LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-02-2009, 08:36 AM   #1
nagavinodh
Member
 
Registered: Aug 2009
Posts: 118

Rep: Reputation: 15
ssl error


Hi,
we tried to configure the ssl.we got the ssl certificate from rapidsslonline.com.
we put the certifcate to /usr/local/apache2/conf/ssl.crt/server.crt.
then we generate the key

openssl genrsa -des3 -out server.key 1024 at /usr/local/apache2/conf/ssl.key/server.key

[root@server1 bin]# ./apachectl startssl
The startssl option is no longer supported.
Please edit httpd.conf to include the SSL configuration settings
and then use apachectl start.
[root@server1 bin]#

And we added the entries in httpd.conf

Listen 443

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
#SSLConfiguration Nov-02-2009
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.key
</IfModule>
 
Old 11-02-2009, 08:41 AM   #2
zhjim
Senior Member
 
Registered: Oct 2004
Distribution: Debian Squeeze x86_64
Posts: 1,748
Blog Entries: 11

Rep: Reputation: 233Reputation: 233Reputation: 233
Quote:
Originally Posted by nagavinodh View Post
And we added the entries in httpd.conf

Listen 443

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
#SSLConfiguration Nov-02-2009
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.key
</IfModule>
Also I dunno if you still having problem with the SSL cert I just spotted one thing in your config. The line before you close the ifModule where you configure the server.key file. Does'nt it have to read

Code:
SSLCertificateKeyFile /usr/local/apache2/conf/ssl.crt/server.key
just a Key betweeen Certificate and File....

Cheers zhjim
 
Old 11-02-2009, 08:47 AM   #3
wfh
Member
 
Registered: Sep 2009
Location: Northern California
Distribution: Ubuntu Debian CentOS RHEL Suse
Posts: 164

Rep: Reputation: 44
Please tell us which distribution you are configuring.

It would help if you showed the failure as found in your message log.
 
Old 11-02-2009, 08:49 AM   #4
nagavinodh
Member
 
Registered: Aug 2009
Posts: 118

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by zhjim View Post
Also I dunno if you still having problem with the SSL cert I just spotted one thing in your config. The line before you close the ifModule where you configure the server.key file. Does'nt it have to read

Code:
SSLCertificateKeyFile /usr/local/apache2/conf/ssl.crt/server.key
just a Key betweeen Certificate and File....

Cheers zhjim
hi
thanks for that.


[root@server1 bin]# ./apachectl -version
Server version: Apache/2.2.14 (Unix)
Server built: Nov 2 2009 13:43:28

i could n't understand your words.please tell again
 
Old 11-02-2009, 10:11 AM   #5
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
The question(s) asked by wfh:
1)
are you using Ubuntu, Redhat, Slackware or ...
2)
do you get any errors (check /var/log/httpd/... or /var/log/apache/....) when (re)starting apache and post them here
 
Old 11-03-2009, 01:41 AM   #6
wfh
Member
 
Registered: Sep 2009
Location: Northern California
Distribution: Ubuntu Debian CentOS RHEL Suse
Posts: 164

Rep: Reputation: 44
Quote:
Originally Posted by nagavinodh View Post

i could n't understand your words.please tell again
Hi nagavinodh,

Are you configuring Debian? RedHat? CentOS? Slackware?

Have you found errors in your logfiles when you attempt to start apache? Perhaps your distribution keeps logs at "/var/log/apache2/ssl/error_ssl.log" or "/var/log/httpd/ssl_error_log".

Search the tail of your error log (it might have a different name, but certainly "error" is part of the filename).
 
Old 11-03-2009, 04:16 AM   #7
zhjim
Senior Member
 
Registered: Oct 2004
Distribution: Debian Squeeze x86_64
Posts: 1,748
Blog Entries: 11

Rep: Reputation: 233Reputation: 233Reputation: 233
I just wanted to point out that there might be an error in your configuration. I normaly use a diffrent option with the .key file of the cert.

Original configuration
Code:
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
#SSLConfiguration Nov-02-2009
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.key
</IfModule>
what I think it should look like
Code:
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
#SSLConfiguration Nov-02-2009
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache2/conf/ssl.crt/server.key
</IfModule>
I don't know if this causes any error...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
sendmail: STARTTLS read error=generic SSL error.... All of a sudden! 3dMaster Linux - Server 2 12-08-2010 06:41 AM
Linux Citrix Receiver gives me error: provider code 20 SSL error 86 ebeyer Linux - Networking 1 09-16-2009 12:32 PM
SSL Error gomez Linux - Security 0 02-17-2005 04:26 PM
ssl error tonyb_69 Linux - Networking 1 09-22-2004 10:12 AM
SSL error PionexUser Linux - Newbie 1 09-04-2003 03:57 PM


All times are GMT -5. The time now is 09:57 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration