread: A request for your input.
Next by thread: configuring virtual hosting in apache2 for debian
Index(es):
- Date
- Thread