Ralf-
"Ralf S. Engelschall" wrote:
>
> On Sun, May 09, 1999, Brian Pollock wrote:
>
> > I have seen my exact problem in the archives, but I could never find out
> > what the solution was to the problem. I am setting up an Apache
> > webserver using mod_ssl/openssl. I have been using the test certificate
> > just fine, but now I have my real certificate from Verisign. When I
> > setup my httpd.conf to point at the key file and new cert file the
> > server starts just fine propmting me for my key password, but when I
> > connect via https I get these errors in my logs:
> >
> > [09/May/1999 14:17:41] [error] Unable to configure server private key
> > for connection (OpenSSL library error follows)
> > [09/May/1999 14:17:41] [error] OpenSSL: error:14080074:SSL
> > routines:SSL3_ACCEPT:bad protocol version number
> >
> > So, per the message I found in the archive I did the following, results
> > follow.
> >
> > openssl s_server -ssl3 -bugs -key ssl.key/xxx.key -cert ssl.crt/xxx.crt
> > Using default temp DH parameters
> > Enter PEM pass phrase:
> > unable to get private key from 'ssl.key/xxx.key'
> > 5099:error:14080074:SSL routines:SSL3_ACCEPT:bad protocol version
> > number:x509_cmp.c:286:
> >
> > Server info: Red Hat 5.2, Apache/1.3.6, openssl-0.9.2b,
> > mod_ssl-2.2.8-1.3.6
> >
> > Any help would be greatly appreciated.
>
> As the messages indicate, your problem is the private key file contents. I
> guess it's not PEM format or garbled in some way. Try to read it first via
> "openssl rsa -noout -text -in server.key". This has to work first. When not,
> start here to solve the problem.
This works fine. I have done some more research on the certificate and
it is one of Verisign's GlobalID certificates. Does this cause
additional configuration steps or problems?
Thanks,
Brian
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
