Package: ssl-cert
Severity: normal
Read and weep:
Configuration file `/etc/init.d/apache2'
==> File on system created by you or by a script.
==> File also in package provided by package maintainer.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : background this process to examine the situation
The default action is to keep your current version.
*** apache2 (Y/I/N/O/D/Z) [default=N] ? y
Installing new version of config file /etc/init.d/apache2 ...
Configuring
------------
The two letter code for your Country. (ie GB) (countryName)
:-) Country Name US
Your state, county or province. (stateOrProvinceName)
:-) State or Province Name TN
The name of the city or town that you live in. (localityName)
:-) Locality Name Bristol
The name of the company or organisation the certificate is for.
(organisationName)
:-! Organisation Name kitenet.net
The Division or section of the organisation the certificate is for.
(organisationalUnitName)
:-) Organisational Unit Name
The host name of the server the certificate is for. This must be filled in.
(commonName)
:-! Host Name localhost
The email address that should be associated with the certificate.
:-) Email Address webmaster@localhost
Generating a 1024 bit RSA private key
................++++++
...............................++++++
writing new private key to '/etc/apache2/ssl/apache.pem'
-----
problems making Certificate Request
15035:error:0D07A098:asn1 encoding routines:ASN1_mbstring_copy:string too short:a_mbstr.c:147:minsize=1
dpkg: error processing apache2-common (--configure):
subprocess post-installation script returned error exit status 1
Note that:
- I have never edited /etc/init.d/apache, to the best of my knowledge.
- This stuff is not in a config script, and it should be.
- No, I didn't know what the hell I was configuring until it crashed.
Something to do with apache? What? You have to due truly stupid
things to make debconf do that.
- Every single one of the questions has an insufficiently detailed
description. And stupid defaults.
- None of the short descriptions end in colons, and all should.
- Although I kinda guessed it was a SSL cert, this just inclined me to
enter random garbage, since I run my OWN CA, and already have my OWN
CERT SETUP.
- There was insufficient checking done on the input, and no error handling.
No, I am not in an organisation, why should I make one up?
- There are many ways to guess what country I'm in, and none were used.
Note that during a debian install, this would in some cases be the
7th distinct time a user was asked what country he was in. Isn't that
a little insane?
- If there was a "all debconf usage blocked" blacklist in debconf,
I would be adding apache2 to it right now.
- It wrote a /etc/apache2/ssl/apache.pem, but did not configure apache to
actually use it in place of my previously existing cert. Good thing too,
or this bug report would be grave..
-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux dragon 2.4.24 #1 Thu Jan 8 15:48:32 EST 2004 i686
Locale: LANG=en_US, LC_CTYPE=en_US
--
see shy jo
Attachment:
signature.asc
Description: Digital signature