Hi
>From what I've expierienced, a file that was des3 encrypted under openssl
0.9.4 will get a passphrase failure when decrypted under openssl 0.9.5.
This is a openssl issue and not a mod_ssl one. You probably have to do the
following:
- decrypt the file under openssl 0.9.4
- reecrypt it under openssl 0.9.5
I had this behaviour under Linux 2.2.14, gcc 2.9.5 and glibc 2.1. Don't
know
about other constellations (Solaris seems to be O.K.).
Bye Tim
On Mon, 8 Mar 1999, "Olivier Tarnus" wrote:
> Date: Mon, 8 Mar 1999 13:50:35 +0100
> To: <[EMAIL PROTECTED]>
> From: "Olivier Tarnus" <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> Subject: Re: ASN1 : "Bad tag" Error with my own generated certificate
>
> Hi,
>
> First i would thank you for your help.
> I've check my Apache configuration and it's ok.
> I discovered that using a decrypted PEM version of my RSA key solve the
> problem...
> But don't satisfy me for security reasons :-(
> I suppose that the problem come at the first read of the certificate or
> key.
> Here are more infos :
>
> -Certificate generation:
>
> openssl genrsa -des3 -out server.key 1024
> openssl req -new -key server.key -out server.csr
> ./sign.sh server.csr (with modified sign.sh and my own CA)
>
> NB: The personnal certificate (to import in browsers) that i've
> generated with this
> CA are all working in IE5 and NS4+fortify and i've build an SSLv3
> canal
> with 128bits
> RC4-MD5 cipher between client and Apache started with PEM key.
>
> -Apache config :
>
> AddType application/x-x509-ca-cert .crt
> AddType application/x-pkcs7-crl .crl
> .....
> SSLPassPhraseDialog builtin
> SSLSessionCache dbm:/var/log/ssl_scache
> SSLSessionCacheTimeout 300
> SSLMutex file:/var/log/ssl_mutex
> SSLLog /var/log/ssl_engine_log
> SSLLogLevel info
> .....
> <VirtualHost _default_:443>
> SSLEngine on
> SSLCACertificateFile /etc/httpd/ssl.crt/ca.crt
> SSLCACertificatePath /etc/httpd/ssl.crt/
> SSLCertificateFile /etc/httpd/ssl.crt/server.crt
> SSLCertificateKeyFile /etc/httpd/ssl.key/server.key
> #SSLCipherSuite +MEDIUM
> #SSLRequireSSL
> SSLVerifyClient require
> SSLVerifyDepth 1
> SSLOptions +StdEnvVars
> DocumentRoot /...
> ServerName www2.mba-france.com
> ServerAdmin [EMAIL PROTECTED]
> ErrorLog /var/log/...
> CustomLog /var/log/...
> </VirtualHost>
>
> - Logs ( /var/log/ssl_engibe_log ):
>
> Server: Apache/1.3.12, Interface: mod_ssl/2.6.1, Library:
> OpenSSL/0.9.5
> Init: 1st startup round (still not detached)
> Init: Initializing OpenSSL library
> Init: Loading certificate & private key of SSL-aware server
> www2.mba-france.com:443
> Init: Requesting pass phrase via builtin terminal dialog
> Init: Private key not found (OpenSSL library error follows)
> OpenSSL: error:0D084069:asn1 encoding routines:d2i_ASN1_SET:bad tag
> OpenSSL: error:0D09D082:asn1 encoding
> routines:d2i_RSAPrivateKey:parsing
> OpenSSL: error:0D09B00D:asn1 encoding routines:d2i_PrivateKey:ASN1
> lib
>
> ??? what mean this "bad tag" Error ???
>
> Say me if you want more infos (Dummy Certificate files, prog
> versions...).
>
> Thank a lot.
>
> Olivier
>
>
>
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
