Re: [Assp-user] Problems getting TLS working

Mark D Montgomery II Tue, 26 Dec 2017 16:27:21 -0800

Ok, so it SHOULD work.

In SSL Proxy and TLS Settings:
DoTLS: do TLS


SSLCertFile: /etc/ssl/froxlor-custom/mydomain_chain.pem
SSLKeyFile: /etc/ssl/froxlor-custom/mydomain.key
SSLCAFile: /etc/ssl/froxlor-custom/mydomain_CA.pem

banFailedSSLIP is disabled, everything else is blank or default.

I turned up SSL Debug logging to 3 and restarted:

Dec-26-17 19:21:34 [init] SSL-DEBUG: .../IO/Socket/SSL.pm:2580: Failedto load key from file (no PEM or DER)SSL error: 24545: 1 - error:0D08303A:asn1 encodingroutines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 errorSSL error: 24545: 2 - error:0D0680A8:asn1 encodingroutines:ASN1_CHECK_TLEN:wrong tagSSL error: 24545: 3 - error:0D07803A:asn1 encodingroutines:ASN1_ITEM_EX_D2I:nested asn1 error

SSL error: 24545: 4 - error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib

SSL error: 24545: 5 - error:0D0680A8:asn1 encodingroutines:ASN1_CHECK_TLEN:wrong tagSSL error: 24545: 6 - error:0D07803A:asn1 encodingroutines:ASN1_ITEM_EX_D2I:nested asn1 errorSSL error: 24545: 7 - error:140B000D:SSLroutines:SSL_CTX_use_PrivateKey_file:ASN1 libDec-26-17 19:21:34 [init] SSL-DEBUG: .../IO/Socket/SSL.pm:2580: globalerror: Failed to load key from file (no PEM or DER)error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tagDec-26-17 19:21:34 [init] Error: unable to create IPv4 socket to0.0.0.0:1465 - Failed to load key from file (no PEM or DER)error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tagDec-26-17 19:21:34 [init] Error: couldn't create server SSL-socket onport '1465' -- maybe another service uses this listener or I'm notroot (uid=0)? -- or a wrong IP address is defined? -- Inappropriateioctl for device





----- Message from Doug Lytle <supp...@drdos.info> ---------
    Date: Tue, 26 Dec 2017 18:12:47 -0500
    From: Doug Lytle <supp...@drdos.info>
Reply-To: For Users of ASSP <assp-user@lists.sourceforge.net>
 Subject: Re: [Assp-user] Problems getting TLS working
      To: assp-user@lists.sourceforge.net

On 12/26/2017 05:29 PM, Mark D Montgomery II wrote:

I've added the paths to the chain, ca, and key files, but ASSPwon't accept the key file.


Mark,

I've got my ASSP setup with LetsEncrypt as well and it's working fine.

My chain is the fullchain.&nbsp; Along with my cert and key.



Doug

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user



----- End message from Doug Lytle <supp...@drdos.info> -----



--
Mark D Montgomery II
techi...@techiem2.net
https://www.techiem2.net


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user

Re: [Assp-user] Problems getting TLS working

Reply via email to