From 81af07c707b365c9a3fd7f98adc86d02e90275e1 Mon Sep 17 00:00:00 2001 From: Joe Orton Date: Thu, 19 Apr 2018 08:02:41 +0000 Subject: [PATCH] * modules/ssl/ssl_engine_init.c (ssl_init_Module): Don't enable SSL for a vhost if SSLEnable is not used and no certs are configured, even if the Listen protocol is "https". Restores behaviour to that prior to r1809303 for configs which would now otherwise fail at startup. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1829513 13f79535-47bb-0310-9956-ffa450edef68 --- modules/ssl/ssl_engine_init.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c index 04a38da32c..89ed3df0fe 100644 --- a/modules/ssl/ssl_engine_init.c +++ b/modules/ssl/ssl_engine_init.c @@ -262,7 +262,8 @@ apr_status_t ssl_init_Module(apr_pool_t *p, apr_pool_t *plog, * the protocol is https. */ if (ap_get_server_protocol(s) && strcmp("https", ap_get_server_protocol(s)) == 0 - && sc->enabled == SSL_ENABLED_UNSET) { + && sc->enabled == SSL_ENABLED_UNSET + && (!apr_is_empty_array(sc->server->pks->cert_files))) { sc->enabled = SSL_ENABLED_TRUE; } -- 2.40.0