[rt-devel] openssl can't read SMIME_PASS environment variable

Alex Vandiver alexmv at bestpractical.com
Fri Oct 31 18:22:13 EDT 2014

On 10/30/2014 09:23 AM, Marcos Orallo wrote:
> I have problems making S/MIME work with RT 4.2.7
> My environment consists of Debian testing, RT 4.2.7, Apache 2.4.10,
> mod_perl 2.0.9

That's fascinating, as the latest release is mod_perl 2.0.8:


...and I'm unaware of any release which works against Apache 2.4.x.

> I think the underlying reason is that mod_perl by default don't pass
> %ENV to child processes unless they are specifically stated in the
> site configuration:


> Anyone knows if this works with FastCGI or other web server different
> from Apache?

Works fine with FastCGI.  In addition to filehandle, environment, and
occasional segfualt problems due to library linking, the lack of Apache
2.4 support is closing on the final nail in the coffin for mod_perl
support.  It should not be anyone's fist choice of deployment option.

> What would be a (secure) alternative for passing the passphrase to
> openssl? STDIN? another file descriptor?

I'd choose "Use something less broken than mod_perl".
 - Alex

More information about the rt-devel mailing list