Re: Apache-SSL 'n Cert Fun
That's basically the steps I followed, yes.
However I've gotten a new error ;)
[Sun Mar 2 07:48:28 2003] [crit] (22)Invalid argument: Error reading
private key file /etc/apache-ssl/test.key:
[Sun Mar 2 07:48:28 2003] [crit] error:0906406D:PEM
routines:DEF_CALLBACK:problems getting password
[Sun Mar 2 07:48:28 2003] [crit] error:0906A068:PEM
routines:PEM_do_header:bad password read
It seems the parent apache-ssl isn't passing off the passphrase. It's right
when I start it (else it complains until I enter the right passphrase...)
I can also view the key by:
openssl rsa -noout -text -in test.key
and entering the passphrase, again verifying the passphrase is correct.
apache-ssl works fine without an encrypted test key & cert... once encrypted
pewf, it dies (which I need, because that's how the client gave it to me...
ugh.)
Any new ideas? :)
Thanks Again,
~ Darryl
----- Original Message -----
From: "Teddy Knab" <tjk@annapolislinux.org>
To: <debian-isp@lists.debian.org>
Sent: Saturday, March 01, 2003 9:14 PM
Subject: Re: Apache-SSL 'n Cert Fun
> I have been signing my own certs.
>
> Is that what you are typing about ?
>
> Here is a short clip of what I did:
>
> self signed cert
> 505 openssl genrsa -des3 -out ca.key 2048
> 510 openssl req -new -x509 -days 3652 -key ca.key -out ca.crt
>
> 2nd try docs from http://www.apache-ssl.org/#FAQ
> 545 openssl req -new > new.cert.csr
> 547 openssl rsa -in privkey.pem -out new.cert.key
> 548 openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey
> new.cert.key -days 365
> cat new.cert.key > apache.pem
> cat new.cert.cert >> apache.pem
> mv apache.pem to /etc/apache-ssl/apache.pem
> cp new.cert.key /etc/apache-ssl/apache.key
>
> Do you trust me ?
> My cert.
> https://webmail.washcoll.edu
>
>
> Ted
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
>
Reply to: