httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steffen <i...@apachelounge.com>
Subject Re: [VOTE] Release Apache httpd 2.4.8 as GA
Date Tue, 11 Mar 2014 22:20:06 GMT

 SLCertificateFile points already the certificate:

SSLCertificateFile conf/ssl.crt
SSLCertificateKeyFile conf/ssl.key

The doc says the directive can be used multiple times.
So I added :  SSLCertificateFile conf/sub.class2.server.ca.cer

But then Apache does not start:

[Tue Mar 11 23:03:56.812199 2014] [ssl:emerg] [pid 4356:tid 468] 
AH02577: Init: SSLPassPhraseDialog builtin is not supported on Win32 
(key file D:/servers/apacheS/conf/sub.class2.server.ca.cer)
[Tue Mar 11 23:03:56.812199 2014] [ssl:emerg] [pid 4356:tid 468] 
AH02312: Fatal error initialising mod_ssl, exiting.
[Tue Mar 11 23:03:56.812199 2014] [ssl:emerg] [pid 4356:tid 468] 
AH02564: Failed to configure encrypted (?) private key 
www.land10web.com:443:1, check 
D:/servers/apacheS/conf/sub.class2.server.ca.cer
[Tue Mar 11 23:03:56.813199 2014] [ssl:emerg] [pid 4356:tid 468] SSL 
Library Error: error:0D0680A8:asn1 encoding 
routines:ASN1_CHECK_TLEN:wrong tag
[Tue Mar 11 23:03:56.813199 2014] [ssl:emerg] [pid 4356:tid 468] SSL 
Library Error: error:0D08303A:asn1 encoding 
routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Tue Mar 11 23:03:56.813199 2014] [ssl:emerg] [pid 4356:tid 468] SSL 
Library Error: error:0D0680A8:asn1 encoding 
routines:ASN1_CHECK_TLEN:wrong tag
[Tue Mar 11 23:03:56.813199 2014] [ssl:emerg] [pid 4356:tid 468] SSL 
Library Error: error:0D07803A:asn1 encoding 
routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
[Tue Mar 11 23:03:56.813199 2014] [ssl:emerg] [pid 4356:tid 468] SSL 
Library Error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
...

So I leave it now with SSLCACertificateFile 
conf/sub.class2.server.ca.cer , which looks working fine.



On Tuesday 11/03/2014 at 22:53, Falco Schwarz  wrote:
>
>
>
> On 11 Mar 2014, at 22:43, Steffen <info@apachelounge.com> wrote:
>
>>
>>
>> Builds  fine on  VC11 Win32, other flavors I try tomorrow
>>
>> Till now it runs fine, but get the following (run OpenSSL 1.0.1f):
>>
>> AH02559: The SSLCertificateChainFile directive 
>> (D:/servers/apacheS/conf/extra/httpd-ssl.conf:55) is deprecated, 
>> SSLCertificateFile should be used instead
>>
>> In the change log it is mentioned.  By instruction of my certificate 
>> Certification Authority in conf:
>>
>> SSLCertificateChainFile conf/sub.class2.server.ca.cer
>> SSLCACertificateFile conf/ca.cer
>>
>> Changed to:
>> SSLCACertificateFile conf/sub.class2.server.ca.cer
>>
>> and as expected the warning is gone.
>>
>> Not sure if it has any consequences ?
>
> Instead of using SSLCACertificateFile, try using only
> SSLCertificateFile, as described here:
> http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcertificatefile
>>




Mime
View raw message