Viktor,
Despite being a protocol violation, it is accepted by the OpenSSL's server
implementation.
But I do see now that this is indeed covered by RFC 5246. Sorry, I have
missed that line in
the Client Certificate section.
On Wed, Aug 13, 2014 at 1:48 AM, Salz, Rich rs...@akamai.com wrote:
Hello!
What does `ldd /path/to/httpd` says?
Cheers,
Fedor.
On Mon, Apr 14, 2014 at 12:17 PM, LOKESH JANGIR lk.jangi...@gmail.comwrote:
Hi Team,
I am using Ubuntu, Amazon ami with apache 2.0 and mod_ssl installed. I
found the same openssl vulnerability issue with my ssl certificate. I have