On 2015-12-01 21:51, Krzysztof Strzeszewski wrote:
Sorry, I'm beginner. I konow, my message was not logical.uname -a: #---------------------------------------------------------------------------- OpenBSD hostname 5.8 GENERIC#0 i386 #---------------------------------------------------------------------------- virtual server in httpd.conf: #---------------------------------------------------------------------------- server "hostname" { listen on * port 80 listen on * tls port 443 log { access "access.log", error "error.log" } tls { certificate "/etc/ssl/server.crt" key "/etc/ssl/private/server.key" } root "/htdocs/hostname" } #---------------------------------------------------------------------------- port 80 end 443 is open: # netstat -a |grep http #---------------------------------------------------------------------------- tcp 0 0 localhost.https *.* LISTEN tcp 0 0 *.https *.* LISTEN #---------------------------------------------------------------------------- in firefox: #---------------------------------------------------------------------------- Secure Connection Falied An error occurred during a connection to my_domain. Cannot communicate securely whih peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap) #---------------------------------------------------------------------------- in log from httpd: #---------------------------------------------------------------------------- httpd: could not parse macro definition SSL httpd[21336]: server_tls_init: failed to configure TLS - failed to read private key: Operation not supported by device #----------------------------------------------------------------------------
Check the following; 1) Does private key match certificate? Verify this like so (should result in two exact same sha512 strings); # openssl x509 -noout -modulus -in server.pem | openssl sha512 # openssl rsa -noout -modulus -in server.key | openssl sha512 2) Is httpd allowed to read key file? # ls -lhart /etc/ssl/server.crt # ls -lhart /etc/ssl/private/server.key 3) Check with browser random x on random other operating system y.
