httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Darryl Cook <...@cs.appstate.edu>
Subject Re: [users@httpd] Problem Starting Apache with SSL
Date Mon, 09 Feb 2004 19:53:25 GMT
Create a certificate for it:

openssl x509 -in server.csr -out server.crt -req -signkey server.key 
-days 365

take a look at http://www.devside.net/web/server/linux/apache-ssl-zlib  
document which is pretty good.

darryl

Kaplan, Andrew H. wrote:

>Owen --
>
>I've made some progress -- The server does come up now. This is after I
>recreated
>the the server.csr, .key and .crt files along with the ca.key .crt files.
>However
>when I try to access the server from a client, the following error message
>occurs:
>
>Could not establish an encrypted connection because certificate presented by 
><servername> is invalid or corrupted. Error Code: -8182.
>
>What next?
>
>-----Original Message-----
>From: Boyle Owen [mailto:Owen.Boyle@swx.com]
>Sent: Monday, February 09, 2004 8:16 AM
>To: Kaplan, Andrew H.
>Subject: FW: [users@httpd] Problem Starting Apache with SSL
>
>
>
>
>-----Original Message-----
>From: Boyle Owen 
>Sent: Montag, 9. Februar 2004 14:16
>To: 'users@httpd.apache.org'
>Subject: RE: [users@httpd] Problem Starting Apache with SSL
>
>
>Didn't you get this earlier response?
>
>
>  
>
>>-----Original Message-----
>>From: Boyle Owen 
>>Sent: Montag, 9. Februar 2004 10:26
>>To: 'users@httpd.apache.org'
>>Subject: RE: [users@httpd] Problem Starting Apache with SSL
>>
>>
>>    
>>
>>>-----Original Message-----
>>>From: Kaplan, Andrew H. [mailto:AHKAPLAN@PARTNERS.ORG]
>>>
>>>I had temporarily brought down our Apache server (1.3.29) 
>>>(mod_ssl 2.18.16) to
>>>reconfigure the httpd.conf file with some additional aliases.
>>>When I went to restart the server, it was unable to do do. I 
>>>checked the
>>>eror_log file, and came across the following messages:
>>>
>>>mod_ssl: Init: (servername:443) Unable to configure RSA 
>>>server private key
>>>(OpenSSL library error follows)
>>>OpenSSL: error:0B080074:x509 certificate 
>>>routines:X509_check_private_key:key
>>>values mismatch
>>>      
>>>
>>You must have changed something with the certificates... Make 
>>sure the SSLKeyCertificateFile and SSLCertificateFile are the 
>>private and public keys of the same cert.
>>
>>BTW, you usually need a full stop/start to reload certs - 
>>restart or graceful is insufficient.
>>
>>Rgds,
>>Owen Boyle
>>Disclaimer: Any disclaimer attached to this message may be ignored. 
>>
>>    
>>
>>>What do I need to do to correct this problem and get the 
>>>server back up and
>>>running?
>>>
>>>
>>>      
>>>
>>---------------------------------------------------------------------
>>    
>>
>>>The official User-To-User support forum of the Apache HTTP 
>>>Server Project.
>>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>>      
>>>
>>Diese E-mail ist eine private und persönliche Kommunikation. 
>>Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der 
>>SWX Gruppe. This e-mail is of a private and personal nature. 
>>It is not related to the exchange or business activities of 
>>the SWX Group. Le présent e-mail est un message privé et 
>>personnel, sans rapport avec l'activité boursière du Groupe SWX.
>>
>>    
>>
>
>This message is for the named person's use only. It may contain
>confidential, proprietary or legally privileged information. No
>confidentiality or privilege is waived or lost by any mistransmission.
>If you receive this message in error, please notify the sender urgently
>and then immediately delete the message and any copies of it from your
>system. Please also immediately destroy any hardcopies of the message.
>You must not, directly or indirectly, use, disclose, distribute, print,
>or copy any part of this message if you are not the intended recipient.
>The sender's company reserves the right to monitor all e-mail
>communications through their networks. Any views expressed in this
>message are those of the individual sender, except where the message
>states otherwise and the sender is authorised to state them to be the
>views of the sender's company. 
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
>  
>

Mime
View raw message