Please check the permissions on your private key. They should be readable
only by owner (400)
(knee-jerk first guess reaction)
Best of luck
----- Original Message -----
From: "A. Putnam" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, March 07, 2003 3:42 PM
Subject: private key not found
I'm trying to get mod_ssl to work on my server, but each time I try to
restart
apache with mod_ssl activated, it gives me this error:
/etc/init.d/apache start returned 7 (Program is not running.)
Starting httpd [ Mailman PHP4 SSL ]Apache/1.3.26 mod_ssl/2.8.10 (Pass Phrase
Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide us with the pass phrases.
Server matrix.pelathe.org:443 (RSA)
Enter pass phrase:
Apache:mod_ssl:Error: Private key not found.
**Stopped
stty: standard input: Inappropriate ioctl for device
..failed
What I don't understand is how it can't find the Private key. The
SSLCertificateKeyFile path in httpd.conf matches the location of the key in
my directory. Isn't the SSLCertificateKeyFile the Private Key path?
I'm including the Virtual Host code (sans the explination text and a
passkey).
I'm very new to this so I won't be surprised if there is a glaring error in
here that I missed...
<VirtualHost _default_:443>
DocumentRoot "/srv/www/htdocs"
ServerName matrix.pelathe.org
ServerAdmin [EMAIL PROTECTED]
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/ssl.crt/server.crt
#SSLCertificateFile /etc/httpd/ssl.crt/server-dsa.crt
SSLCertificateKeyFile /etc/httpd/ssl.key/server.key
#SSLCertificateKeyFile /etc/httpd/ssl.key/server-dsa.key
SSLCertificateChainFile /etc/httpd/ssl.crt/ca.crt
#SSLCACertificatePath /etc/httpd/ssl.crt
SSLCACertificateFile /etc/httpd/ssl.crt/ca-bundle.crt
SSLCARevocationPath /etc/httpd/ssl.crl
#SSLCARevocationFile /etc/httpd/ssl.crl/ca-bundle.crl
SSLVerifyClient require
SSLVerifyDepth 10
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/srv/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /var/log/httpd/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Any help would be greatly appreciated. I'm using Apache 1.3.26 and Mod_SSL
2.8.10 on a SuSE 8.1 box.
Thanks,
-Andrew
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
