No, I've checked the ownership and permissions. They are fine.
I did find a couple of differences in the formats of certificates.
Header Snip from 'server.key' genereated by the latest and greatest:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,72601916BC1B4C3F
"key "
-----END RSA PRIVATE KEY-----
++++++++++++++
Header Snip from 'myserver.key' genereated with the really old version
of Stronghold:
-----BEGIN RSA PRIVATE KEY-----
"key"
-----END RSA PRIVATE KEY-----
I don't know.. I'm pretty new to ssl as it is, so I'm pretty much
flying very blind here.
-William Scates
ConnectOK.com
Systems Administrator
.......................
C
William Scates wrote:
>
> I'm in the process of building a new secure web server, moving all the
> respective sites over, and doing some upgrading in the process.
>
> After I installed apache/openssl/modssl, I made the necessary changes to
> the
> httpd.conf file, and on apachectl configtest it gave an OK on the
> syntax.
> But when I attempted a apachectl startssl I get the following error:
> secure1[116] :/usr/local/apache/bin # ./apachectl startssl
> Syntax error on line 1049 of /usr/local/apache/conf/httpd.conf:
> SSLCertificateKeyFile: file '/usr/local/apache/conf/ssl.key/mykey.key'
> not exists or empty
> ./apachectl startssl: httpd could not be started
> ((Yes, the path is correct))
> Now I'm not sure what I've done wrong here. 'mykey.key' is an older key
> (generated a couple years ago by Stronghold), but works fine on the
> 'legacy' box.
>
> Any ideas? Is there a compatability problem? Or might the permissions,
> or something of that nature be wrong?
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
