Hi,
So I have an apache 2.2.15 box running on CentOS 6.4. It took me a while to get it fine-tuned the way I want, but I eventually got there. So I buy a certificate, redirect from http to https, and it seems to be working perfectly. That was about six weeks ago.
This morning, I head into the office, and as usual, login to my horde instance for e-mail and calendar. At the same time, trying to get mailman running, I decide to remove the mailman instance with yum remove mailman. Five minutes later, as I'm typing an e-mail, I suddenly get kicked off the server, and when I try to reconnect, I get 'certificate not approved' in my browser (chrome).
I have a look via ssh, but can't see anything untoward.
This is when I _did_ do something silly. I looked in /etc/httpd/conf.d/ssl.conf and saw the following line:
SSLCertificateFile /etc/pki/tls/private/localhost.key
That's not right, I thought. So I change that and the other SSL file lines to point to my certificates, which are in /etc/httpd/ssl. Like an idiot, I didn't back that file up beforehand.
I restart apache and this appears in the logs ..
[Wed Oct 16 09:52:34 2013] [error] Init: Unable to read server certificate from file /etc/pki/tls/private/localhost.key
[Wed Oct 16 09:52:34 2013] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Wed Oct 16 09:52:34 2013] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
And this is rather worrying, since at no time in the past fortnight, have I fiddled with the httpd.conf file, so there's no reason why it should suddenly stop pointing to the correct certificate. And I don't think that removing mailman would cause this - I only mentioned it to eliminate it as a possible cause.
Any ideas?
Thanks.
