On Dec 16, 2019 10:22 PM, Geoff Wing <[email protected]> wrote: > > On Monday 2019-12-16 19:56 -0600, [email protected] output: > :> > Certificate/key created like so: > :> > openssl req -x509 -nodes -days 365 -sha256 -newkey rsa:2048 -keyout > :> > mycert.pem -out mycert.pem > [...] > :> > Is this a problem with my setup? > :> Think it may be an httpd issue. Used the cert/key with postfix and tested > :> with openssl s_client and didn't see any issues. > :Just tried my letsencrypt cert and key with the same results. > > Hi, > I tried this on amd64 -current yesterday with a letsencrypt cert/key and > also with a self-signed cert/key using, e.g. > > /usr/libexec/httpd -df -Z /tmp/test.pem /tmp/testkey.pem /www > > and had no problems. Maybe there was a miscompile or other issue with your > httpd binary (or libs). > > Do you have mozilla-rootcerts installed to test the letsencrypt cert? > > Regards, > Geoff
I wonder if using the ASLR kernel has anything to do with it. Not likely though since it works with postfix. I was trying to rebuild current yesterday but it kept erroring out. Might need to just clear out the src directory and start fresh. Edgar
