From 0548ead8cd1ff2edb6cc73936d97c9c2501163c4 Mon Sep 17 00:00:00 2001
From: Ossi Herrala <ossi.herrala@codenomicon.com>
Date: Sat, 9 Mar 2013 15:57:45 +0000
Subject: [PATCH] Allow Apache to use MD5 signed certs in Centos >=6.4.

Centos 6.4 changed the NSS library to reject X.509 certificates which
are signed with MD5:

  "[VALID] The upstream Mozilla NSS disabled support for MD5 hash
   signed certificates in the 3.14 release, which was added to CentOS
   6.4. More details and workarounds can be found in this Fedora bugzilla
   report https://bugzilla.redhat.com/show_bug.cgi?id=895513"

This change can be reverted when the world has changed from MD5 to something else :)
---
 apache/files/httpsd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apache/files/httpsd b/apache/files/httpsd
index 4f82966..b0c6077 100755
--- a/apache/files/httpsd
+++ b/apache/files/httpsd
@@ -64,7 +64,7 @@ check13 () {
 start() {
         echo -n $"Starting $prog: "
         check13 || exit 1
-        LANG=$HTTPSD_LANG daemon --pidfile=${pidfile} $httpsd $OPTIONS
+        NSS_HASH_ALG_SUPPORT=+MD5 LANG=$HTTPSD_LANG daemon --pidfile=${pidfile} $httpsd $OPTIONS
         RETVAL=$?
         echo
         [ $RETVAL = 0 ] && touch ${lockfile}