httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gary Smith" <g...@primeexalia.com>
Subject RE: [users@httpd] SSL Testing
Date Thu, 18 Mar 2004 17:20:24 GMT
Does the directory/certificate exist?  If so, does the user apache is running under have read
access to the directory.  I'm not sure if this is the stock httpd startup file but since I
have always compiled my apache I have had to create my own httpd file.  This one created a
default certificate (by calling the generatecrt) if a certificate doesn't already exist ebfore
starting.
 
start() {
        echo -n "Starting httpd: "
        if [ ! -f /usr/local/apache/conf/ssl.crt/server.crt -o \
             ! -s /usr/local/apache/conf/ssl.crt/server.crt -o \
             ! -f /usr/local/apache/conf/ssl.key/server.key -o \
             ! -s /usr/local/apache/conf/ssl.key/server.key ]; then 
                generatecrt
        fi
        daemon ${httpd} -DSSL
        RETVAL=$?
        echo
        [ $RETVAL = 0 ] && touch /var/lock/subsys/httpd
        return $RETVAL
}
 
Hope this helps, 
 
Gary

________________________________

From: Geoff Hartman [mailto:geoff@fivepack.net]
Sent: Thu 3/18/2004 9:19 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] SSL Testing



Gary, here is the error log after an apparent successful install:

[Mon Mar 15 13:53:47 2004] [error] Init: Unable to read server certificate
from file /usr/local/apache/conf/ssl.crt/server.crt
[Mon Mar 15 13:53:47 2004] [error] SSL Library Error: 218529960
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Mar 15 13:53:47 2004] [error] SSL Library Error: 218595386
error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error

Any ideas?

----- Original Message -----
From: "Gary Smith" <gary@primeexalia.com>
To: <users@httpd.apache.org>; <users@httpd.apache.org>
Sent: Thursday, March 18, 2004 9:09 AM
Subject: RE: [users@httpd] SSL Testing


Did you start the server is SSL mode?  I don't know the syntax for Apache
2.0 but in 1.3.x we had to put this in the /etc/init.d/httpd file

      daemon ${httpd} -DSSL

Hope this helps,

Gary Smith

________________________________

From: Harrell, Roger [mailto:rjharrel@bechtel.com]
Sent: Thu 3/18/2004 9:07 AM
To: 'users@httpd.apache.org'
Subject: [users@httpd] SSL Testing



I'm setting up a secure server on a Red Hat 9 box with Apache 2.0. I've
followed the instructions on the Red Hat site for generating a self-signed
cert for testing:
https://www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/s1-secur
eserver-optionalpackages.html

When I try to access the secure server:
https://www.musicwithmeaning.com/index.html

I get a "Page cannot be displayed error"

My ssl error logs show:
[warn] RSA server certificate is a CA certificate (BasicConstraints: CA ==
TRUE !?)

Thoughts/help/direction?

Thanks,
Roger

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message