>> Are you using a self-signed certificate? I'm seeing the same thing. > > No, ours come from a CA.
Hm. Well, I can duplicate this issue pretty easily with OpenSSL 0.9.8e (CentOS 5.10), but not with OpenSSL 1.0.1e-fips (CentOS 6.5) # mkdir -p /tmp/sslkeys # openssl req -new -x509 -nodes -out /tmp/sslkeys/server.crt -keyout /tmp/sslkeys/server.key -extensions usr_cert Add virtual host to Apache, then use the following directives: SSLEngine on SSLCertificateFile /tmp/sslkeys/server.crt SSLCertificateKeyFile /tmp/sslkeys/server.key Stop, then start Apache. It will fail to come back up and yield the same errors. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
