"Visionary Website Creations, Inc." wrote:
>
> At 07:54 PM 11/20/00 +0000, you wrote:
> >Hmmm seems OK to me too. Is that the only certificate in the file?
> >
> >I suppose it is possible that some other certificate it attempts to read
> >in somewhere is corrupt: check the trusted file or directory to see if
> >anything is wrong there.
> >
> >Steve.
>
> There is one other certificate referenced in the httpsd.conf file. I'm
> sure that the error is not with the other cert, because I can remove the
> probrasive.com virtual host information and https boots just fine.
>
> I'm unclear as to what you mean by "check the trusted file or directory"
> ... what specifically should I do?
>
There should be either a load of trusted certificates in a single file
or a directory containing them. If you are using client authentication
then it may try to read the whole lot in. If one is corrupt then this
could be a problem.
Actually now I look at the error message:
error:0B067002:x509 certificate routines:X509_add_cert_file:system lib
I can't find the relevant function in OpenSSL: does it give *exactly*
the same error? If so then I suggest you get the function to print out
the file it is trying to load when it gets the error and then examine
it.
Alternatively try using the s_server utility as a test server to check
it works OK.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
