At 10:25 AM -0500 11/16/09, Phil Pishioneri wrote: >On 11/16/09 10:11 AM, Steve Maser wrote: >>Nov 16 10:08:31 tts10 org.apache.httpd[88871]: [Mon Nov 16 10:08:31 >>2009] [error] SSL_CTX_use_PrivateKey_file: >>/etc/certificates/<hostname>.A1F1C424CAE8BFA965D39024B1B8FFF8F6E5C15E.key.pem: >>error:0906406D:PEM routines:PEM_def_callback:problems getting >>password\n >> >>The Certificate Assistant doesn't seem to have an option to generate >>a certificate without a passphrase (like in 10.5 Server). >> > >Command line openssl should be able to copy the key file (and use that one for >CosignCrypto) and remove the passphrase: > > % openssl rsa -in > > /etc/certificates/<hostname>.A1F1C424CAE8BFA965D39024B1B8FFF8F6E5C15E.key.pem > -out new-key-file-without-password.pem > > >which should prompt for the passphrase (may have to be an admin account or >root to access the key file). > >-Phil
Thanks much! It now seemes to work with the "new-key-file-without-password.pem" file. Not knowing much about the underpinnings of cosign -- does this mean cosign *can never* work with a key file containing a passphrase? Or that cosign just needs to be modified/updated to reflect the new default changes in 10.6? - Steve -- Steve Maser ([email protected]) | Thinking is man's only basic virtue, Sr. Systems Administrator | from which all the others proceed. Office of Technology Transfer | -- Ayn Rand ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
