hi all,
i'm trying to launch an apache ssl server (thanks to "httpd start")
with the pretty well known "ssl.crt/server.crt" file, the server starts with no
problem, so far so good
i've made my own ca, then used this ca to sign a certificate request, giving me
a new certificate file (i use the appropriate key as well)
when i try to launch the server with the new certificate and key files it justs
say nothing, but doesn't start, and the SSLLog file is created but still 0 sized
so i don't know what i'm doing wrong
my httpd.conf file contains
****************
SSLEngine on
SSLLog /var/log/httpd/ssl_engine.log
SSLLogLevel warn
SSLCertificateFile /path/to/newserver.crt
SSLCertificateKeyFile /path/to/newserver.key
****************
infos in my newserver.crt file are :
****************
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73 (0x49)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=FR, ST=root, L=root, O=root, OU=root,
[EMAIL PROTECTED]
Validity
Not Before: Feb 27 07:20:36 2002 GMT
Not After : Oct 19 07:20:36 2026 GMT
Subject: C=FR, ST=state, L=local, O=orga, OU=unit,
[EMAIL PROTECTED]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:b7:19:bc:a4:1d:41:9f:a1:4d:95:d8:f3:3a:11:
9d:c7:4d:81:29:36:1b:04:a4:f7:2d:c1:6b:ef:14:
2d:f4:81:54:7b:1d:91:04:ee:16:5e:1c:3c:1f:d1:
77:20:9d:41:f9:9e:ed:40:a1:df:11:69:35:e3:ad:
05:c7:28:3c:18:6b:2d:3a:1d:e0:36:8f:4d:a5:c4:
a6:be:77:25:df:75:fc:45:79:c2:6d:d7:e0:5b:5b:
65:17:3b:50:53:7d:c7:fc:e7:87:20:14:d2:27:93:
72:14:7e:82:d9:dc:b8:d6:87:b2:df:38:41:c8:74:
e2:43:26:09:ca:d5:ca:3b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Alternative Name:
email:[EMAIL PROTECTED]
Netscape Comment:
Comment
Netscape Cert Type:
SSL Server
Signature Algorithm: md5WithRSAEncryption
69:f5:08:f1:bc:7c:d7:28:7a:bf:a7:2b:ca:56:d5:42:a9:3b:
e4:53:b3:50:61:8b:c9:b1:93:a4:17:b1:6c:bf:73:60:db:eb:
c4:f7:ec:5a:c5:b3:3c:6b:69:63:08:f7:04:f3:2f:4d:b1:91:
02:dd:93:b1:8f:fc:77:fb:ce:cc:d8:15:26:89:fb:12:0c:fe:
98:be:25:53:e0:f4:b0:12:82:2e:86:4f:86:82:a6:8f:c5:36:
4b:e9:77:69:ea:e5:17:10:50:5a:f3:d3:15:72:03:e6:de:c9:
47:b8:d7:e6:84:f6:e5:4a:c5:2b:46:9f:3e:33:da:a3:c5:04:
90:32
Certificate purposes:
SSL client : No
SSL client CA : No
SSL server : Yes
SSL server CA : No
Netscape SSL server : Yes
Netscape SSL server CA : No
S/MIME signing : No
S/MIME signing CA : No
S/MIME encryption : No
S/MIME encryption CA : No
CRL signing : Yes
CRL signing CA : No
****************
please tell me if something in the DN of the issuer or the subject, or in the
purposes of this certificate makes that it has no chance to be accepted by
apache
many thanks
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
