RE: Error message help
At 06:02 PM 7/31/2002 +0200, you wrote: >See comments, Ditto, >Rgds, > >Owen Boyle > > >-Original Message- > >From: Matt Nelson [mailto:[EMAIL PROTECTED]] > >Sent: Mittwoch, 31. Juli 2002 17:01 > >To: [EMAIL PROTECTED] > >Subject: RE: Error message help > > > > > >Well I may have figured this out, https is now running, cert > >was in the wrong place, > >..or your SSLCertificateFile directive was pointing to the wrong place :-) Yup, but dang I was confused on where it went. Everything I've read said put it somewhere different. Error logs are you friends. > > ...but https returns the default web page for the apache > >installation, instead of the real site, which does come up with just > >http. I think I can figure that out, but if anyone has pointer > >thanks, and thanks for suffering my dumb questions. > >Check out your DocumentRoot directive in the SSL virtual host - there >should only be one. If there is more than one, apache will use the last >one... It is this directive which tells apache where to fetch the content. Yeah I found that right after I wrote that. > > > >-- > >Matt > > > > > >At 09:36 AM 7/31/2002 -0500, you wrote: > >>At 03:56 PM 7/31/2002 +0200, you wrote: > >>> >From: Matt Nelson [mailto:[EMAIL PROTECTED]] > >>> > > >>> >Now, the error I'm getting now that I can't seem to find any > >>> >help on, in > >>> >the error_log is: > >>> > > >>> >OpenSSL: error:0D06B078:asn1 encoding > >routines:ASN1_get_object:header > >>> too long > >>> > > >>> > >>>Unusual.. Do you see anything in the browser? Also: > >>> > >>>- What versions of apache, mod_ssl, openssl? > >> > >> > >>Apache 1.3.22 > >>OpenSSL 0.9.6 > >>mod_ssl 1.4 > >Um... If I were you, I'd get apache 1.3.26, OpenSSL 0.9.6e and mod_ssl >2.8.10. That's teh latest mix, also pay attention to the security advisory >that was posted to the list today. I'll do that. > >> > >>>- Static or DSO? > >When you compiled apache, did you statically compile in mod_ssl (i.e. >--enable-module=ssl) so that the mod_ssl binary gets munged in with the >apache binary to produce a big binary *or* did you compile mod_ssl as a >shared object which would be loaded dynamically at runtime (DSO = Dynamic >Shared Object), i.e. --enable-shared=ssl? Usually, it doesn't make much >difference when they're working, but since yours was not working, I >thought I'd ask. I didn't compile, I used everything stock from the Caldera 3.11 server install. A bad idea now I know, if I'd done it on my own or recompiled, I'd know which it was, among other things. > >> > >> > >>I'll be honest and say I don't quite understand that > >question. I'm way > >>more new at this what I wished. I could probably answer that > >question, if > >>asked in different terms. > >> > >>>- What browser? > >> > >>IE, Mozilla, you name it. > >Just in case it was a funny browser - SSL is as much to do with the client >as it is to do with the server so it is essential to verify any problems >with several browsers. But you've already done that. Yeah... See I do try, I hate being a clueless newbie, or at least acting like one. I always try to cover the bases myself, so I don't get RTFM responses. I'm sure I'll have some other questions, though, and soon. Thanks much -- Matt __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Error message help
See comments, Rgds, Owen Boyle >-Original Message- >From: Matt Nelson [mailto:[EMAIL PROTECTED]] >Sent: Mittwoch, 31. Juli 2002 17:01 >To: [EMAIL PROTECTED] >Subject: RE: Error message help > > >Well I may have figured this out, https is now running, cert >was in the wrong place, ..or your SSLCertificateFile directive was pointing to the wrong place :-) > ...but https returns the default web page for the apache >installation, instead of the real site, which does come up with just >http. I think I can figure that out, but if anyone has pointer >thanks, and thanks for suffering my dumb questions. Check out your DocumentRoot directive in the SSL virtual host - there should only be one. If there is more than one, apache will use the last one... It is this directive which tells apache where to fetch the content. > >-- >Matt > > >At 09:36 AM 7/31/2002 -0500, you wrote: >>At 03:56 PM 7/31/2002 +0200, you wrote: >>> >From: Matt Nelson [mailto:[EMAIL PROTECTED]] >>> > >>> >Now, the error I'm getting now that I can't seem to find any >>> >help on, in >>> >the error_log is: >>> > >>> >OpenSSL: error:0D06B078:asn1 encoding >routines:ASN1_get_object:header >>> too long >>> > >>> >>>Unusual.. Do you see anything in the browser? Also: >>> >>>- What versions of apache, mod_ssl, openssl? >> >> >>Apache 1.3.22 >>OpenSSL 0.9.6 >>mod_ssl 1.4 Um... If I were you, I'd get apache 1.3.26, OpenSSL 0.9.6e and mod_ssl 2.8.10. That's teh latest mix, also pay attention to the security advisory that was posted to the list today. >> >>>- Static or DSO? When you compiled apache, did you statically compile in mod_ssl (i.e. --enable-module=ssl) so that the mod_ssl binary gets munged in with the apache binary to produce a big binary *or* did you compile mod_ssl as a shared object which would be loaded dynamically at runtime (DSO = Dynamic Shared Object), i.e. --enable-shared=ssl? Usually, it doesn't make much difference when they're working, but since yours was not working, I thought I'd ask. >> >> >>I'll be honest and say I don't quite understand that >question. I'm way >>more new at this what I wished. I could probably answer that >question, if >>asked in different terms. >> >>>- What browser? >> >>IE, Mozilla, you name it. Just in case it was a funny browser - SSL is as much to do with the client as it is to do with the server so it is essential to verify any problems with several browsers. But you've already done that. >> >>>Rgds, >>>owen Boyle >>>_ >_ >>>Apache Interface to OpenSSL (mod_ssl) www.modssl.org >>User Support Mailing List [EMAIL PROTECTED] >>Automated List Manager[EMAIL PROTECTED] > >__ >Apache Interface to OpenSSL (mod_ssl) www.modssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Error message help
Well I may have figured this out, https is now running, cert was in the wrong place, but https returns the default web page for the apache installation, instead of the real site, which does come up with just http. I think I can figure that out, but if anyone has pointer thanks, and thanks for suffering my dumb questions. -- Matt At 09:36 AM 7/31/2002 -0500, you wrote: >At 03:56 PM 7/31/2002 +0200, you wrote: >> >From: Matt Nelson [mailto:[EMAIL PROTECTED]] >> > >> >Now, the error I'm getting now that I can't seem to find any >> >help on, in >> >the error_log is: >> > >> >OpenSSL: error:0D06B078:asn1 encoding routines:ASN1_get_object:header >> too long >> > >> >>Unusual.. Do you see anything in the browser? Also: >> >>- What versions of apache, mod_ssl, openssl? > > >Apache 1.3.22 >OpenSSL 0.9.6 >mod_ssl 1.4 > > > >>- Static or DSO? > > >I'll be honest and say I don't quite understand that question. I'm way >more new at this what I wished. I could probably answer that question, if >asked in different terms. > >>- What browser? > >IE, Mozilla, you name it. > >>Rgds, >>owen Boyle >>__ >>Apache Interface to OpenSSL (mod_ssl) www.modssl.org >>User Support Mailing List [EMAIL PROTECTED] >>Automated List Manager[EMAIL PROTECTED] > >__ >Apache Interface to OpenSSL (mod_ssl) www.modssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Error message help
At 03:56 PM 7/31/2002 +0200, you wrote: > >From: Matt Nelson [mailto:[EMAIL PROTECTED]] > > > >Now, the error I'm getting now that I can't seem to find any > >help on, in > >the error_log is: > > > >OpenSSL: error:0D06B078:asn1 encoding routines:ASN1_get_object:header > too long > > > >Unusual.. Do you see anything in the browser? Also: > >- What versions of apache, mod_ssl, openssl? Apache 1.3.22 OpenSSL 0.9.6 mod_ssl 1.4 >- Static or DSO? I'll be honest and say I don't quite understand that question. I'm way more new at this what I wished. I could probably answer that question, if asked in different terms. >- What browser? IE, Mozilla, you name it. >Rgds, >owen Boyle >__ >Apache Interface to OpenSSL (mod_ssl) www.modssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Error message help
>From: Matt Nelson [mailto:[EMAIL PROTECTED]] > >Now, the error I'm getting now that I can't seem to find any >help on, in >the error_log is: > >OpenSSL: error:0D06B078:asn1 encoding routines:ASN1_get_object:header too long > Unusual.. Do you see anything in the browser? Also: - What versions of apache, mod_ssl, openssl? - Static or DSO? - What browser? Rgds, owen Boyle __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]