Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Won't Do
Priority: Blocker
Fix Version/s: None
Affects Version/s: httpd 2.4.37 SP7 GA
Component/s: openssl
Labels:
None

Blocked:
False
Ready:
False
Release Note Text:
Undefined
Target Release:

httpd 2.4.51 GA
Workaround:

Workaround Exists
Workaround Description:

Hide

Provide your own properly generated cert

Show
Provide your own properly generated cert

SFDC Cases Links:
SFDC Cases Counter:

Description

With a long FQDN, default cert generation from our postinstall fails with the following:

string is too long, it needs to be no more than 64 bytes long

So then start up after install fails out of the box with the following error:

SSLCertificateFile: file '/opt/rh/jbcs-httpd24/root/etc/pki/tls/certs/localhost.crt' does
not exist or is empty

Would we consider increasing commonName_max in our openssl.cnf?

Attachments

Issue Links

mentioned on

Merge request - Draft: JBCS-1133

Solved by commit ba0ef49bc84eb49e168ec8612093a32db1be5b06.

Activity

People

Assignee:: Dimitris Soumis

Reporter:: Aaron Ogburn

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 2021/05/28 5:13 PM

Updated:: 2022/09/19 8:06 AM

Resolved:: 2022/09/19 8:04 AM