Ack! Cert has expired so we got a new one from Verisign. I figured I was
just replacing the old one (just did the same, successfully, on another
server elsewhere) but I must have screwed something up because when I
try to start the server up with the new cert i get:
24381:error:0906406D:PEM routines:DEF_CALLBACK:problems getting
password:/usr/local/covalent/src/SSLeay/crypto/pem/pem_lib.c:110:
24381:error:0906A068:PEM routines:PEM_do_header:bad password
read:/usr/local/covalent/src/SSLeay/crypto/pem/pem_lib.c:387:
Now I have picked up this server from another SA that flew the coop(sp)
so I am feeling a bit lost here. I have a directory structure that looks
like this:
/usr/local/ssl
|
|- bin
|- include
|- lib
|- certs
|- private
This is from when openssl was just ssleay. Apparently, certificates are
in the cert subdir and the private subdir _seems_ to be private keys.
And yet, when I look at the old certs in the cert subdir they have both
a "RSA Private key" component and a "Certificate" component. However, I
seem some private keys that start like this:
-----BEGIN RSA PRIVATE KEY-----
and others that begin like this:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,01339285FAE6F39B
What's the diff?
So anyway, I generated a CSR, gave that to the person with the credit
card who purchased the cert. They gave me the cert and at that point I
was unsure of what to do. I'd swear that on that other server all I did
was replaced the "Certificate" portion of the file with the new cert and
now it is working fine. So I did the same here only I get the error
above when I try to start the server.
Any ideas?
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
