Re: a little SSL help?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


----- Original Message ----- From: "Jake McHenry" <[email protected]>
To: <[email protected]>
Sent: Tuesday, June 21, 2005 12:19 PM
Subject: a little SSL help?

Hi everyone,

my RH9 server just blew up, hard drive failure, so I installed FC3.

I am in the middle of setting up httpd, trying to get our ssl cert installed and working, but having some problems.

If I issue a self signed cert, it works fine, but when I put in the valid signed cert, httpd fails startup.

Here is what's in the logs:

[[email protected] httpd]# cat error_log
[Tue Jun 21 12:13:36 2005] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)

[[email protected] httpd]# cat secure.ssl_error_log
[Tue Jun 21 12:13:36 2005] [error] Init: Private key not found
[Tue Jun 21 12:13:36 2005] [error] SSL Library Error: 218710120 error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
[Tue Jun 21 12:13:36 2005] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Tue Jun 21 12:13:36 2005] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
[Tue Jun 21 12:13:36 2005] [error] SSL Library Error: 218734605 error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib

I'm searching for this on google now, I need this up, my boss isn't happy. If anyone knows what I should do, please let me know!

Thanks, Jake McHenry

Nittany Travel MIS Coordinator
(570) 748-6611 x108

fedora-list mailing list
[email protected]
To unsubscribe:

I just got off phone with ssl company, told them what happend, they said to just send them a new csr. I did, got new crt back. Moved all files into same directory /etc/httpd/conf/ssl:

[[email protected] ssl]# ls -laF
total 48
drwxr-xr-x  2 root root 4096 Jun 21 14:13 ./
drwxr-xr-x  8 root root 4096 Jun 21 13:49 ../
-rw-------  1 root root 1851 Jun 21 13:38 ca-bundle.crt
-rw-r--r--  1 root root 1903 Jun 21 14:13 server.crt
-rw-------  1 root root  798 Jun 21 13:48 server.csr
-rw-------  1 root root  887 Jun 21 13:48 server.key

I changed the ssl.conf file to point to these:

SSLCertificateFile "/etc/httpd/conf/ssl/server.crt" SSLCertificateKeyFile "/etc/httpd/conf/ssl/server.key" SSLCACertificateFile "/etc/httpd/conf/ssl/ca-bundle.crt"

I have tried different permissions on the files, currently set to above, still having problem.

When I try to start httpd, it shows this on screen:

[[email protected] ssl]# service httpd start
Starting httpd: Syntax error on line 35 of /etc/httpd/conf.d/ssl.conf:
SSLCertificateFile: file '/etc/httpd/conf/ssl/server.crt' does not exist or is empty

And for some reason there is nothing being put into the log files about this??????????????????????

Thanks, Jake

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]
  Powered by Linux