Package: ssl-cert Severity: normal Read and weep: Configuration file `/etc/init.d/apache2' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** apache2 (Y/I/N/O/D/Z) [default=N] ? y Installing new version of config file /etc/init.d/apache2 ... Configuring ------------ The two letter code for your Country. (ie GB) (countryName) :-) Country Name US Your state, county or province. (stateOrProvinceName) :-) State or Province Name TN The name of the city or town that you live in. (localityName) :-) Locality Name Bristol The name of the company or organisation the certificate is for. (organisationName) :-! Organisation Name kitenet.net The Division or section of the organisation the certificate is for. (organisationalUnitName) :-) Organisational Unit Name The host name of the server the certificate is for. This must be filled in. (commonName) :-! Host Name localhost The email address that should be associated with the certificate. :-) Email Address webmaster@localhost Generating a 1024 bit RSA private key ................++++++ ...............................++++++ writing new private key to '/etc/apache2/ssl/apache.pem' ----- problems making Certificate Request 15035:error:0D07A098:asn1 encoding routines:ASN1_mbstring_copy:string too short:a_mbstr.c:147:minsize=1 dpkg: error processing apache2-common (--configure): subprocess post-installation script returned error exit status 1 Note that: - I have never edited /etc/init.d/apache, to the best of my knowledge. - This stuff is not in a config script, and it should be. - No, I didn't know what the hell I was configuring until it crashed. Something to do with apache? What? You have to due truly stupid things to make debconf do that. - Every single one of the questions has an insufficiently detailed description. And stupid defaults. - None of the short descriptions end in colons, and all should. - Although I kinda guessed it was a SSL cert, this just inclined me to enter random garbage, since I run my OWN CA, and already have my OWN CERT SETUP. - There was insufficient checking done on the input, and no error handling. No, I am not in an organisation, why should I make one up? - There are many ways to guess what country I'm in, and none were used. Note that during a debian install, this would in some cases be the 7th distinct time a user was asked what country he was in. Isn't that a little insane? - If there was a "all debconf usage blocked" blacklist in debconf, I would be adding apache2 to it right now. - It wrote a /etc/apache2/ssl/apache.pem, but did not configure apache to actually use it in place of my previously existing cert. Good thing too, or this bug report would be grave.. -- System Information: Debian Release: testing/unstable Architecture: i386 Kernel: Linux dragon 2.4.24 #1 Thu Jan 8 15:48:32 EST 2004 i686 Locale: LANG=en_US, LC_CTYPE=en_US -- see shy jo
Attachment:
signature.asc
Description: Digital signature