Re: no start line

Tue, 9 Nov 1999 09:37:30 -0800 

Hi

You have not mentioned where you put your private key by using the
directive SSLCertificateKeyFile. Have you placed your keyfile to an
appropriate place and pointed SSLCertificateKeyFile to this file.

Note that mod_ssl does not complain about the certificate, but about
the key file. Maybe that's your problem.

Bye
Tim

> Hi all.
> 
> Please forgive a struggling newbie (and point him to the appropriate resource)
> if this is a well-known problem, but I am stumped.
> 
> Installed: Apache/1.3.3 (Unix) S.u.S.E./6.0
>            OpenSSL 0.9.4 09 Aug 1999
> 
> I don't know what version of mod_ssl is built into apache, but "httpd -l"
> shows mod_ssl as a module.
> 
> In httpd.conf I have the following line specifying the certificate to use:
> 
>    SSLCertificateFile     /etc/httpd/mycert.pem
> 
> The certificate was created using the following steps:
> 
>    openssl genrsa -des3 -out cakey.pem 2048
>    openssl req -new -x509 -days 350 -key cakey.pem -out cacert.pem
>    openssl genrsa -des3 -out mykey.pem 1024
>    openssl req -new -key mykey.pem -out myreq.pem
>    openssl ca -in myreq.pem -out mycert.pem
> 
> The following error message appears in the log when I start Apache with the
> -DSSL option:
> 
> [Tue Nov  9 14:30:46 1999] [crit] (2)No such file or directory: mod_ssl:
Failed
> to read private key file /etc/httpd/mycert.pem
> [Tue Nov  9 14:30:46 1999] [error] SSLeay: error:0906D06C:PEM
> routines:PEM_read_bio:no start line
> 
> Having done a bit of looking in the FAQ and the mail archives, I found a
> similar, but not identical case. In that case, the answer (according to the
> respondent) was that the certificate had no start line. The certificate
> /etc/httpd/mycert.pem DOES however have a start line; the last part of the
file
> is the certificate, and it looks like this (abbreviated):
> 
> -----BEGIN CERTIFICATE-----
> MIIEHzCCAwegAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBjjELMAkGA1UEBhMCQ0gx
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
> User Support Mailing List                      [EMAIL PROTECTED]
> Automated List Manager                            [EMAIL PROTECTED]
> 


______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to