Fabio Massimo Di Nitto wrote:
Hi, are you running testing? is this a fresh installation or an upgrade?
Yes, I am running testing. I think it was a fresh install, because I purge the previous installation...
Please provide me more information asap.
I found the problem by myself: If you left one field in the dialog for the certificate empty you will get:
Setting up apache-ssl (1.3.29.0.1-3) ... Generating a 1024 bit RSA private key ...................++++++ .......++++++ writing new private key to '/etc/apache-ssl/apache.pem' ----- problems making Certificate Request 32587:error:0D07A098:asn1 encoding routines:ASN1_mbstring_copy:string too short:a_mbstr.c:147:minsize=1 dpkg: error processing apache-ssl (--configure): subprocess post-installation script returned error exit status 1 Errors were encountered while processing: apache-ssl E: Sub-process /usr/bin/dpkg returned an error code (1)
And if you then try again "apt-get install apache-ssl" you will get (the message of my first report):
Setting up apache-ssl (1.3.29.0.1-3) ... Starting web server: apache-sslProcessing config directory: /etc/apache-ssl/conf.d failed invoke-rc.d: initscript apache-ssl, action "start" failed. dpkg: error processing apache-ssl (--configure): subprocess post-installation script returned error exit status 1 Errors were encountered while processing: apache-ssl E: Sub-process /usr/bin/dpkg returned an error code (1)
So if left a field empty in the dialog for the creation of a certificate a corrupted "apache.pem" will be created:
---- /var/log/apache-ssl/error.log ---- [Sun Jan 25 14:16:40 2004] [crit] Error reading server certificate file /etc/apache-ssl/apache.pem [Sun Jan 25 14:16:40 2004] [crit] error:0906D06C:PEM routines:PEM_read_bio:no start line -------------- 8< ---------------------
and then on the second "apt-get install apache-ssl" the postinstall script just checks if there is a /etc/apache-ssl/apache.pem, and yes there is one, but one that is *corrupted*. So it will try to start apache-ssl, but it won't (see error.log)
So maybe its a good thing to say in the dialog to fill out *every* field or to check if the apache.pem is correct and working.
Greetings Michael
Attachment:
signature.asc
Description: OpenPGP digital signature