You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "S.A. Birl" <sb...@temple.edu> on 2007/08/23 21:16:52 UTC
[users@httpd] Fixed. Apache 2.2.4 self-signed SSL problem with openssl 0.9.8e
on Solaris 10
On Aug 10, 2007, S.A. Birl (nospam-sbirl+Apache-List@temple.edu.ns) typed:
Birl: On Aug 9, 2007, Dragon (nospam-dragon@crimson-dragon.com.ns) typed:
Birl:
Birl: Dragon: S.A. Birl wrote:
Birl: Dragon: > Greetings all:
Birl: Dragon: >
Birl: Dragon: > I recently upgraded my server from Solaris 9 to Solaris 10.
Birl: Dragon: > I restored my self-signed CRT and privkey.pem from backup,
Birl: Dragon: > and restored all of my Apache files (minus the binaries) from
Birl: Dragon: > backup too. Re-compiled httpd (just in case) and started it up.
Birl: Dragon: >
Birl: Dragon: > Apache asked for the passphrase and accepted it, but my web browsers
Birl: Dragon: > wont connect to it. SeaMonkey says "Data Transfer Interrupted"
Birl: Dragon: >
Birl: Dragon: > https://concept.temple.edu/
Birl: Dragon: >
Birl: Dragon: > Generating a new CSR and CRT with openssl 0.9.8e and tried again.
Birl: Dragon: > Same result.
Birl: Dragon: >
Birl: Dragon: > Nothing in the error log; nothing in the access log, but lsof says
Birl: Dragon: > httpd is listening on 443.
Birl: Dragon: >
Birl: Dragon: > Im baffled. What could I be over-looking?
Birl: Dragon: >
Birl: Dragon: >
Birl: Dragon: > Thanks
Birl: Dragon: > Birl
Birl: Dragon: ---------------- End original message. ---------------------
Birl: Dragon:
Birl: Dragon: The site came up in my browser (IE7) but showed a certificate error.
Birl: Dragon: The error is that the certificate is not signed by a trusted authority.
Birl:
Birl:
Birl:
Birl: Yes, that's why I said in the OP that it was "self-signed".
Birl:
Birl: Interesting that it came up in IE7, as I confirmed it myself.
Birl: So other than it being self-signed, what other reason could there be?
Birl: All my other self-signed certificates worked in the past with the same
Birl: version of Apache, but an earlier version of openssl.
I finally got around to correcting this. OpenSSL conflict.
The earlier version of openssl compiled into Apache didnt like my
self-signed certificate with the later version of openssl.
Once I re-compiled Apache, everything worked like a charm.
I figured Id share.
-- Birl
Please do not CC me responses to my own posts.
I'll read the responses on the list.
Archives http://mail-archives.apache.org/mod_mbox/httpd-users/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org