[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#136052: apache-ssl in woody/stable can't use encrypted keys

On Wed, Aug 07, 2002 at 05:10:33PM +0200, Christoph Martin wrote:
> Am Son, 2002-08-04 um 02.13 schrieb Peter Watkins:
> > Hi, we found ourselves wrestling with this bug today after
> > upgrading a web server from potato to woody. What we ended
> > up doing, though we wish we didn't have to, is re-writing
> > the server key *without* a passphrase, and editing httpd.conf
> > to point to this new, "naked" server key.

> > Any idea when this might be fixed, or should we be switching
> > from apache-ssl to some other package, like apache + mod_ssl?
> What is the difference of the bahaviour of the potato and the woody
> version of apache-ssl? You can only use encrypted keys with apache-ssl
> if you manually start the server. Then it would ask you for the key. 
> But this did not change.

The difference is that with potato's apache-ssl, we could provide the 
passphrase when manually starting the server, and it would be accepted.

Once we upgraded to potato's version of apache-ssl, we could not start the
server, not even manually, even though we provided the correct passphrase
(as we had done under potato). Instead we got error messages in the log file
very much like those reported by Thomas Gebhardt in this bug ticket back in
February. With woody's apache-ssl, we can only start the httpd if the server
ssl/tls key lacks a passphrase.

Peter Watkins - peterw@tux.org - peterw@usa.net - http://www.tux.org/~peterw/ 
Private personal mail: use PGP key F4F397A8; more sensitive data? Use 2D123692

Attachment: pgp7Y5F5CCIBr.pgp
Description: PGP signature

Reply to: