Re: ASN1 : "Bad tag" Error with my own generated certificate

Tue, 7 Mar 2000 08:58:52 -0800 

Hi,

And thank you for your help, but i've check my Apache configuration and it's
ok.
I discovered that using a decrypted PEM version of my RSA key solve the
problem...
But don't satisfy me for security reasons   :-(
I suppose that the problem come at the first read of the certificate or key.
Here are more infos :

-Certificate generation:

    openssl genrsa -des3 -out server.key 1024
    openssl req -new -key server.key -out server.csr
    ./sign.sh server.csr (with modified sign.sh and my own CA)

    NB: The personnal certificate (to import in browsers) that i've
generated with this
    CA are all working in IE5 and NS4+fortify and i've build an SSLv3 canal
with 128bits
    RC4-MD5 cipher between client and Apache started with PEM key.

-Apache config :

    AddType application/x-x509-ca-cert .crt
    AddType application/x-pkcs7-crl    .crl
    .....
    SSLPassPhraseDialog  builtin
    SSLSessionCache         dbm:/var/log/ssl_scache
    SSLSessionCacheTimeout  300
    SSLMutex  file:/var/log/ssl_mutex
    SSLLog      /var/log/ssl_engine_log
    SSLLogLevel info
    .....
    <VirtualHost _default_:443>
        SSLEngine on
        SSLCACertificateFile  /etc/httpd/ssl.crt/ca.crt
        SSLCACertificatePath  /etc/httpd/ssl.crt/
        SSLCertificateFile    /etc/httpd/ssl.crt/server.crt
        SSLCertificateKeyFile /etc/httpd/ssl.key/server.key
        #SSLCipherSuite +MEDIUM
        #SSLRequireSSL
        SSLVerifyClient require
        SSLVerifyDepth 1
        SSLOptions +StdEnvVars
        DocumentRoot /...
        ServerName www2.mba-france.com
        ServerAdmin [EMAIL PROTECTED]
        ErrorLog /var/log/...
        CustomLog /var/log/...
    </VirtualHost>

- Logs ( /var/log/ssl_engibe_log ):

    Server: Apache/1.3.12, Interface: mod_ssl/2.6.1, Library: OpenSSL/0.9.5
    Init: 1st startup round (still not detached)
    Init: Initializing OpenSSL library
    Init: Loading certificate & private key of SSL-aware server
www2.mba-france.com:443
    Init: Requesting pass phrase via builtin terminal dialog
    Init: Private key not found (OpenSSL library error follows)
    OpenSSL: error:0D084069:asn1 encoding routines:d2i_ASN1_SET:bad tag
    OpenSSL: error:0D09D082:asn1 encoding routines:d2i_RSAPrivateKey:parsing
    OpenSSL: error:0D09B00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib

??? what mean this "bad tag" Error ???

Say me if you want more infos (Dummy Certificate files, prog versions...).

Thank a lot.

Olivier



______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to