httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rex Brooks <r...@starbourne.com>
Subject [users@httpd] Correction & Question: SSLCertificateFile: RedHat (RHEL4) apache startup failure: ebxml-registry-repository on tomcat on port 6480, with Mambo LAMP Portal on port 8080: Despite Self-Signed Cert: [error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile]
Date Tue, 09 May 2006 00:17:07 GMT
Please see my previous post for details.

I said that mod_ssl was not installed, but a double check showed that it is.

My question is only about filenames for SSLCertificateFile and/or 
SSLCertificateKeyFile.

ApacheSSL Documentation says at 
http://www.apache-ssl.org/docs.html#SSLCertificateFile:

This is your PEM-encoded server certificate (strictly, it is what 
SSLeay calls PEM, which isn't really).

Example:

SSLCertificateFile /usr/local/apache/certs/my.server.pem

What the process described in RedHat Sys. Admin. Guide Ch. 26.6-26.8 
produces in the file ssl.conf located in /etc/httpd/conf.d/ used to 
configure SSL support is:

SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt

and

SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key

There is a file named server.crt in the specified location, and an 
server.key file in its corresponding location. Could this lack of a 
PEM-encoded server certificate, however it is produced, the root 
cause of httpd start failure?

I have downloaded and installed openssl-0.9.8b and I have also now 
generated a privkey.pem and a cacert.pem and I have put them in the 
same directories as the ssl.conf file specified, and edited that file 
to reflect that, rebooted and httpd still fails to start.


Regards,
Rex Brooks


-- 
Rex Brooks
President, CEO
Starbourne Communications Design
GeoAddress: 1361-A Addison
Berkeley, CA 94702
Tel: 510-849-2309

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message