> -----Original Message----- > From: Kurt Newman [mailto:kurt.newman@xxxxxxxxxx] > Sent: Monday, April 14, 2014 3:32 PM > To: users@xxxxxxxxxxxxxxxx > Subject: Re: 2.4.9 expecting DH PARAMETERS > > On Thu, 10 Apr 2014 20:34:11 GMT, Jesse Defer wrote: > > When upgrading from 2.4.7 to 2.4.9 we found that the server complained > > about missing DH PARAMETERS in our certificate and would not start. > > Adding dhparams to it fixed it. After some troubleshooting we found > > that only systems that did not have SSLCertificateChainFile directives > > with the intermediate certificate exhibited this problem. Combining the > server and intermediate certificates into the SSLCertificateFile also > required adding dhparams. > > > > Errors: > > > > [Thu Apr 10 13:03:32.999467 2014] [ssl:emerg] [pid 27709] AH02562: > > Failed to configure certificate > > xxx:443:0 (with chain), check /usr/local/apache2/conf/xxx.crt [Thu Apr > > 10 13:03:32.999486 2014] [ssl:emerg] [pid 27709] SSL Library Error: > > error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: DH > > PARAMETERS) -- Bad file contents or format > > - or even just a forgotten SSLCertificateKeyFile? > > AH00016: Configuration Failed > > > > OS is RHEL5, using distro provided openssl (0.9.8e). > > > > Is this a bug or am I doing something wrong? > > > > Thanks, > > Jesse DeFer > > > Are you using a self-signed certificate? I'm seeing the same thing. No, ours come from a CA. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|