Hi all...
Before upgrading, one of my virtual domains (ip based) had SSL setup and was
working fine. The second domain did not work. The error was odd according
to people in IRC support channels, and I was told to upgrade to all of the
latest versions.
I did that.
Now when I try to run startssl, I get errors on BOTH virtual domains.
The domain that had once worked produces these errors:
[Mon Dec 17 16:41:46 2001] [error] mod_ssl: Init: (xxxxxxxxxxxx.com:443)
Unable to configure RSA server private key (OpenSSL library error follows)
[Mon Dec 17 16:41:46 2001] [error] OpenSSL: error:0B080074:x509 certificate
routines:X509_check_private_key:key values mismatch
The domain2, that I couldn't get to work before the upgrade, produces these
errors:
[Mon Dec 17 16:45:43 2001] [error] mod_ssl: Init: Private key not found
(OpenSSL library error follows)
[Mon Dec 17 16:45:43 2001] [error] OpenSSL: error:0D06B078:asn1 encoding
routines:ASN1_get_object:header too long
-----------------
For domain1, I tried to check the md5's of each of the key and crt...
The md5 for the crt shows up fine. When I try to get the md5 for the .key,
I get this error:
# openssl rsa -noout -modulus -in server.key | openssl md5
read RSA key
unable to load key
d41d8cd98f00b204e9800998ecf8427e
I get this same "unable to load key" error for any key I try to get the md5
checksum for....
Any help in getting both of my virtual domain's (the two that need SSL)
working is greatly appreciated.
Thanks.
-Mike
PS: Here is the Virtual Server entry from httpd.conf for domain2... domain1
has the exact same (but updated ip and paths)
NamevirtualHost xxx.xxx.xxx.44:443
<VirtualHost xxx.xxx.xxx.44:443>
SSLEngine On
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateKeyFile /www/conf/ssl.key/domain2_server.key
SSLCertificateFile /www/conf/ssl.crt/domain2.com.crt
DocumentRoot /home/hosting/domain2.com/public_html
ServerName domain2.com
CustomLog /www/logs/domain2.com combined
ErrorLog /www/logs/domain2_error_log
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
<Directory "/home/hosting/domain2.com/public_html/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
<Files ~ "\.(cgi|shtml|phtml|php3?|php|inc)$">
SSLOptions +StdEnvVars
</Files>
</VirtualHost>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
