Thanks again, Bill,Thinking through this as I tried Bill Jones' suggestions, it appears that the PassPhrase with or without a dialog applet is not at fault here.
The first time this start failure occurred it was immediately after registering a new user in the ebxmllrr -3.0-beta1 registry using the web browser interface where the instructions walk you through the process of importing the key into the browser.
At 10:35 PM -0500 5/15/06, William A. Rowe, Jr. wrote:
Rex Brooks wrote:I have Apache2 in RHEL4, so I am assuming that the SSL Sections you refer to are in ssl.conf which is loaded as a DSO.I understand that httpd must be able to read the crt/pem file.I did specify a pass phrase when I created the key/crt. However, I do not get a request asking me to supply the pass phrase when I enter: service httpd start. I just get the same FAILED notice with the same error in the error_log.If it is in fact 'tripping' over the passphrase, and stdin/stdout aren't providing access to the console from 'service httpd start' in redhat, you might want to look at the SSLPassphraseDialog applet. One option is to pass a pipe:/path/to/binary that can invoke a pipe program which queries all of the passphrases. I wrote support/win32/wintty.c to create a console window on the fly for such a dialog, letting the service speak with the user at the console. Obviously, it's win32 specific. But I can't imagine it would be impossible to create a similar tty piped window applet on Unix, if someone is up to the challenge. There are simpler SSLPassphraseDialog alternatives, see... http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#sslpassphrasedialog (I just noticed the pipe:/path/to/pipe is undocumented; whoops!) Bill Bill --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
-- Rex Brooks President, CEO Starbourne Communications Design GeoAddress: 1361-A Addison Berkeley, CA 94702 Tel: 510-849-2309 --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|