httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject Re: [users@httpd] SSL Problem Still not Solved in Apache2-RHEL4
Date Tue, 16 May 2006 03:35:50 GMT
Rex Brooks wrote:
> 
> I have Apache2 in RHEL4, so I am assuming that the SSL Sections you 
> refer to are in ssl.conf which is loaded as a DSO.
> 
> I understand that httpd must be able to read the crt/pem file.
> 
> I did specify a pass phrase when I created the key/crt. However, I do 
> not get a request asking me to supply the pass phrase when I enter: 
> service httpd start. I just get the same FAILED notice with the same 
> error in the error_log.

If it is in fact 'tripping' over the passphrase, and stdin/stdout aren't
providing access to the console from 'service httpd start' in redhat, you
might want to look at the SSLPassphraseDialog applet.  One option is to pass
a pipe:/path/to/binary that can invoke a pipe program which queries all of
the passphrases.

I wrote support/win32/wintty.c to create a console window on the fly for
such a dialog, letting the service speak with the user at the console.
Obviously, it's win32 specific.  But I can't imagine it would be impossible
to create a similar tty piped window applet on Unix, if someone is up to
the challenge.

There are simpler SSLPassphraseDialog alternatives, see...
http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#sslpassphrasedialog
(I just noticed the pipe:/path/to/pipe is undocumented; whoops!)

Bill
Bill

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message