httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <traw...@gmail.com>
Subject Re: [PATCH 55593] Add "SSLServerInfoFile" directive
Date Sat, 04 Jan 2014 19:25:55 GMT
On Fri, Jan 3, 2014 at 6:17 PM, Dr Stephen Henson <
shenson@opensslfoundation.com> wrote:

> On 03/01/2014 19:31, Jeff Trawick wrote:
> >
> > Support for "ServerInfoFile" still isn't in
> > SSL_CONF_cmd()/SSL_CONF_cmd_value_type() in OpenSSL master or the 1.0.2
> branch,
> > right?  (IOW, "SSLOpenSSLConfCmd ServerInfoFile info1.pem" is the planned
> > interface in mod_ssl but not yet workable?)  Or maybe I'm not looking at
> the
> > right place in OpenSSL.
> >
>
> I just added it to the OpenSSL master branch. Let me know if you have any
> problems. I'll backport it to 1.0.2 before release.
>

Thanks for that.  I don't have anything useful to test with the
ServerInfoFile right at the moment, but the code seems to be there now:

[Sat Jan 04 14:17:37 2014] [emerg] [pid 1950:139787856742272:1950]
ssl_engine_init.c(1320): AH02407: "SSLOpenSSLConfCmd ServerInfoFile
/home/trawick/inst/25-64/info1.pem" failed for www.example.com:8443
[Sat Jan 04 14:17:37 2014] [emerg] [pid 1950:139787856742272:1950]
ssl_engine_init.c(1321): SSL Library Error: error:0906D06C:PEM
routines:PEM_read_bio:no start line (Expecting: DH PARAMETERS) -- Bad file
contents or format - or even just a forgotten SSLCertificateKeyFile?
[Sat Jan 04 14:17:37 2014] [emerg] [pid 1950:139787856742272:1950]
ssl_engine_init.c(1321): SSL Library Error: error:0906D06C:PEM
routines:PEM_read_bio:no start line (Expecting: EC PARAMETERS) -- Bad file
contents or format - or even just a forgotten SSLCertificateKeyFile?
[Sat Jan 04 14:17:37 2014] [emerg] [pid 1950:139787856742272:1950]
ssl_engine_init.c(1321): SSL Library Error: error:0906D06C:PEM
routines:PEM_read_bio:no start line -- Bad file contents or format - or
even just a forgotten SSLCertificateKeyFile?
[Sat Jan 04 14:17:37 2014] [emerg] [pid 1950:139787856742272:1950]
ssl_engine_init.c(1321): SSL Library Error: error:14151185:SSL
routines:SSL_CTX_use_serverinfo_file:no pem extensions


>
> Steve.
> --
> Dr Stephen Henson. OpenSSL Software Foundation, Inc.
> 1829 Mount Ephraim Road
> Adamstown, MD 21710
> +1 877-673-6775
> shenson@opensslfoundation.com
>



-- 
Born in Roswell... married an alien...
http://emptyhammock.com/

Mime
View raw message