What about the key length?
BTW, wahts the size of a GlobalID key?
On Wed, 12 May 1999, Brian Pollock wrote:
> I am still having problems getting my certificate from Verisign to
> work. I had a GlobalID, but now I have had a SecureSite certificate
> issued, but I am still seeing the exact problem as I listed it
> originally. See below. I am sure that the key works fine when
> prompted for the PEM pass phrase it accepts the passphrase and opens
> the key just fine.
>
> Here is what my ssl_engine_log generates when I start the server and
> when I make the first request to it:
>
> [11/May/1999 23:03:33] [info] Server: Apache/1.3.6, Interface:
> mod_ssl/2.2.8, L
> ibrary: OpenSSL/0.9.2b
> [11/May/1999 23:03:33] [info] Init: 1st startup round (still not
> detached)
> [11/May/1999 23:03:33] [info] Init: Initializing OpenSSL library
> [11/May/1999 23:03:33] [info] Init: Loading certificate & private key
> of SSL-aw
> are server secure.xxxxx.com:443
> [11/May/1999 23:03:33] [info] Init: Requesting pass phrase via builtin
> terminal
> dialog
> [11/May/1999 23:03:39] [info] Init: Wiped out the queried pass phrases
> from mem
> ory
> [11/May/1999 23:03:39] [info] Init: 2nd startup round (already
> detached)
> [11/May/1999 23:03:39] [info] Init: Reinitializing OpenSSL library
> [11/May/1999 23:03:39] [info] Init: Seeding PRNG with 8 bytes of
> entropy
> [11/May/1999 23:03:39] [info] Init: Generating temporary RSA private
> keys
> [11/May/1999 23:03:40] [info] Init: Initializing (virtual) servers for
> SSL
> [11/May/1999 23:03:40] [info] Init: Configuring server
> secure.xxxxxx.com:443
> for SSL protocol
> [11/May/1999 23:05:18] [info] Connection to child 0 established (server
> secure.
> xxxxx.com:443)
> [11/May/1999 23:05:18] [error] Unable to configure server private key
> for connec
> tion (OpenSSL library error follows)
> [11/May/1999 23:05:18] [error] OpenSSL: error:14080074:SSL
> routines:SSL3_ACCEPT:
> bad protocol version number
>
>
> Does anyone have any suggestions on what I might be able to try next to
> get this to work? Formatting of the actual certificate looks good.
>
> Thanks,
> Brian
>
>
> > So, per the message I found in the archive I did the following, results
> > follow.
> >
> > openssl s_server -ssl3 -bugs -key ssl.key/xxx.key -cert ssl.crt/xxx.crt
> > Using default temp DH parameters
> > Enter PEM pass phrase:
> > unable to get private key from 'ssl.key/xxx.key'
> > 5099:error:14080074:SSL routines:SSL3_ACCEPT:bad protocol version
> > number:x509_cmp.c:286:
> >
> > Server info: Red Hat 5.2, Apache/1.3.6, openssl-0.9.2b,
> > mod_ssl-2.2.8-1.3.6
> >
> > Any help would be greatly appreciated.
> >
> > Thanks!
> > Brian
> > ______________________________________________________________________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
