SSL Pass Phrase
Hey all, I recently installed mod-ssl on a new web server. Unfortunately, in my haste to get the machine up and running, I cannot remember the pass phrase that I used. I have tried making a de-install, and re-installing, however I am unable to bypass this. Can someone please let me know the best way to do this. Thanks Glenn May
Re: SSL Pass Phrase
On Thu, 20 Feb 2003, Glenn E. May wrote: I recently installed mod-ssl on a new web server. Unfortunately, in my haste to get the machine up and running, I cannot remember the pass phrase that I used. I have tried making a de-install, and re-installing, however I am unable to bypass this. When you reinstall, it leaves your old private key/certificate in place intentionally (it would suck to have them be overwritten! :). If you want to delete them and start over, you have to do it yourself. Delete the ssl.* subdirectories of your Apache conf directory and redo the entire generate-private-key-then-get-certificate process from scratch. Of course you realize that if you already bought a real certificate from a CA to go with your old private key that you're going to have to get a new one (and different CA's have different reissue policies). --Cliff __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
SSL Pass phrase
I believe I have successfully configured Apache/PHP/mod_ssl/openssl on Red Hat 7.2. When starting SSL with ./apachectl startssl I get: Server localhost.localdomain:443 (RSA) Enter pass phrase: I put my password in and get: Apache:mod_ssl:Error: Pass phrase incorrect I thought that this was the pass phrase I entered when making the certificate. I am sure I knew (and still believe) the correct pass phrase. However, is there a way of finding out from my system files? I have tried to understand the typically obscure instructions that come with software but have failed. Is it openssl rsa -noout -text -in server.key where server.key is the file in the /apache/conf/ssl.key directory? The result is: read RSA key Enter PEM pass phrase: I enter password and get: unable to load key 14555:error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt:evp_enc.c:277: 14555:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c.451: If someone has an answer, could they please tell me exactly where I should run the relevant command. Please help Regards Scott __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: SSL Pass phrase
Sounds like perhaps you fat-fingers it as entering it, or are not using caps or special chars you did when you entered it. I'ts case sensitivve, so caps count, spcial chars count. did you start the passphrase, typo then backspace? if so, try that excat sequence and see if it works for ya. Barring that your quickest fix is to redo the certs... Thanks, Ron DuFresne On Sat, 9 Feb 2002, Scott Taylor wrote: I believe I have successfully configured Apache/PHP/mod_ssl/openssl on Red Hat 7.2. When starting SSL with ./apachectl startssl I get: Server localhost.localdomain:443 (RSA) Enter pass phrase: I put my password in and get: Apache:mod_ssl:Error: Pass phrase incorrect I thought that this was the pass phrase I entered when making the certificate. I am sure I knew (and still believe) the correct pass phrase. However, is there a way of finding out from my system files? I have tried to understand the typically obscure instructions that come with software but have failed. Is it openssl rsa -noout -text -in server.key where server.key is the file in the /apache/conf/ssl.key directory? The result is: read RSA key Enter PEM pass phrase: I enter password and get: unable to load key 14555:error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt:evp_enc.c:277: 14555:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c.451: If someone has an answer, could they please tell me exactly where I should run the relevant command. Please help Regards Scott __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] -- ~~ admin senior security consultant: sysinfo.com http://sysinfo.com Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation. -- Johnny Hart testing, only testing, and damn good at it too! __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
