I'm not usre what your problem is off the top of my head. You can check
that the key and crt match with openssl. Check the modssl docs for how to do
this.
-N
----- Original Message -----
From: Mike Bartlett <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, November 03, 1999 2:37 AM
Subject: Problem...
> Hi all,
>
> I joined this project a tad late, and I'm by no means a Unix expert -
> but the old sysadmin left and now I'm battling away though a whole bunch
> of stuff he left unfinnished...
>
> I am getting this problem in my logs right now:
>
> bash-2.03# less apache_ssl_engine_log
>
> [02/Nov/1999 11:46:03] [info] Server: Apache/1.3.6, Interface:
> mod_ssl/2.2.8, Library: OpenSSL/0.9.2b
> [02/Nov/1999 11:46:03] [info] Init: 1st startup round (still not
> detached)
> [02/Nov/1999 11:46:03] [info] Init: Initializing OpenSSL library
> [02/Nov/1999 11:46:03] [info] Init: Loading certificate & private key
> of SSL-aware server www.messenger.co.za:443
> [02/Nov/1999 11:46:04] [info] Init: 2nd startup round (already
> detached)
> [02/Nov/1999 11:46:04] [info] Init: Reinitializing OpenSSL library
> [02/Nov/1999 11:46:04] [info] Init: Seeding PRNG with 8 bytes of
> entropy
> [02/Nov/1999 11:46:04] [info] Init: Generating temporary RSA private
> keys
> [02/Nov/1999 11:46:05] [info] Init: Initializing (virtual) servers for
> SSL
> [02/Nov/1999 11:46:05] [info] Init: Configuring server
> www.messenger.co.za:443 for SSL protocol
> [02/Nov/1999 11:47:13] [info] Connection to child 0 established (server
> www.messenger.co.za:443)
> [02/Nov/1999 11:47:13] [error] Unable to configure server private key
> for connection (OpenSSL library error follows)
> [02/Nov/1999 11:47:13] [error] OpenSSL: error:14080074:SSL
> routines:SSL3_ACCEPT:bad protocol version number
>
> When we try connect to www.messenger.co.za:443 - we get no response. The
> keys are all where they should be as defined in my apache.conf - but
> maybe one of the keys is wrong? I just hunted around the box to find his
> server.key. Could someone fill me in on how I can tell if the server.key
> is right? I'm sure the server.crt is correct as I pulled that out of an
> email from Verisign. Is there anyway to regenerate the private key (I
> assume not). HELP!!!
>
> Thanks
>
> Mike
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
