I had a domain that was transferred to my server, and with it came the key
and crt files from the old server. That particular domain the SSL is
blowing up... More accurately, Apache refuses to start, with the same error
you get, when I try to enable the SSL for that domain...
----- Original Message -----
From: "A. Putnam" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, March 08, 2003 4:48 PM
Subject: Re: private key not found
I'm not too sure what you mean when you ask if the domain was transferred.
What domain? All I know I did was that I generated the key/csr/crts and
self-signed the CA.
On Thursday 06 March 2003 14:03, Justin Williams wrote:
> was the domain moved over to your server, or did you generate key/csr/crt?
>
> I'm having the same difficulty with one where the domain, cert and key
were
> transferred; all my others work properly...
>
> ----- Original Message -----
> From: "A. Putnam" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, March 07, 2003 5:20 PM
> Subject: Re: private key not found
>
>
> The permissions for the server.crt file are rw-r--r-- but it still cannot
> find
> the Private Key.
>
> On Thursday 06 March 2003 13:36, Ron Gedye wrote:
> > Please check the permissions on your private key. They should be
> > readable only by owner (400)
> >
> > (knee-jerk first guess reaction)
> >
> > Best of luck
> >
> > ----- Original Message -----
> > From: "A. Putnam" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Friday, March 07, 2003 3:42 PM
> > Subject: private key not found
> >
> >
> > I'm trying to get mod_ssl to work on my server, but each time I try to
> > restart
> > apache with mod_ssl activated, it gives me this error:
> >
> > /etc/init.d/apache start returned 7 (Program is not running.)
> > Starting httpd [ Mailman PHP4 SSL ]Apache/1.3.26 mod_ssl/2.8.10 (Pass
> > Phrase Dialog)
> > Some of your private key files are encrypted for security reasons.
> > In order to read them you have to provide us with the pass phrases.
> >
> > Server matrix.pelathe.org:443 (RSA)
> > Enter pass phrase:
> > Apache:mod_ssl:Error: Private key not found.
> > **Stopped
> > stty: standard input: Inappropriate ioctl for device
> > ..failed
> >
> > What I don't understand is how it can't find the Private key. The
> > SSLCertificateKeyFile path in httpd.conf matches the location of the key
>
> in
>
> > my directory. Isn't the SSLCertificateKeyFile the Private Key path?
> >
> > I'm including the Virtual Host code (sans the explination text and a
> > passkey).
> > I'm very new to this so I won't be surprised if there is a glaring error
>
> in
>
> > here that I missed...
> >
> > <VirtualHost _default_:443>
> >
> > DocumentRoot "/srv/www/htdocs"
> > ServerName matrix.pelathe.org
> > ServerAdmin [EMAIL PROTECTED]
> > ErrorLog /var/log/httpd/error_log
> > TransferLog /var/log/httpd/access_log
> >
> > SSLEngine on
> >
> > SSLCipherSuite
> > ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> >
> > SSLCertificateFile /etc/httpd/ssl.crt/server.crt
> > #SSLCertificateFile /etc/httpd/ssl.crt/server-dsa.crt
> >
> > SSLCertificateKeyFile /etc/httpd/ssl.key/server.key
> > #SSLCertificateKeyFile /etc/httpd/ssl.key/server-dsa.key
> >
> > SSLCertificateChainFile /etc/httpd/ssl.crt/ca.crt
> >
> > #SSLCACertificatePath /etc/httpd/ssl.crt
> > SSLCACertificateFile /etc/httpd/ssl.crt/ca-bundle.crt
> >
> > SSLCARevocationPath /etc/httpd/ssl.crl
> > #SSLCARevocationFile /etc/httpd/ssl.crl/ca-bundle.crl
> >
> > SSLVerifyClient require
> > SSLVerifyDepth 10
> >
> > #<Location />
> > #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
> > # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
> > # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
> > # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
> > # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
> > # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
> > #</Location>
> >
> > #SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
> > <Files ~ "\.(cgi|shtml|phtml|php3?)$">
> > SSLOptions +StdEnvVars
> > </Files>
> > <Directory "/srv/www/cgi-bin">
> > SSLOptions +StdEnvVars
> > </Directory>
> >
> > SetEnvIf User-Agent ".*MSIE.*" \
> > nokeepalive ssl-unclean-shutdown \
> > downgrade-1.0 force-response-1.0
> >
> > CustomLog /var/log/httpd/ssl_request_log \
> > "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> >
> > </VirtualHost>
> >
> > Any help would be greatly appreciated. I'm using Apache 1.3.26 and
> > Mod_SSL 2.8.10 on a SuSE 8.1 box.
> >
> > Thanks,
> > -Andrew
> > ______________________________________________________________________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
> >
> >
> > ______________________________________________________________________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
--
A. Putnam
Assistant IT Administrator
Pelathe Community Resource Center
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
