On Nov 16, 2009, at 11:05 AM, Steve Maser wrote: > At 10:25 AM -0500 11/16/09, Phil Pishioneri wrote: >> On 11/16/09 10:11 AM, Steve Maser wrote: >>> Nov 16 10:08:31 tts10 org.apache.httpd[88871]: [Mon Nov 16 10:08:31 >>> 2009] [error] SSL_CTX_use_PrivateKey_file: >>> /etc/certificates/<hostname>.A1F1C424CAE8BFA965D39024B1B8FFF8F6E5C15E.key.pem: >>> error:0906406D:PEM routines:PEM_def_callback:problems getting >>> password\n >>> >>> The Certificate Assistant doesn't seem to have an option to generate >>> a certificate without a passphrase (like in 10.5 Server). >>> >> >> Command line openssl should be able to copy the key file (and use that one >> for CosignCrypto) and remove the passphrase: >> >> % openssl rsa -in >> >> /etc/certificates/<hostname>.A1F1C424CAE8BFA965D39024B1B8FFF8F6E5C15E.key.pem >> -out new-key-file-without-password.pem >> >> >> which should prompt for the passphrase (may have to be an admin account or >> root to access the key file). >> >> -Phil > > > Thanks much! > > It now seemes to work with the "new-key-file-without-password.pem" file. > > Not knowing much about the underpinnings of cosign -- does this mean cosign > *can never* work with a key file containing a passphrase?
Cosign does not have any code for dealing with passphrase-protect key files. andrew ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
