Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 91358 invoked from network); 16 May 2006 03:36:22 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 16 May 2006 03:36:22 -0000 Received: (qmail 46140 invoked by uid 500); 16 May 2006 03:36:12 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 46123 invoked by uid 500); 16 May 2006 03:36:12 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 46110 invoked by uid 99); 16 May 2006 03:36:12 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 15 May 2006 20:36:12 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [207.155.252.12] (HELO sheffield.cnchost.com) (207.155.252.12) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 15 May 2006 20:36:11 -0700 Received: from [192.168.0.21] (c-24-15-193-17.hsd1.il.comcast.net [24.15.193.17]) by sheffield.cnchost.com (ConcentricHost(2.54) Relay) with ESMTP id D0B483793 for ; Mon, 15 May 2006 23:35:50 -0400 (EDT) Message-ID: <44694896.5000209@rowe-clan.net> Date: Mon, 15 May 2006 22:35:50 -0500 From: "William A. Rowe, Jr." User-Agent: Mozilla Thunderbird 1.0.8-1.1.fc4 (X11/20060501) X-Accept-Language: en-us, en MIME-Version: 1.0 To: users@httpd.apache.org References: <29a3dcb10605151002x47756c2ej570a8d4f02240425@mail.gmail.com> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Subject: Re: [users@httpd] SSL Problem Still not Solved in Apache2-RHEL4 X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Rex Brooks wrote: > > I have Apache2 in RHEL4, so I am assuming that the SSL Sections you > refer to are in ssl.conf which is loaded as a DSO. > > I understand that httpd must be able to read the crt/pem file. > > I did specify a pass phrase when I created the key/crt. However, I do > not get a request asking me to supply the pass phrase when I enter: > service httpd start. I just get the same FAILED notice with the same > error in the error_log. If it is in fact 'tripping' over the passphrase, and stdin/stdout aren't providing access to the console from 'service httpd start' in redhat, you might want to look at the SSLPassphraseDialog applet. One option is to pass a pipe:/path/to/binary that can invoke a pipe program which queries all of the passphrases. I wrote support/win32/wintty.c to create a console window on the fly for such a dialog, letting the service speak with the user at the console. Obviously, it's win32 specific. But I can't imagine it would be impossible to create a similar tty piped window applet on Unix, if someone is up to the challenge. There are simpler SSLPassphraseDialog alternatives, see... http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#sslpassphrasedialog (I just noticed the pipe:/path/to/pipe is undocumented; whoops!) Bill Bill --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org