Success! I finally found out what my problem was. I was using the
example nsd.tcl config file and found the line that was the problem.
Towards the bottom, it checks for the existence of the keyfile and the
certfile, if they exist it sets the following param:
ns_param nsssl ${binddir}/${sslmodu
Send me the cert and key.
/s.
Tony Wells wrote:
> I compiled the latest 0.9.6a OpenSSL and nsopenssl 1.1 and I still
> have a problem loading the certfile.pem. Maybe I should try your test
> suite, or if you'd like to look at the certfile.pem and keyfile.pem I
> can attach them. (They're just
Scott Goodwin wrote:
>
> I have test platform that contains everything necessary to compile and
> configure aolserver, nsopenssl, ssldump in a self-contained area to test
> in. If you can't get it working and you want to try out the test suite,
> I'll let you know how to download.
>
> /s.
>
I comp
Scott Goodwin wrote:
>
> I have test platform that contains everything necessary to compile and
> configure aolserver, nsopenssl, ssldump in a self-contained area to test
> in. If you can't get it working and you want to try out the test suite,
> I'll let you know how to download.
>
> /s.
>
> > Th
I have test platform that contains everything necessary to compile and
configure aolserver, nsopenssl, ssldump in a self-contained area to test
in. If you can't get it working and you want to try out the test suite,
I'll let you know how to download.
/s.
> The keyfile was decrypted before I crea
Scott Goodwin
> > Sent: Mon, 05-14-01 02:40p
> > To: [EMAIL PROTECTED]
> > Subject: Re: [AOLSERVER] nsssl -> openssl ?
> >
> >
> > Make sure your private key is not passphrase-protected; if it is, it'll
> > fail to be loaded by the server. You can use op
The keyfile was decrypted before I created the CSR. The server dies
trying to load the signed (by me) certificate, even though:
openssl x509 -noout -text -in certfile.pem
Reguritates out the cert information O.K. I guess I failed to mention
I'm using nsopenssl 1.1
I must have an older version
Rob Mayoff wrote:
> I believe that if you use Apache/mod_ssl with an encrypted key, the
> server will pause at startup time and prompt you to enter the passphrase
> on the command line.
>
> The problems with this approach should be obvious...
Particularly when it's a remote server. That command
> I've always wondered why servers bother to encrypt the private key. The
> passphrase is right there in the server configuration so why bother?
I believe that if you use Apache/mod_ssl with an encrypted key, the
server will pause at startup time and prompt you to enter the passphrase
on the com
14-01 02:40p
> To: [EMAIL PROTECTED]
> Subject: Re: [AOLSERVER] nsssl -> openssl ?
>
>
> Make sure your private key is not passphrase-protected; if it is, it'll
> fail to be loaded by the server. You can use openssl to take the
> passphrase
> off, but make sure you l
Make sure your private key is not passphrase-protected; if it is, it'll
fail to be loaded by the server. You can use openssl to take the passphrase
off, but make sure you lock up this file so that only the server can read
it (root will also be able to read it, obviously):
openssl rsa -in key1.pe
O.K,
With a little Makefile and source hacking I got nsopenssl.so to
build. (OPENSSL_free isn't in my version of OpenSSL, was it added
later? [tclcmds.c])
Now my problem is that the module fails to load the certfile.pem. I
created my own self-signed certificate using openssl, and from what I
c
> I was wondering if there was anything in the works to port
> nsssl from BSAFE to OpenSSL? It appears that getting
> your hands on BSAFE would be the first problem.
Try nsopenssl at:
http://scottg.net/webtools/opennsd/modules/nsopenssl/
Daniel P. Stasinski
http://www.disabilities-r-us.
13 matches
Mail list logo