This used to happen to all of my Netscape users everytime I did something in the ES admin manager that caused the security certificate to get regenerated - and there seem to be several admin options that do just that when you don't expect it. They'd all have to manually delete all of their "ourdomain.org" certificates, and it was very frustrating. Didn't happen to Internet Explorer users... I now work around this by using a "restore_ssl" script that I run as root every time the security certificate gets regenerated. It restores the cert and key files from saved copies and then restarts Apache: #!/bin/bash cd /home/e-smith/ssl.crt cp -p secure.ccsmail.org.crt.saved secure.ccsmail.org.crt cd /home/e-smith/ssl.key cp -p secure.ccsmail.org.key.saved secure.ccsmail.org.key echo "SSL certificate restored." cd /etc/rc.d/init.d/ ./httpd-e-smith restart echo "Web server restarted." exit 0 Works for me, and should keep us going until the 1 year lifetime of our current certificate expires. Hope this helps, -Wayne Michael Jung wrote: > > It only affects Netscape and Opera browser and not the IExplorer as the > article at > http://www.e-smith.org/bboard/read.php?v=t&f=1&i=6110&t=6110 > described. So, I guess it is not a problem of the server than the client. > To solve that problem for Netscape 4.76 do: > > Communicator --> Tools --> Security Info > Certificates --> Web Sites > There mark all saved certificates corresponding with your E-Smith Server and > delete them. > > Michael Jung > > > -----Original Message----- > > From: Michael Jung [mailto:[EMAIL PROTECTED]] > > Sent: Friday, August 03, 2001 4:38 PM > > To: [EMAIL PROTECTED] > > Subject: [e-smith-devinfo] After update to 4.1.2 no https access > > > > > > After I upgraded a 4.0rc5 E-Smith Server to 4.1.2 and installed all > > available updates I don't get access via SSL protocol. > > > > /var/log/httpd/error_log shows: > > > > [Fri Aug 3 16:23:44 2001] [error] mod_ssl: SSL handshake failed \ > > (server secure.re.e-technik.uni-kassel.de:443, client 141.51.155.142) > > (OpenSSL library error follows) > > > > [Fri Aug 3 16:23:44 2001] [error] OpenSSL: error:0407106B:rsa \ > > routines:RSA_padding_check_PKCS1_type_2:block type is not 02 > > > > [Fri Aug 3 16:23:44 2001] [error] OpenSSL: error:04065072:rsa \ > > routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed > > > > [Fri Aug 3 16:23:44 2001] [error] OpenSSL: error:1408B076:SSL \ > > routines:SSL3_GET_CLIENT_KEY_EXCHANGE:bad rsa decrypt > > > > --------------- > > /var/log/httpd/ssl_engine_log shows: > > > ... -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
