Ubuntu

Slow page loads with ssl client cert auth apache2 + openssl 1.1.1

Asked by Andreas Amann

Can anyone confirm a problem with openssl 1.1.1 and apache 2.4.29 when client cert auth is used?
After last openssl upgrade page loads became really slow. Single GET requests had delays between 15 an 45 secs.

Apache logs show delays like this (LogLevel debug):

[Fri Jun 21 11:36:13.760861 2019] [socache_shmcb:debug] [pid 14032] mod_socache_shmcb.c(516): AH00834: leaving socache_shmcb_store successfully
[Fri Jun 21 11:36:30.229486 2019] [authz_core:debug] [pid 14032] mod_authz_core.c(835): [client XXX.XXX.XXX.XXX:XXXX] AH01628: authorization result: granted (
no directives)

This appears to be a problem in apache that has been triggered with Openssl 1.1.1 and was fixed in 2.4.34, see

https://bz.apache.org/bugzilla/show_bug.cgi?id=62691

The workaround mentioned there worked for me.
Are there chances to backport the fix or upgrade apache 2?

Thanks a lot!
Andreas

Ubuntu 18.04
apache2 2.4.29-1ubuntu4.6
openssl 1.1.1-1ubuntu2.1~18.04.3

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Solved by:
actionparsnip
Solved:
Last query:
Last reply:
Revision history for this message
Best actionparsnip (andrew-woodhead666) said : 		#1

I suggest you report a bug

Revision history for this message
Andreas Amann (awobnsu) said : 		#2

Thank you for your instant reply! Bug report is opened now (#1833896).

Best wishes,
Andreas

Revision history for this message
Andreas Amann (awobnsu) said : 		#3

Thanks actionparsnip, that solved my question.