PQ80104: FORBIDDEN ERROR RETURNED TO THE BROWSER IF SSL DIRECTIVES SUCH AS SSLCIPHERBAN ARE CONFIGURED IN <LOCATION /*>CONTAINER | |||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description Customer configured these directives in a global scope of IHS 2.0.42.2 on AIX: . <Location /*> SSLCipherBan 30 SSLCipherBan 31 SSLCipherBan 32 SSLCipherBan 33 SSLCipherBan 36 SSLCipherBan 39 SSLCipherBan 24 SSLCipherBan 22 SSLCipherBan 26 SSLCipherBan 62 SSLCipherBan 64 </Location> . Customer configured also non SSL VirtualHost in IHS, such as: <VirtualHost 9.27.40.29:6020> ServerName slavic.raleigh.ibm.com </VirtualHost> . When the customer tried to access this VirtualHost, "Forbidden" error was returned to the browser. This is a defect because SSL directives in a global scope prevented non SSL VirtualHost from proper functioning.Local fix The workaround is to use <Location *> directive in a global scope instead of <Location /*>.Problem summary Flag not being set properly in SSL directory st ructure and causes forbidden when server accessed non-securely a nd SSL directives are present in directory/location container in global scope.Problem conclusion The flag was in directory structure was set properlyTemporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
Publications Referenced
|
Product categories: Software > Application Servers >
Distributed Application & Web Servers > IBM HTTP Server >
Runtime
Operating system(s):
Software version: 00A
Software edition:
Reference #: PQ80104
IBM Group: Software Group
Modified date: Nov 19, 2003
(C) Copyright IBM Corporation 2000, 2008. All Rights Reserved.