https://bz.apache.org/bugzilla/show_bug.cgi?id=69939
--- Comment #6 from Diego Rivera <[email protected]> --- (In reply to Mark Thomas from comment #4) > Tomcat does include a test that uses a PEM encoded cert without parameters > with OpenSSL and it doesn't crash. We are going to need more information. > > Which version of OpenSSL did you compile Tomcat Native with? > > Can you provide us with a test key/cert that triggers the crash? Certainly! This is on a Ubuntu 22.04 container (it's necessary since it's the only version fully certified for FedRAMP ... 24.04 was just recently approved but we're waiting a month or two more before adopting it). openssl = 3.0.2-0ubuntu1.20 Certificate and key: (it's safe to make these public as they're throwaways of limited security value) -----BEGIN CERTIFICATE----- MIIFNDCCBBygAwIBAgIRAPuYt+7gqmrEcC3ZFO8mJ5AwDQYJKoZIhvcNAQELBQAw MDEuMCwGA1UEAxMlQXJrQ2FzZSBvbiBLdWJlcm5ldGVzIEludGVybWVkaWF0ZSBD QTAeFw0yNjAxMjcyMjMxMDlaFw0yNzA3MjkxMDMxMDlaMDwxOjA4BgNVBAMTMWFy a2Nhc2UtY29yZS0wLmNvcmUtZG5zLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWww ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZBokTS6ddxMeWC/5xYUHl igoLZt0+67nLStsZjVLdkGI0GYY0DJJHJUaSsBdEDlCnMA/aH1HQA3Fnxmmws1v/ JPdJ2Zo5N9ueUE3OYlOO/+VjdfGR1MS87sSUHdXAFxoDi4zq9KfWI5HSQYbPf3xr eGh/KOpxfAmLVTfiz7Kkx+rvF9jddFVxfSYirG0K90w2ArzTRQwC+CHpQioiSieA PtaRNgkGQe4ceTd3UHyeeXG1oZ2PRouYZBOFFOC+iDnnnQwpuzKAJRkjSXaVc5Nn KSpnp1+YsErg6y5AIu/QeoDNP/7yRuj/o8DAoRzNWU80uBqXEK7NzAKqhMLuSPuz AgMBAAGjggI7MIICNzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTmHybMSG+FMKCiujZSie/p0rxXSDAfBgNV HSMEGDAWgBTybFGrsrtuJ5kgTSNaPquNfvD8azCCAXkGA1UdEQSCAXAwggFsgg5h cmtjYXNlLWNvcmUtMIIXYXJrY2FzZS1jb3JlLTAuY29yZS1kbnOCH2Fya2Nhc2Ut Y29yZS0wLmNvcmUtZG5zLmRlZmF1bHSCI2Fya2Nhc2UtY29yZS0wLmNvcmUtZG5z LmRlZmF1bHQuc3ZjgjFhcmtjYXNlLWNvcmUtMC5jb3JlLWRucy5kZWZhdWx0LnN2 Yy5jbHVzdGVyLmxvY2FsggRjb3Jlggxjb3JlLmRlZmF1bHSCEGNvcmUuZGVmYXVs dC5zdmOCHmNvcmUuZGVmYXVsdC5zdmMuY2x1c3Rlci5sb2NhbIIIY29yZS1kbnOC EGNvcmUtZG5zLmRlZmF1bHSCFGNvcmUtZG5zLmRlZmF1bHQuc3ZjgiJjb3JlLWRu cy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2Fsgglsb2NhbGhvc3SCFWxvY2FsaG9z dC5sb2NhbGRvbWFpbocECmH9zIcECmJULzBJBgwrBgEEAYKkZMYoQAEEOTA3AgEB BAVhZG1pbgQrU0Q3c2RCcEY3ZXdXMkxjdWJvdlNFbEFUVjc0YmN4N0JCb2VKdXJC VTZlUTANBgkqhkiG9w0BAQsFAAOCAQEAZuymf5tbvGT7hpY8NJAzWgxoN4Vjd4tR GDAoNuZG6E/5oJLnSw1U1Y+PrlRPBB7XhKNOHdZlNULhgIzI6Ux1yzhQ/wg74bnJ 2J0Tzk+6jnuV0i2/7FubnVXl5Fd8MCyZB6oDp9M2dgEV3NSi7+D7KOtoXf1eUfDP 6YHv0KGf4iOkZxjJ2NqFsq1sWrvmEjPkmzlVCtRMDizw9GPrTIL32NHpMN/VSHb9 VhgiNAW+YA+u8LDAFGh4ZNgKiV2+m8fK9L2q5s1zExvlhZtKPVaVF+wZerSZTyA3 TloTTDRjAM6UyW8GPr4QwDFMdkc0kjZKWZzjgDXAJFcxJRbZwP/ENA== -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEA2QaJE0unXcTHlgv+cWFB5YoKC2bdPuu5y0rbGY1S3ZBiNBmG NAySRyVGkrAXRA5QpzAP2h9R0ANxZ8ZpsLNb/yT3SdmaOTfbnlBNzmJTjv/lY3Xx kdTEvO7ElB3VwBcaA4uM6vSn1iOR0kGGz398a3hofyjqcXwJi1U34s+ypMfq7xfY 3XRVcX0mIqxtCvdMNgK800UMAvgh6UIqIkongD7WkTYJBkHuHHk3d1B8nnlxtaGd j0aLmGQThRTgvog5550MKbsygCUZI0l2lXOTZykqZ6dfmLBK4OsuQCLv0HqAzT/+ 8kbo/6PAwKEczVlPNLgalxCuzcwCqoTC7kj7swIDAQABAoIBADzr7bzB5viWjaRc N4/iSlpCFrG+rWrFR0F/AOQ6XMGfj0GqzJZ91O4t05LH5bAQCKn1/u0vD4tB/Cqy cubMYo3L9bMAZ5+aQ4c8aar+xRAGW4FBEY/rV1Ll/77IZUFn+sB2AxfNl/OvxnZs OIi089tDUKopdS5oMFGxmV+NCEvi4mbDorCcDygto4UXySGi5xy7ZPMZN9CM3I7C 6rVNO75J/Qoe8ZDIy8kTDZXb4bdwGjenuqs0GVENKmLVIsRpHYt74YmgvSH4QarT EwtYHQsXUKd7fj8U2hYunWwpz7UbSit32EK5vL7lk1JY2plSqOzLCC6wn3MDmd8S 9mj1O8kCgYEA9f3rJ8kptIVREC0hkluDbaiRsye9dK2ONbw0CQ2ILqPg2gB4q+xz zuLuGKf8cZQOh1RXNCuPd3equRS3HSKn5UxJTBIk/QvZLQYPclDcCrLS2AsRYv/k 37vx3iPavZoJUziGoqF3k8BF1ltQjHf4C8dzMUzgoxSR1vhJlZuhf80CgYEA4drs aRsZfzPTMu8/mNwtCz1aFPnwqriNCxZPm6+UjUnF5szhxT8tOabZuAE428ej/K6a 2gHPbFW8Exhbyy9k5vzMSNSxJvVlvYK6f6KhIVMiPYFjzEZfcoFR7l9WLs33Sjxn Q5gZGv08oIxbzuFg16ycvr2anwk9VMA7dmg96X8CgYEAkRsWkyKL0mvt9I/axN3s ukv8nmTr0h7qy3HYdBqiYXjUE2TByhCyA7FDaBH3zPvcUiIDSsgDWiKh94lrtukR hyYn+pKddRN/KZrwk6t1EW6JB14IBJEUbpIMS9B0oPFzXL70VIzQ37xEtfypmCLQ lAo0PjmuLSTeHqPZrEHg02UCgYB/zZ8rls8lwNDJKMMnH6hJjO0Vo52BLa96T6S6 p297R/y5rsQvFqHj1ruquN5Q17a+/JrZtF6Iojcr4wPGhUomv3Rl3h1ku0ZYJ8qb AQ8GyYE9pqMva78FD5KqPb6J+7jshCO3BzFlqVkOTH6DIdvoD2AfOzFsvxC6jZDY XwJxxwKBgQC+JnqPsRJ0IhAqCaZFarsDaS3zA2E0T6HEv+yp2avhAK0pY6oTU3u8 rfRAw/YXkYoQ1Cg9mUri87bJdPXNc16FDipnCo46CTdnWuUBIsNlW41jJ9Qb0IWn RRC2FHo2OJ9EThe733PsVZb6YweHd8u5CGo9SPD80dwLmvCy5p5gXQ== -----END RSA PRIVATE KEY----- -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
