httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Abfalterer, Armin" <Armin.Abfalte...@united-security-providers.ch>
Subject [users@httpd] bad record mac error with nCipher nFast
Date Mon, 13 May 2013 07:58:45 GMT
Hi all,

we run a nCipher nFast card under Solaris and we've embedded the private key of our Apache
server on this card. Apache is configured to use the Open SSL "chil" engine and the embedded
key.

When we want to connect to the Apache server we run into a "bad record mac" error.

[Wed May 08 13:59:16 2013] [debug] ssl_engine_kernel.c(1958): OpenSSL: Write: SSLv3 read certificate
verify A #9121(65)
[Wed May 08 13:59:16 2013] [debug] ssl_engine_kernel.c(1977): OpenSSL: Exit: error in SSLv3
read certificate verify A #9121(65)
[Wed May 08 13:59:16 2013] [debug] ssl_engine_kernel.c(1977): OpenSSL: Exit: error in SSLv3
read certificate verify A #9121(65)
[Wed May 08 13:59:16 2013] [info] SSL library error 1 in handshake (server atlas:443) #9121(65)
[Wed May 08 13:59:16 2013] [info] SSL Library Error: 336130329 error:1408F119:SSL routines:SSL3_GET_RECORD:decryption
failed or bad record
mac #9121(65)
[Wed May 08 13:59:16 2013] [debug] ssl_engine_io.c(1007): Connection closed to child 62 with
abortive shutdown (server atlas:443
) #9121(65)

Tests without the card and the original private key do not fail so we can exclude a SSL configuration
problem.

Anyone who can give a hint how to track down the problem on the nCipher card?

Thanks!

Regards, Armin


Mime
View raw message