Add some debug logging when loading server certificates

PR: 37912
Submitted by: Nick Burch <nick burch alfresco com>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1141223 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index f531be8e31f1cdc0e9338a3097f3db1e57dfde99..a75a5a594461961d38ef318078d908e8c8946ec6 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,8 @@
 
 Changes with Apache 2.3.14
 
+  *) mod_ssl: Add some debug logging when loading server certificates.
+     PR 37912. [Nick Burch <nick burch alfresco com>]
 
 Changes with Apache 2.3.13
 

diff --git a/modules/ssl/ssl_engine_pphrase.c b/modules/ssl/ssl_engine_pphrase.c
index cb59c2e01f3c14249e23e6852806fdc29926cb74..f8637af605025008afd280dc4a9967d9d2c9f9e2 100644 (file)
--- a/modules/ssl/ssl_engine_pphrase.c
+++ b/modules/ssl/ssl_engine_pphrase.c
@@ -178,11 +178,14 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
      */
     for (pServ = s; pServ != NULL; pServ = pServ->next) {
         sc = mySrvConfig(pServ);
-
-        if (!sc->enabled)
+        cpVHostID = ssl_util_vhostid(p, pServ);
+        if (!sc->enabled) {
+            ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, pServ,
+                         "SSL not enabled on vhost %s, skipping SSL setup",
+                         cpVHostID);
             continue;
+        }
 
-        cpVHostID = ssl_util_vhostid(p, pServ);
         ap_log_error(APLOG_MARK, APLOG_INFO, 0, pServ,
                      "Loading certificate & private key of SSL-aware server '%s'",
                      cpVHostID);
@@ -235,6 +238,9 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
                     ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, s);
                     ssl_die();
                 }
+                ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
+                             "Init: Read server certificate from '%s'",
+                             szPath);
             }
             /*
              * check algorithm type of certificate and make
@@ -452,8 +458,9 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
                     }
                 }
                 else {
-                    ap_log_error(APLOG_MARK, APLOG_EMERG, 0,
-                                 pServ, "Init: Pass phrase incorrect");
+                    ap_log_error(APLOG_MARK, APLOG_EMERG, 0, pServ,
+                                 "Init: Pass phrase incorrect for key of %s",
+                                 cpVHostID);
                     ssl_log_ssl_error(SSLLOG_MARK, APLOG_EMERG, pServ);
 
                     if (writetty) {