On 3-Aug-2009, at 18:39, Eric Covener wrote:
On Mon, Aug 3, 2009 at 8:16 PM, LuKreme<kremels@xxxxxxxxx> wrote:<VirtualHost *:443> ServerName securemail.example.com SSLCertificateFile /usr/local/etc/apache22/server.pem SSLCertificateKeyFile /usr/local/etc/apache22/server.key ServerAdmin admin@xxxxxxxxxxx DocumentRoot /usr/local/www/squirrelmail/ ErrorLog /var/log/httpd-error.log CustomLog /var/log/httpd-access.log combined DirectoryIndex secure.html </VirtualHost>http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslengine
OK, now at least I get something in the error log (added SSLEngine on): [Thu Aug 06 02:08:38 2009] [notice] caught SIGTERM, shutting down[Thu Aug 06 02:08:45 2009] [error] Init: Unable to read server certificate from file /usr/local/etc/apache22/server.pem [Thu Aug 06 02:08:45 2009] [error] SSL Library Error: 218529960 error: 0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Thu Aug 06 02:08:45 2009] [error] SSL Library Error: 218595386 error: 0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
Remember, server.pem is there. $ ls -ls /usr/local/etc/apache22/server.pem2 -rw-r--r-- 1 root wheel 891 May 3 2007 /usr/local/etc/apache22/ server.pem
I can recreate the pem and key files I suppose, I was just using self- signed ones anyway. Is that what I need to do?
-- You think you can catch Keyser Soze? You think a guy like that comes this close to getting caught, and sticks his head out? If he comes up for anything it'll be to get rid of me. After that my guess is you'll never hear from him again. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|