"SSL routines:tls_choose_sigalg:internal error" error when a client does not set signature_algorithms extension in ClientHello in the Apache httpd 2.4.x

Solution Verified - Updated -

Issue

The following error is observed when a client does not set signature_algorithms extension in ClientHello.

[Fri Jul 01 07:43:48.072823 2022] [ssl:trace3] [pid 1387:tid 140173027616512] ssl_engine_kernel.c(2232): [client 10.0.2.100:59688] OpenSSL: Write: error                                                  
[Fri Jul 01 07:43:48.072839 2022] [ssl:trace3] [pid 1387:tid 140173027616512] ssl_engine_kernel.c(2251): [client 10.0.2.100:59688] OpenSSL: Exit: error in error                                          
[Fri Jul 01 07:43:48.072855 2022] [ssl:info] [pid 1387:tid 140173027616512] [client 10.0.2.100:59688] AH02008: SSL library error 1 in handshake (server 10.0.2.100:443)
[Fri Jul 01 07:43:48.072896 2022] [ssl:info] [pid 1387:tid 140173027616512] SSL Library Error: error:14201044:SSL routines:tls_choose_sigalg:internal error
[Fri Jul 01 07:43:48.072914 2022] [ssl:info] [pid 1387:tid 140173027616512] [client 10.0.2.100:59688] AH01998: Connection closed to child 64 with abortive shutdown (server 10.0.2.100:443)

Environment

  • Red Hat Enterprise Linux (RHEL)
    • 8.x
    • 9.x
  • Apache HTTPD 2.4.x
    • mod_ssl

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content