Last week an update to apache-httpd was released which fixes an important security issue. I updated a number of servers right away, but after receiving some traffic they started to produce SSL errors. I've tried to debug this as far as I could and have come to the conclusion that it only happens when using mpm_event_module. My configs are default, but I enable SSL and switch to the evented MPM. For certificates I use Let's Encrypt (using acme-client). ab prints the following errors.
SSL handshake failed (1). 140321585887104:error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding:crypto/rsa/rsa_pk1.c:66: 140321585887104:error:04067072:rsa routines:rsa_ossl_public_decrypt:padding check failed:crypto/rsa/rsa_ossl.c:655: 140321585887104:error:1416D07B:SSL routines:tls_process_key_exchange:bad signature:ssl/statem/statem_clnt.c:2414: Web browsers show an error also, but some refreshing sometimes fixes the problem. Is anybody else able to reproduce this? Can I do anything to help resolve it? Thanks in advance. Frank
