Re: "corrupted content" error, httpd can't access SSL key file [wd-vc]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I am sorry, I had it switched off for a few hours (it's a home pc), but will keep it on now. Would you mind trying again?
Thanks!
 
 
Am Di, 30. Sep 2014, um 03:49, schrieb Edgar Pettijohn:
I tried to go to your site, but apparently the server is down.
 
On 09/29/2014 07:16 PM, Benjamin Oppermann wrote:
Actually, this one is a self-signed certificate, but I tried with a new one using your command, just to be safe.
My Vhost is configured in /etc/apache2/sites-enabled/000-default.conf, so that's where I adjusted the path to test.pem
The page is still not available.
I was probably wrong though giving the apachectl -S error as cause of the problem (or was I?). I should have run it with sudo, in which case it would have looked like this:
 
~$ sudo apachectl -SAH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:80                   127.0.1.1 (/etc/apache2/sites-enabled/000-default-mythbuntu.conf:1)
*:443                  127.0.1.1 (/etc/apache2/sites-enabled/000-default.conf:11)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33
 
Could it be that Apache does not run as root when trying to access the key file?
If that is not the problem, then I am at a loss.
I forgot to say that not all browsers show the problem as "corrupted content" error. In others, There is a warning that the site is not to be trusted (which is normal because of the certificate being self-signed), but the option to ignore the warning and create an exception is disabled / not working.
I you want to try what your browser says, the URL is https://oc.benopp.org/owncloud
 
Am Di, 30. Sep 2014, um 01:35, schrieb Edgar Pettijohn:
Have you tried with a self signed certificate just to see what happens?
 
# openssl req -new -x509 -days 3650 -nodes -newkey rsa:4096 -out /etc/ssl/certs/test.pem -keyout /etc/ssl/private/test.pem
 
# chmod go= /etc/ssl/private/test.pem
 
httpd.conf
 
SSLCertificateFile    /etc/ssl/certs/test.pem
SSLCertificateKeyFile /etc/ssl/private/test.pem
 
 
 
 
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux