LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
Reload this Page [SOLVED] My CRL file error : PEM routines:PEM_read_bio:no start line:pem_lib
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-10-2010, 12:46 AM   #1
jecoso
LQ Newbie
 
Registered: Sep 2010
Posts: 2

Rep: Reputation: 0
Question My CRL file error : PEM routines:PEM_read_bio:no start line:pem_lib

I am configuring my Apache Server to enable checking CA Revocation List, and my Configuration lists as following :

Code:
SSLCARevocationFile /etc/httpd/confi.d/ssl.crt/CRL1.crl
But the server can not start, and the log says:

Code:
Unable to configure X.509 Storage for certificate
If I try this command to view content of my CRL file :

Code:
openssl crl -text -in CRL1.crl -noout
the console shows :
Code:
error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib:647:Expecting: X509 CRL
I think there is something wrong with my CRL file, such as the file format.Is there any requirement to the CRL file? What can I do to enable this CRL file checking?

Any hints will be highly appreciated.
Thanks in advance.
 
Old 09-10-2010, 03:13 AM   #2
xeleema
Member
 
Registered: Aug 2005
Location: D.i.t.h.o, Texas
Distribution: Slackware 13.x, rhel3/5, Solaris 8-10(sparc), HP-UX 11.x (pa-risc)
Posts: 988
Blog Entries: 4

Rep: Reputation: 254Reputation: 254Reputation: 254
From the Apache mod_ssl page, it says the CRL file has to be an all-in one PEM-encoded CRL file.

Is it PEM encoded?

EDIT: You might want to try one of the CRLs from a Certificate Authority (like these guys)
Last edited by xeleema; 09-10-2010 at 03:22 AM.
 
Old 09-10-2010, 06:00 AM   #3
jecoso
LQ Newbie
 
Registered: Sep 2010
Posts: 2

Original Poster
Rep: Reputation: 0
Thumbs up
Quote:
Originally Posted by xeleema View Post
From the Apache mod_ssl page, it says the CRL file has to be an all-in one PEM-encoded CRL file.

Is it PEM encoded?

EDIT: You might want to try one of the CRLs from a Certificate Authority (like these guys)
Thanks for your reply, my crl file is DER encoded, so I convert it to PEM.
And the server can be restarted successfully.

Thank you very much.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Error:PEM routines:PEM_read_bio:no start line:pem_lib.c:644:Expecting: TRUSTED CERTIF al.lmco Linux - Newbie 2 03-30-2009 04:09 PM
SSL certificate existing pem file aot2002 Linux - Server 0 10-11-2007 11:48 PM
crl.pem and Oulook PcHammer Linux - Software 0 01-27-2005 02:39 AM
unable to create imapd.pem file manish_2479 Linux - Networking 0 09-13-2004 03:55 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:45 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration