Kirk Benson wrote:
>
> After several hours of experimentation, I discover the following problem-
> when I use the encrypted server key file and enter the passphrase in the
> Apache startup console window, Apache does not respond to ANY requests at
> all (HTTP or HTTPS). However, when I create an
I'm trying to get mod-ssl working on Redhat Linux box.
I've looked through the docs and in trying to use
the test statement as directed:
[root conf]# /usr/sbin/openssl s_client -connect localhost:443 -state -debug
I get this error:
SSL_connect:SSLv2/v3 write client hello A
read from 10131B
Short form: You can't. (This is why the PEM pass phrase is so important
-- people who steal your ca.key won't be able to impersonate you.)
---
Mat Butler, Winged Wolf <[EMAIL PROTECTED]>
SPASTIC Web Engineer SPASTIC Server Administrator
Begin FurryCode
Yeak Nai Siew wrote:
> Hi all,
>
> After playing around with openssl, I wrote some scripts to make creating and
> issuing certificate for root, server and users an easy task. Well, just some raw
> scripts in command line. (opps... I didn't know there is a ssl_helper.tar.gz
> exist. This one I did
Thanks to Mads' suggestion and following the FAQ, I prepared a CSR and
submitted it to freecerts.entrust.com. I obtained the signed crt file as
well as the CA crt. I imported the CA crt file into my browser as a trusted
root. Finally, I installed the server crt into my OpenSA Apache config.
Af
On Wed, Apr 26, 2000 at 08:39:35PM +0800, Benjamin de los Angeles Jr. wrote:
>
> Hi,
>
> How can I change or recover my PEM pass phrase without changing the
> ca.key? I stupidly forgot my password. I want to use the same ca.key
> for signing again.
>
> Thanks.
Either you remember the passwor
Hi,
How can I change or recover my PEM pass phrase without changing the
ca.key? I stupidly forgot my password. I want to use the same ca.key
for signing again.
Thanks.
__
Apache Interface to OpenSSL (mod_ssl)
Thanks for the ideas. I tried both using the ip address instead of localhost
and i commented out the setting : SSLVerifyClient require, but it still
doesn't work.
Anything else that i could do?
You can check also:
netstat -vat - to see if httpd is listening on https port (443) and /or
ipchains