[jira] [Updated] (TS-612) ATS does not allow password protected certificates
[ https://issues.apache.org/jira/browse/TS-612?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] James Peach updated TS-612: --- Labels: (was: Review) ATS does not allow password protected certificates -- Key: TS-612 URL: https://issues.apache.org/jira/browse/TS-612 Project: Traffic Server Issue Type: Improvement Components: SSL Affects Versions: 3.0.0 Environment: Any Reporter: Igor Galić Assignee: Ron Barber Fix For: 5.0.0 Create a (self-signed) certificate with a password that is non-empty. {cat server.key server.crt server.pem} and configure it as {CONFIG proxy.config.ssl.server.cert.filename STRING server.pem} The result will be: {noformat} Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: --- Server Starting --- Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: Server Version: Apache Traffic Server - traffic_server - 2.0.1 - (build # 113112 on Dec 31 2010 at 12:58:34) Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} STATUS: opened var/log/trafficserver/diags.log Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: updated diags config Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: no cache disks specified in etc/trafficserver/storage.config: cache disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: unable to open cache disk(s): Cache Disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Cannot use server private key file. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem_lib.c:105: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:406: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:669: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Can't initialize the SSL library, disabling SSL termination!. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: logging initialized[7], logging_mode = 3 Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: traffic server running {noformat} A first -- ugly -- shot would be to at least have a password field in the configuration. In the end something taking the input of an external program or from a file would be more desirable. -- This message was sent by Atlassian JIRA (v6.1.5#6160)
[jira] [Updated] (TS-612) ATS does not allow password protected certificates
[ https://issues.apache.org/jira/browse/TS-612?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ron Barber updated TS-612: -- Labels: Review (was: ) ATS does not allow password protected certificates -- Key: TS-612 URL: https://issues.apache.org/jira/browse/TS-612 Project: Traffic Server Issue Type: Improvement Components: SSL Affects Versions: 3.0.0 Environment: Any Reporter: Igor Galić Assignee: Ron Barber Labels: Review Fix For: 5.0.0 Create a (self-signed) certificate with a password that is non-empty. {cat server.key server.crt server.pem} and configure it as {CONFIG proxy.config.ssl.server.cert.filename STRING server.pem} The result will be: {noformat} Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: --- Server Starting --- Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: Server Version: Apache Traffic Server - traffic_server - 2.0.1 - (build # 113112 on Dec 31 2010 at 12:58:34) Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} STATUS: opened var/log/trafficserver/diags.log Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: updated diags config Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: no cache disks specified in etc/trafficserver/storage.config: cache disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: unable to open cache disk(s): Cache Disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Cannot use server private key file. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem_lib.c:105: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:406: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:669: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Can't initialize the SSL library, disabling SSL termination!. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: logging initialized[7], logging_mode = 3 Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: traffic server running {noformat} A first -- ugly -- shot would be to at least have a password field in the configuration. In the end something taking the input of an external program or from a file would be more desirable. -- This message was sent by Atlassian JIRA (v6.1.5#6160)
[jira] [Updated] (TS-612) ATS does not allow password protected certificates
[ https://issues.apache.org/jira/browse/TS-612?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Leif Hedstrom updated TS-612: - Fix Version/s: (was: 6.0.0) 5.0.0 ATS does not allow password protected certificates -- Key: TS-612 URL: https://issues.apache.org/jira/browse/TS-612 Project: Traffic Server Issue Type: Improvement Components: SSL Affects Versions: 3.0.0 Environment: Any Reporter: Igor Galić Assignee: Ron Barber Fix For: 5.0.0 Create a (self-signed) certificate with a password that is non-empty. {cat server.key server.crt server.pem} and configure it as {CONFIG proxy.config.ssl.server.cert.filename STRING server.pem} The result will be: {noformat} Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: --- Server Starting --- Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: Server Version: Apache Traffic Server - traffic_server - 2.0.1 - (build # 113112 on Dec 31 2010 at 12:58:34) Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} STATUS: opened var/log/trafficserver/diags.log Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: updated diags config Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: no cache disks specified in etc/trafficserver/storage.config: cache disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: unable to open cache disk(s): Cache Disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Cannot use server private key file. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem_lib.c:105: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:406: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:669: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Can't initialize the SSL library, disabling SSL termination!. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: logging initialized[7], logging_mode = 3 Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: traffic server running {noformat} A first -- ugly -- shot would be to at least have a password field in the configuration. In the end something taking the input of an external program or from a file would be more desirable. -- This message was sent by Atlassian JIRA (v6.1.5#6160)
[jira] [Updated] (TS-612) ATS does not allow password protected certificates
[ https://issues.apache.org/jira/browse/TS-612?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Igor Galić updated TS-612: -- Assignee: Ron Barber (was: Bryan Call) ATS does not allow password protected certificates -- Key: TS-612 URL: https://issues.apache.org/jira/browse/TS-612 Project: Traffic Server Issue Type: Improvement Components: SSL Affects Versions: 3.0.0 Environment: Any Reporter: Igor Galić Assignee: Ron Barber Fix For: 6.0.0 Create a (self-signed) certificate with a password that is non-empty. {cat server.key server.crt server.pem} and configure it as {CONFIG proxy.config.ssl.server.cert.filename STRING server.pem} The result will be: {noformat} Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: --- Server Starting --- Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: Server Version: Apache Traffic Server - traffic_server - 2.0.1 - (build # 113112 on Dec 31 2010 at 12:58:34) Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} STATUS: opened var/log/trafficserver/diags.log Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: updated diags config Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: no cache disks specified in etc/trafficserver/storage.config: cache disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: unable to open cache disk(s): Cache Disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Cannot use server private key file. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem_lib.c:105: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:406: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:669: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Can't initialize the SSL library, disabling SSL termination!. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: logging initialized[7], logging_mode = 3 Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: traffic server running {noformat} A first -- ugly -- shot would be to at least have a password field in the configuration. In the end something taking the input of an external program or from a file would be more desirable. -- This message was sent by Atlassian JIRA (v6.1.5#6160)
[jira] [Updated] (TS-612) ATS does not allow password protected certificates
[ https://issues.apache.org/jira/browse/TS-612?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Leif Hedstrom updated TS-612: - Fix Version/s: (was: 3.1.4) 3.3.0 ATS does not allow password protected certificates -- Key: TS-612 URL: https://issues.apache.org/jira/browse/TS-612 Project: Traffic Server Issue Type: Improvement Components: SSL Affects Versions: 3.0.0 Environment: Any Reporter: Igor Galić Fix For: 3.3.0 Create a (self-signed) certificate with a password that is non-empty. {cat server.key server.crt server.pem} and configure it as {CONFIG proxy.config.ssl.server.cert.filename STRING server.pem} The result will be: {noformat} Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: --- Server Starting --- Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: Server Version: Apache Traffic Server - traffic_server - 2.0.1 - (build # 113112 on Dec 31 2010 at 12:58:34) Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} STATUS: opened var/log/trafficserver/diags.log Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: updated diags config Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: no cache disks specified in etc/trafficserver/storage.config: cache disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: unable to open cache disk(s): Cache Disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Cannot use server private key file. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem_lib.c:105: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:406: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:669: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Can't initialize the SSL library, disabling SSL termination!. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: logging initialized[7], logging_mode = 3 Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: traffic server running {noformat} A first -- ugly -- shot would be to at least have a password field in the configuration. In the end something taking the input of an external program or from a file would be more desirable. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (TS-612) ATS does not allow password protected certificates
[ https://issues.apache.org/jira/browse/TS-612?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Leif Hedstrom updated TS-612: - Fix Version/s: (was: 3.1.2) 3.1.3 I'm moving all 3.1.2 bugs out to 3.1.3, and we can move some 3.1.1 bugs out to 3.1.2, to get some release action going. ATS does not allow password protected certificates -- Key: TS-612 URL: https://issues.apache.org/jira/browse/TS-612 Project: Traffic Server Issue Type: Improvement Components: SSL Affects Versions: 2.1.4 Environment: Any Reporter: Igor Galić Fix For: 3.1.3 Create a (self-signed) certificate with a password that is non-empty. {cat server.key server.crt server.pem} and configure it as {CONFIG proxy.config.ssl.server.cert.filename STRING server.pem} The result will be: {noformat} Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: --- Server Starting --- Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: Server Version: Apache Traffic Server - traffic_server - 2.0.1 - (build # 113112 on Dec 31 2010 at 12:58:34) Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} STATUS: opened var/log/trafficserver/diags.log Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: updated diags config Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: no cache disks specified in etc/trafficserver/storage.config: cache disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: unable to open cache disk(s): Cache Disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Cannot use server private key file. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem_lib.c:105: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:406: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:669: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Can't initialize the SSL library, disabling SSL termination!. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: logging initialized[7], logging_mode = 3 Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: traffic server running {noformat} A first -- ugly -- shot would be to at least have a password field in the configuration. In the end something taking the input of an external program or from a file would be more desirable. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (TS-612) ATS does not allow password protected certificates
[ https://issues.apache.org/jira/browse/TS-612?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Leif Hedstrom updated TS-612: - Fix Version/s: (was: 2.1.8) 3.1 ATS does not allow password protected certificates -- Key: TS-612 URL: https://issues.apache.org/jira/browse/TS-612 Project: Traffic Server Issue Type: Improvement Components: SSL Affects Versions: 2.1.4 Environment: Any Reporter: Igor Galić Fix For: 3.1 Create a (self-signed) certificate with a password that is non-empty. {cat server.key server.crt server.pem} and configure it as {CONFIG proxy.config.ssl.server.cert.filename STRING server.pem} The result will be: {noformat} Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: --- Server Starting --- Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: Server Version: Apache Traffic Server - traffic_server - 2.0.1 - (build # 113112 on Dec 31 2010 at 12:58:34) Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} STATUS: opened var/log/trafficserver/diags.log Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: updated diags config Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: no cache disks specified in etc/trafficserver/storage.config: cache disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: unable to open cache disk(s): Cache Disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Cannot use server private key file. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem_lib.c:105: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:406: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:669: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Can't initialize the SSL library, disabling SSL termination!. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: logging initialized[7], logging_mode = 3 Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: traffic server running {noformat} A first -- ugly -- shot would be to at least have a password field in the configuration. In the end something taking the input of an external program or from a file would be more desirable. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (TS-612) ATS does not allow password protected certificates
[ https://issues.apache.org/jira/browse/TS-612?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Leif Hedstrom updated TS-612: - Fix Version/s: (was: 2.1.7) 2.1.8 ATS does not allow password protected certificates -- Key: TS-612 URL: https://issues.apache.org/jira/browse/TS-612 Project: Traffic Server Issue Type: Improvement Components: SSL Affects Versions: 2.1.4 Environment: Any Reporter: Igor Galić Fix For: 2.1.8 Create a (self-signed) certificate with a password that is non-empty. {cat server.key server.crt server.pem} and configure it as {CONFIG proxy.config.ssl.server.cert.filename STRING server.pem} The result will be: {noformat} Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: --- Server Starting --- Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: Server Version: Apache Traffic Server - traffic_server - 2.0.1 - (build # 113112 on Dec 31 2010 at 12:58:34) Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} STATUS: opened var/log/trafficserver/diags.log Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: updated diags config Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: no cache disks specified in etc/trafficserver/storage.config: cache disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: unable to open cache disk(s): Cache Disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Cannot use server private key file. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem_lib.c:105: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:406: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:669: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Can't initialize the SSL library, disabling SSL termination!. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: logging initialized[7], logging_mode = 3 Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: traffic server running {noformat} A first -- ugly -- shot would be to at least have a password field in the configuration. In the end something taking the input of an external program or from a file would be more desirable. -- This message is automatically generated by JIRA. - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (TS-612) ATS does not allow password protected certificates
[ https://issues.apache.org/jira/browse/TS-612?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Leif Hedstrom updated TS-612: - Fix Version/s: (was: 2.1.6) 2.1.7 Moving out some non-critical bugs to v2.1.7. ATS does not allow password protected certificates -- Key: TS-612 URL: https://issues.apache.org/jira/browse/TS-612 Project: Traffic Server Issue Type: Improvement Components: SSL Affects Versions: 2.1.4 Environment: Any Reporter: Igor Galić Fix For: 2.1.7 Create a (self-signed) certificate with a password that is non-empty. {cat server.key server.crt server.pem} and configure it as {CONFIG proxy.config.ssl.server.cert.filename STRING server.pem} The result will be: {noformat} Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: --- Server Starting --- Jan 3 10:50:16 proveedores traffic_server[2579]: NOTE: Server Version: Apache Traffic Server - traffic_server - 2.0.1 - (build # 113112 on Dec 31 2010 at 12:58:34) Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} STATUS: opened var/log/trafficserver/diags.log Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: updated diags config Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: no cache disks specified in etc/trafficserver/storage.config: cache disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: cache clustering disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} WARNING: unable to open cache disk(s): Cache Disabled Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Cannot use server private key file. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem_lib.c:105: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:406: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL::0:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:669: Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} ERROR: SSL ERROR: Can't initialize the SSL library, disabling SSL termination!. Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: logging initialized[7], logging_mode = 3 Jan 3 10:50:16 proveedores traffic_server[2579]: {1080362352} NOTE: traffic server running {noformat} A first -- ugly -- shot would be to at least have a password field in the configuration. In the end something taking the input of an external program or from a file would be more desirable. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.