Certificate not Working - crashing server
Hi All,
Thought I would start a seperate thread on this:
Just upgraded from panther Server to Tiger Server and one site that uses a web Certificate we got from Thawte does not work.
I made sure that the site setting from Server Admin were the same as before for the certificate - specifically the following:
<IfModule mod_ssl.c>
SSLEngine On
SSLLog "/var/log/httpd/sslenginelog"
SSLCertificateChainFile "/etc/httpd/ssl.crt/ca.crtX"
SSLCertificateFile "/etc/httpd/ssl.crt/cert.crt"
SSLCertificateKeyFile "/etc/httpd/ssl.key/server.keyX"
SSLCipherSuite "ALL:!ADH:RC4RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:eNULL"
</IfModule>
The server will not start when using SSL and the Certificate. It will work if I use the Default Certificate but that causes issues when serving - obviously.
Trying to start apache in the terminal ( sudo apachectl start ) procecsses all sites then yields this:
/usr/sbin/apachectl start: httpd could not be started
When I check the log file it shows this - not too sure which fil to look at though :-\ :
[Wed Jun 7 21:31:12 2006] [error] mod_ssl: Init: Pass phrase incorrect (OpenSSL library error follows)
[Wed Jun 7 21:31:12 2006] [error] OpenSSL: error:0D094068:asn1 encoding routines:d2iASN1SET:bad tag
[Wed Jun 7 21:31:12 2006] [error] OpenSSL: error:0D0680A8:asn1 encoding routines:ASN1CHECKTLEN:wrong tag
[Wed Jun 7 21:31:12 2006] [error] OpenSSL: error:0D07803A:asn1 encoding routines:ASN1ITEM_EXD2I:nested asn1 error
[Wed Jun 7 21:31:12 2006] [error] OpenSSL: error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
[Wed Jun 7 21:36:03 2006] [error] mod_ssl: Init: Pass phrase incorrect (OpenSSL library error follows)
[Wed Jun 7 21:36:03 2006] [error] OpenSSL: error:0D094068:asn1 encoding routines:d2iASN1SET:bad tag
[Wed Jun 7 21:36:03 2006] [error] OpenSSL: error:0D0680A8:asn1 encoding routines:ASN1CHECKTLEN:wrong tag
[Wed Jun 7 21:36:03 2006] [error] OpenSSL: error:0D07803A:asn1 encoding routines:ASN1ITEM_EXD2I:nested asn1 error
[Wed Jun 7 21:36:03 2006] [error] OpenSSL: error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
[Wed Jun 7 21:46:15 2006] [error] mod_ssl: Init: Pass phrase incorrect (OpenSSL library error follows)
[Wed Jun 7 21:46:15 2006] [error] OpenSSL: error:0D094068:asn1 encoding routines:d2iASN1SET:bad tag
[Wed Jun 7 21:46:15 2006] [error] OpenSSL: error:0D0680A8:asn1 encoding routines:ASN1CHECKTLEN:wrong tag
[Wed Jun 7 21:46:15 2006] [error] OpenSSL: error:0D07803A:asn1 encoding routines:ASN1ITEM_EXD2I:nested asn1 error
[Wed Jun 7 21:46:15 2006] [error] OpenSSL: error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
or this:
[Wed Jun 7 21:28:26 2006] [notice] caught SIGTERM, shutting down
doing apachecctl configtest in the terminal yields this:
Processing config directory: /etc/httpd/sites/*.conf
Processing config file: /etc/httpd/sites/0000any_80.conf
Syntax error on line 13 of /etc/httpd/sites/0000any_80.conf:
SSLCertificateChainFile: file '/etc/httpd/ssl.crt/ca.crt1any80default' not exists or empty
I don't kno wwhat else to try or what else to check. Please help... any and all help appreciated.
TIA - Vijay
G4 733 Mac OS X (10.4.6)
Thought I would start a seperate thread on this:
Just upgraded from panther Server to Tiger Server and one site that uses a web Certificate we got from Thawte does not work.
I made sure that the site setting from Server Admin were the same as before for the certificate - specifically the following:
<IfModule mod_ssl.c>
SSLEngine On
SSLLog "/var/log/httpd/sslenginelog"
SSLCertificateChainFile "/etc/httpd/ssl.crt/ca.crtX"
SSLCertificateFile "/etc/httpd/ssl.crt/cert.crt"
SSLCertificateKeyFile "/etc/httpd/ssl.key/server.keyX"
SSLCipherSuite "ALL:!ADH:RC4RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:eNULL"
</IfModule>
The server will not start when using SSL and the Certificate. It will work if I use the Default Certificate but that causes issues when serving - obviously.
Trying to start apache in the terminal ( sudo apachectl start ) procecsses all sites then yields this:
/usr/sbin/apachectl start: httpd could not be started
When I check the log file it shows this - not too sure which fil to look at though :-\ :
[Wed Jun 7 21:31:12 2006] [error] mod_ssl: Init: Pass phrase incorrect (OpenSSL library error follows)
[Wed Jun 7 21:31:12 2006] [error] OpenSSL: error:0D094068:asn1 encoding routines:d2iASN1SET:bad tag
[Wed Jun 7 21:31:12 2006] [error] OpenSSL: error:0D0680A8:asn1 encoding routines:ASN1CHECKTLEN:wrong tag
[Wed Jun 7 21:31:12 2006] [error] OpenSSL: error:0D07803A:asn1 encoding routines:ASN1ITEM_EXD2I:nested asn1 error
[Wed Jun 7 21:31:12 2006] [error] OpenSSL: error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
[Wed Jun 7 21:36:03 2006] [error] mod_ssl: Init: Pass phrase incorrect (OpenSSL library error follows)
[Wed Jun 7 21:36:03 2006] [error] OpenSSL: error:0D094068:asn1 encoding routines:d2iASN1SET:bad tag
[Wed Jun 7 21:36:03 2006] [error] OpenSSL: error:0D0680A8:asn1 encoding routines:ASN1CHECKTLEN:wrong tag
[Wed Jun 7 21:36:03 2006] [error] OpenSSL: error:0D07803A:asn1 encoding routines:ASN1ITEM_EXD2I:nested asn1 error
[Wed Jun 7 21:36:03 2006] [error] OpenSSL: error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
[Wed Jun 7 21:46:15 2006] [error] mod_ssl: Init: Pass phrase incorrect (OpenSSL library error follows)
[Wed Jun 7 21:46:15 2006] [error] OpenSSL: error:0D094068:asn1 encoding routines:d2iASN1SET:bad tag
[Wed Jun 7 21:46:15 2006] [error] OpenSSL: error:0D0680A8:asn1 encoding routines:ASN1CHECKTLEN:wrong tag
[Wed Jun 7 21:46:15 2006] [error] OpenSSL: error:0D07803A:asn1 encoding routines:ASN1ITEM_EXD2I:nested asn1 error
[Wed Jun 7 21:46:15 2006] [error] OpenSSL: error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
or this:
[Wed Jun 7 21:28:26 2006] [notice] caught SIGTERM, shutting down
doing apachecctl configtest in the terminal yields this:
Processing config directory: /etc/httpd/sites/*.conf
Processing config file: /etc/httpd/sites/0000any_80.conf
Syntax error on line 13 of /etc/httpd/sites/0000any_80.conf:
SSLCertificateChainFile: file '/etc/httpd/ssl.crt/ca.crt1any80default' not exists or empty
I don't kno wwhat else to try or what else to check. Please help... any and all help appreciated.
TIA - Vijay
G4 733 Mac OS X (10.4.6)