Thanks Bill,
Since I am a morning person, I will do this at about 4:00 a.m. in the
morning here on the left coast. I would love to try it now and
confirm it, but I've learned better. I just want to be on the safe
side, or the safe side, and I know for sure I am better at being
careful in the early a.m.
I will post the results as soon as I know.
Thanks again,
Rex
At 10:19 PM -0400 5/15/06, Bill Jones wrote:
On 5/15/06, Rex Brooks <[EMAIL PROTECTED]> wrote:
I did specify a pass phrase when I created the key/crt. However, I do
not get a request asking me to supply the pass phrase when I enter:
service httpd start. I just get the same FAILED notice with the same
error in the error_log.
You likely wont get a request if you use "service httpd start" -- we
will try to resolve this step by step; please read all this mess
before attempting any of it.
First off before we start please back up everything and place the back
up in a safe place; you probably should back it up twice to be safe.
:-)
Next, before you install my version of your ssl.conf please try this
command sequence first: ( Found at:
http://www.modssl.org/docs/2.8/ssl_faq.html#ToC30 )
# become root
su -
# cd to the dircectory where the server key file is and execute
cp server.key server.key.PW_BackUp
cp server.key server.key.orig
# Remove the passphase from the server key
openssl rsa -in server.key.org -out server.key
# Make sure the server.key file is now only readable by root:
chown root:root server.key && chmod 0400 server.key
# NOTE -
# Make sure you subsitute your file names for the above "server key"
# Lastly -- try to start the server
service httpd start
# various commands to see if its really running -
lsof |grep -i tcp |grep -i http
netstat -plan |grep 80
tcpdump port 80
If that works then we know that you canot start apache using "service"
-- you'll either have to not use a passphrase (which is upto company
security policy) or always start the "/etc/init.d/httpd restart" by
hand -- so it will prompt you for the passphrase.
If the above does not work you are welcome to try out my version of
the ssl.conf -- please make two backups of your original first. But I
feel strongly that the above passphrase issue is partially, if not
completely, at fault.
HTH/Sx
--
WC (Bill) Jones -- http://youve-reached-the.endoftheinternet.org/
Content-Type: application/octet-stream; name="ssl.conf"
Content-Disposition: attachment; filename="ssl.conf"
X-Attachment-Id: f_en9mb1oz
Attachment converted: Macintosh HD:ssl 1.conf ( / ) (00130C8B)
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Rex Brooks
President, CEO
Starbourne Communications Design
GeoAddress: 1361-A Addison
Berkeley, CA 94702
Tel: 510-849-2309
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]