[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug 61984] mod_ssl has SSLProxyVerify set to none by default


--- Comment #5 from Yann Ylavic <ylavic.dev@xxxxxxxxx> ---
Startup failure is certainly not the norm, nginx and ATS don't do that for
instance (and default to verify none too), haproxy seems to require a ca-file
by default though (in any event, none takes the frontend's configuration as the
backend's one, AFAICT).

I don't think we can change this in any httpd released versions without
breaking existing configurations for reverse proxies (e.g. in trusted
environments, the most common ones IMHO), we can't make httpd startup fail all
of a sudden because "SSLProxyVery none" wasn't specified.

The SSL* vs SSLProxy* cases may not be ovious, but we have to differentiate
between the frontend vs backend SSL configurations anyway, and somehow both
SSLEngine and SSLProxyEngine had better be used for your configuration to work
in the first place, there is a reason for that, nothing implicit here.

I'm not saying understanding/configuring SSL is easy, nor that it shouldn't be
improved, but I don't think we should error by default, even in future
SSL isn't the default for mod_proxy, one has to set it up explicitely, and that
must be done above "SSLProxyEngine on" for sensible cases (like untrusted
networks), no one should ignore that.

So still a documentation issue for me, let's see what others think for the next
major version.

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail: bugs-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: bugs-help@xxxxxxxxxxxxxxxx