Ralf S. Engelschall wrote:
> Fred Read Wrote:
> > ...
> > I feel I am *almost* there but just need a tiny nudge in the
> > right direction.
Sorry for not responding sooner but I was taken ill on Friday
and have only just got your extremely valuable response.
> First, _please_ always start with the provided default configuration
> in the installed httpd.conf.default file before you try fiddling around
> yourself with the various SSL* directives. It saves you a lot of trouble
> until you carefully read _and_ understood the documentation.
Please accept my apologies for my enthusiasm for your product!
Because we were effectively updating an existing installation
on one of our development machines the installation process
didn't actually copy over the SSL enhanced httpd.conf file so
I added in [what I hoped were] the appropriate bits manually.
My mistake!
> Second, your particular problem is that an SSLCertificateKeyFile
> directive is missing or at least the /usr/local/apache/conf/ssl.crt/server.crt
> file doesn't contain also the key. Please either append the key
> at the end of this file or reference your private key file with
> SSLCertificateKeyFile.
Having identified the "SSL Enhanced" httpd.conf in the build
conf directory I am going to copy it across and start over.
Hopefully, this will solve most of my problems.
> Third, you're right: It's my fault that mod_ssl gives a
> confusing "Pass phrase incorrect." even when it should read
> "no private key found at all" for your situation. The problem
> is that for OpenSSL's parsing routines there seems to be no
> difference between "not found" and "not decryptable" here and
> this way mod_ssl can't give a more reasonable error message.
> I'll try to find a solution for a better error message...
Thank you for your most helpful response and apologies once
again for not paying close enough attention to the build
process and the supplied documentation.
--
If it ain't opinionated, it ain't Rich Teer.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
