Michael Kress napsal(a):
Radek Hladik wrote:
Michael Kress napsal(a):
2009.02.26 19:09:44 LOG7[14644:3086588128]: Certificate:
/home/kress/keys/client-cert.pem
2009.02.26 19:09:44 LOG7[14644:3086588128]: Certificate loaded
2009.02.26 19:09:44 LOG7[14644:3086588128]: Key file:
/home/kress/keys/client-cert.pem
2009.02.26 19:09:44 LOG3[14644:3086588128]: error stack: 140B3009 :
error:140B3009:SSL routines:SSL_CTX_use_RSAPrivateKey_file:PEM lib
2009.02.26 19:09:44 LOG3[14644:3086588128]:
SSL_CTX_use_RSAPrivateKey_file: 906D06C: error:0906D06C:PEM
routines:PEM_read_bio:no start line
vncviewer: VNC server closed connection
Is the private key stored in client-cert.pem with the certificate
itself? I've noticed you generate client-key.pem but I am not sure
whether you combine these two files somewhere. The lines from log
state that the private key can not be found in
/home/kress/keys/client-cert.pem
These are the contents (will change them anyways, so I can post them):
client-cert.pem
=================================
-----BEGIN CERTIFICATE-----
MIIDXzCCAkmgAwIBAgIESabNHzALBgkqhkiG9w0BAQUwEzERMA8GA1UEAxMIbXlz
ZXJ2ZXIwHhcNMDkwMjI2MTcxMDU1WhcNMTAwMjI2MTcxMDU1WjBfMQswCQYDVQQG
HhYM
-----END CERTIFICATE-----
=================================
client-key.pem
=================================
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAmsA6M2uyhUrOsrAKnUY4ekE0wZJI+FRLw9X4CQflZtOGFZ8Z
W5M73CNFLzul7f8q97AI+jceoWHsz/oZq9q9n491uVTJGFwLCVQdxRzDRn5vV1by
sEhA6c+VBIFyj9q8zesdevEvR3qpS4lY/0A52X6EQbuEjQTgjnD6c4gd/dSl8pTK
-----END RSA PRIVATE KEY-----
Stunnel can not find private key. It tries to locate it in
client-cert.pem (I do not know why). Either change this in configuration
or appen client-key.pem to client-cert.pem. The PEM file can contain
both certificate and private key and stunnel will handle it.
Radek
--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list