isaac_golding Posted November 3, 2003 Report Share Posted November 3, 2003 I recently posted a request for help on apache2 and mod_ssl certs. After a week of the nightmare i remove the apache2 system from my server installed apache1.3 and generated a self signed cert which works great for my site. :P Once this was accomplished I thought I was ready for a CA signed cert and I went through my employer to get one for my server. I generated the required csr, & key forms and I tucked my copy away carefully. Apon recpt of the proper cert I installed it in the proper location (default vitual host in this case) and proceded to observ apache start and then die with no known error messages. http-perl continues to run and will even generate status returns when apachectl status is given at the prompt. The error messages that are showing up in the log files are as follows: [03/Nov/2003 14:55:11 11185] [info] Server: Apache-AdvancedExtranetServer/1.3.28, Interface: mod_ssl/2.8.15, Library: OpenSSL/0.9.7b [03/Nov/2003 14:55:11 11185] [info] Init: 1st startup round (still not detached) [03/Nov/2003 14:55:11 11185] [info] Init: Initializing OpenSSL library [03/Nov/2003 14:55:11 11185] [info] Init: Loading certificate & private key of SSL-aware server www.myhost.com:443 [03/Nov/2003 14:55:11 11185] [error] Init: Unable to read server certificate from file /etc/ssl/apache/server.crt (OpenSSL library error follows) ==> /var/log/httpd/error_log <== [Mon Nov 3 14:55:11 2003] [error] mod_ssl: Init: Unable to read server certificate from file /etc/ssl/apache/server.crt (OpenSSL library error follows) [Mon Nov 3 14:55:11 2003] [error] OpenSSL: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Mon Nov 3 14:55:11 2003] [error] OpenSSL: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error ==> /var/log/httpd/ssl_engine_log <== [03/Nov/2003 14:55:11 11185] [error] OpenSSL: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [03/Nov/2003 14:55:11 11185] [error] OpenSSL: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error At this point after a week of trying to estabish a https enabled web site using mandrake apache packages I'm starting to wonder if it might just be a better idea to remove all traces of apache & mod_ssl from the system and compile everything from source. I've always liked the advx system but this is turning into a nightmare. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.