Wonder if this has anything to do with the recent "repairs" to the ASN.1 subsystem in OpenSSL. http://www.openssl.org/news/secadv_20030930.txt
-dsp -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jeffrey Burgoyne Sent: Wednesday, October 08, 2003 7:04 AM To: [EMAIL PROTECTED] Subject: Re: ASN.1 Encoding errors Hmm, just noticed something a bit more suspicious. The error does not come up every time for the same certs. It sometimes does not seem to come up at all. Jeff On Wed, 8 Oct 2003, Jeffrey Burgoyne wrote: > Hi; > > I just upgraded an Apache server 1.3.26 with OpenSSL 0.9.7c and mod_ssl > 2.8.9 from Openssl 0.9.6d. > > I now get the following errors : > > Server www.eac-trousse.ic.gc.ca:443 (RSA) > Enter pass phrase: > > Server biotech.gc.ca:443 (RSA) > 213659:error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad > tag:a_set.c:179: > 213659:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong > tag:tasn_dec.c:946: > 213659:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 > error:tasn_dec.c:304:Type=RSA > 213659:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 > lib:d2i_pr.c:96: > Enter pass phrase: > > Server strategis.gc.ca:443 (RSA) > 213659:error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad > tag:a_set.c:179: > 213659:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong > tag:tasn_dec.c:946: > 213659:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 > error:tasn_dec.c:304:Type=RSA > 213659:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 > lib:d2i_pr.c:96: > Enter pass phrase: > > Server production.paymentnotification.ic.gc.ca:443 (RSA) > Enter pass phrase: > > Server ip-pi.gc.ca:443 (RSA) > Enter pass phrase: > > Server cbac-cccb.ca:443 (RSA) > Enter pass phrase: > > Server corporations.ic.gc.ca:443 (RSA) > Enter pass phrase: > > Server corporationscanada.ic.gc.ca:443 (RSA) > 213659:error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad > tag:a_set.c:179: > 213659:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong > tag:tasn_dec.c:946: > 213659:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 > error:tasn_dec.c:304:Type=RSA > 213659:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 > lib:d2i_pr.c:96: > Enter pass phrase: > > Ok: Pass Phrase Dialog successful. > /usr/local/apache/bin/apachectl startssl: httpd started > strategis> > > > > The virtual hosts with the error still seem to work fine. > > Ideas? > > Jeffrey Burgoyne > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]