From: Stefan Fritsch <sf@apache.org>
Date: Wed, 29 Jun 2011 19:53:13 +0000 (+0000)
Subject: Add some debug logging when loading server certificates
X-Git-Tag: 2.3.14^2~95
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=be8ea90c2c0dd910ea310e68cb6d4b68b944aea7;p=thirdparty%2Fapache%2Fhttpd.git

Add some debug logging when loading server certificates

PR: 37912
Submitted by: Nick Burch <nick burch alfresco com>



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1141223 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index f531be8e31f..a75a5a59446 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,8 @@
 
 Changes with Apache 2.3.14
 
+  *) mod_ssl: Add some debug logging when loading server certificates.
+     PR 37912. [Nick Burch <nick burch alfresco com>]
 
 Changes with Apache 2.3.13
 
diff --git a/modules/ssl/ssl_engine_pphrase.c b/modules/ssl/ssl_engine_pphrase.c
index cb59c2e01f3..f8637af6050 100644
--- a/modules/ssl/ssl_engine_pphrase.c
+++ b/modules/ssl/ssl_engine_pphrase.c
@@ -178,11 +178,14 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
      */
     for (pServ = s; pServ != NULL; pServ = pServ->next) {
         sc = mySrvConfig(pServ);
-
-        if (!sc->enabled)
+        cpVHostID = ssl_util_vhostid(p, pServ);
+        if (!sc->enabled) {
+            ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, pServ,
+                         "SSL not enabled on vhost %s, skipping SSL setup",
+                         cpVHostID);
             continue;
+        }
 
-        cpVHostID = ssl_util_vhostid(p, pServ);
         ap_log_error(APLOG_MARK, APLOG_INFO, 0, pServ,
                      "Loading certificate & private key of SSL-aware server '%s'",
                      cpVHostID);
@@ -235,6 +238,9 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
                     ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
                     ssl_die();
                 }
+                ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
+                             "Init: Read server certificate from '%s'",
+                             szPath);
             }
             /*
              * check algorithm type of certificate and make
@@ -452,8 +458,9 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
                     }
                 }
                 else {
-                    ap_log_error(APLOG_MARK, APLOG_EMERG, 0,
-                                 pServ, "Init: Pass phrase incorrect");
+                    ap_log_error(APLOG_MARK, APLOG_EMERG, 0, pServ,
+                                 "Init: Pass phrase incorrect for key of %s",
+                                 cpVHostID);
                     ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, pServ);
 
                     if (writetty) {