No, I wasn't trying to run name-based virtual hosts with SSL.... but rather IP-Based virtual hosts...
One key is from Thawte, the other from Geotrust... As my last post to the list showed, I tried creating and reading a brand new key which again failed. I am trying this using OpenSSL 0.9.6b, modssl 2.8.5, apache 1.3.22.... on FreeBSD 3.4-RELEASE Any further help is greatly appreciated! -Mike PS: As a side note, I received a private mail suggesting I reinstall apache+openssl+modssl+php.... does anyone have a howto that is recent on this? the ones I found weren't all that recent.... Thanks ----- Original Message ----- From: "Owen Boyle" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, December 19, 2001 12:34 AM Subject: Re: loading private key? urgent...please help! > Mike K wrote: > > > > Hi all... > > > > Before upgrading, one of my virtual domains (ip based) had SSL setup and was > > working fine. The second domain did not work. The error was odd according > > to people in IRC support channels, and I was told to upgrade to all of the > > latest versions. > > You weren't trying to run two Name-based Virtual Hosts under SSL by any > chance? If you were, that doesn't work: > http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47 > > > routines:X509_check_private_key:key values mismatch > > routines:ASN1_get_object:header too long > > unable to load key > > This looks like your key files are corrupted. No idea how this could > happen. Did you have commercial certificates or self-signed? If > self-signed, better make new ones with your most recent openssl distro. > > > NamevirtualHost xxx.xxx.xxx.44:443 > > <VirtualHost xxx.xxx.xxx.44:443> > > This won't work - if the second VH tries to use the same IP address > (your post is a bit ambiguous on this point, you did mention "changing > IPs"). > > Assuming you have re-installed apache, mod_ssl and openssl at the latest > versions, you should be able to make certificates that will work. If > not, please post the version numbers you are actually using along with > OS details and confirm/refute the point about NBVHs. > > Rgds, > > Owen Boyle. > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
