Loading...

XML

Word

Printable

Type: Bug
Resolution: Won't Do
Priority: Blocker
Fix Version/s: None
Affects Version/s: httpd 2.4.37 SP7 GA
Component/s: openssl
Labels:
None

Blocked:
False
Ready:
False
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Release Note Text:
Undefined
Target Release:

httpd 2.4.51 GA
Workaround:

Workaround Exists
Workaround Description:

Hide

Provide your own properly generated cert

Show
Provide your own properly generated cert
Market:

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

With a long FQDN, default cert generation from our postinstall fails with the following:

string is too long, it needs to be no more than 64 bytes long

So then start up after install fails out of the box with the following error:

SSLCertificateFile: file '/opt/rh/jbcs-httpd24/root/etc/pki/tls/certs/localhost.crt' does
not exist or is empty

Would we consider increasing commonName_max in our openssl.cnf?

mentioned on

Merge request - Draft: JBCS-1133

Solved by commit ba0ef49bc84eb49e168ec8612093a32db1be5b06.

Assignee:: Dimitris Soumis

Reporter:: Aaron Ogburn

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2021/05/28 5:13 PM

Updated:: 2024/10/01 8:22 PM

Resolved:: 2022/09/19 8:04 AM