Hi Guys,I think you have the Apache not configured to export SSL-Parameters, like most of the ppl at the user-list did the recent days, Michael has the documantation updated because this hint was missing ;o)
I think I found a Bug...
In my acl/pub.xml i wrote:
<channel> <type>mod_ssl</type> <protocol>ssl</protocol> <source>.*</source> <asymmetric_cipher>.*</asymmetric_cipher> <asymmetric_keylength>0</asymmetric_keylength> <symmetric_cipher>.*</symmetric_cipher> <symmetric_keylength>128</symmetric_keylength> </channel>
My Mozilla tells me, Im using AES 256 bit but OpenCA complains
Error Aborting connection - you are using a too short symmetric keylength (). General Error. 6251043.
I think I am right than 256 is larger than 128 :) Every value not 0 for "symmetric_keylength" will cause this error.
Bug or am I wrong with the meaning of the param ??
look if you have enabled: SSLOptions +StdEnvVars +ExportCertData
otherwise the perl-scripts don't get the required parameters from Apache
greetings dalini
------------------------------------------------------- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
