Hi, Does anyone know why Apache httpd (2.4.4) fails to start if the pem file set in SSLProxyMachineCertificateFile is formatted: -----BEGIN PRIVATE KEY----- MIIEvgIB ... -----END PRIVATE KEY----- the error is "incomplete client cert configured for SSL proxy (missing or encrypted private key?) " If you add the word RSA as in "BEGIN RSA PRIVATE KEY" it all works. SSLCertificateFile works with both "BEGIN PRIVATE KEY" or "BEGIN RSA PRIVATE KEY" With openssl 1.0 you can generate a pem key $ openssl req -new -keyout mykey.key -out mycertreq.csr -nodes -sha1 -newkey rsa:2048 -----BEGIN PRIVATE KEY----- MIIEvgIB ... -----END PRIVATE KEY----- With openssl 0.9.8 for the same you get -----BEGIN RSA PRIVATE KEY----- MIIEvgIB ... -----END RSA PRIVATE KEY----- Thank you, Fred -- View this message in context: http://apache-http-server.18135.x6.nabble.com/Apache-fails-to-start-if-SSLProxyMachineCertificateFile-does-not-contain-RSA-tp5009238.html Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|