Make sure your private key is not passphrase-protected; if it is, it'll
fail to be loaded by the server. You can use openssl to take the passphrase
off, but make sure you lock up this file so that only the server can read
it (root will also be able to read it, obviously):
openssl rsa -in key1.pem -out key2.pem
The latest version is nsopenssl-1.1 and is available at http://scottg.net.
You'll want to use this version, and it requires OpenSSL 0.9.6 or higher
(though I haven't tested with 0.9.6a yet).
/s.
> O.K,
>
> With a little Makefile and source hacking I got nsopenssl.so to
> build. (OPENSSL_free isn't in my version of OpenSSL, was it added
> later? [tclcmds.c])
>
> Now my problem is that the module fails to load the certfile.pem. I
> created my own self-signed certificate using openssl, and from what I
> can tell it looks O.K. Has anyone tryed this before? I just think
> I'm missing something that my brain can't figure out. :-)
>
> P.S.
> The cert was generated from an unencrypted 3DES 1024-bit key if that
> helps any.
>
> "Daniel P. Stasinski" wrote:
> >
> > > I was wondering if there was anything in the works to port
> > > nsssl from BSAFE to OpenSSL? It appears that getting
> > > your hands on BSAFE would be the first problem.
> >
> > Try nsopenssl at:
> >
> > http://scottg.net/webtools/opennsd/modules/nsopenssl/
> >
> > Daniel P. Stasinski
> > http://www.disabilities-r-us.com
> > [EMAIL PROTECTED]
>
>
