httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kurt Newman <kurt.new...@cpanel.net>
Subject Re: [users@httpd] 2.4.9 expecting DH PARAMETERS
Date Mon, 14 Apr 2014 22:31:50 GMT
On Thu, 10 Apr 2014 20:34:11 GMT, Jesse Defer wrote:
> When upgrading from 2.4.7 to 2.4.9 we found that the server complained about missing
DH PARAMETERS
> in our certificate and would not start.  Adding dhparams to it fixed it.  After some
troubleshooting
> we found that only systems that did not have SSLCertificateChainFile directives with
the intermediate
> certificate exhibited this problem.  Combining the server and intermediate certificates
into
> the SSLCertificateFile also required adding dhparams.
> 
> Errors:
> 
> [Thu Apr 10 13:03:32.999467 2014] [ssl:emerg] [pid 27709] AH02562: Failed to configure
certificate
> xxx:443:0 (with chain), check /usr/local/apache2/conf/xxx.crt
> [Thu Apr 10 13:03:32.999486 2014] [ssl:emerg] [pid 27709] SSL Library Error: error:0906D06C:PEM
> routines:PEM_read_bio:no start line (Expecting: DH PARAMETERS) -- Bad file contents or
format
> - or even just a forgotten SSLCertificateKeyFile?
> AH00016: Configuration Failed
> 
> OS is RHEL5, using distro provided openssl (0.9.8e).
> 
> Is this a bug or am I doing something wrong?
> 
> Thanks,
> Jesse DeFer


Are you using a self-signed certificate?  I’m seeing the same thing.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message