Re: SSLCACertificateFile crashes Apache
On 2/7/06, Liam Kirsher <[EMAIL PROTECTED]> wrote: >[07/Feb/2006 11:57:08 25653] [error] OpenSSL: error:02001002:system library:fopen:No such file or directory Are you sure the path is correct? Is the path relative or absolute as you indicated in your post? -- "But we also know the dangers of a religion that severs its links with reason and becomes prey to fundamentalism" -- Cardinal Paul Poupard"It morphs into the Republican party!" -- BJ
Re: undefined symbol: RSA_generate_key
On Tue, Feb 07, 2006 at 05:02:43PM -0500, Cliff Woolley wrote: > On 2/7/06, Gordon Ross <[EMAIL PROTECTED]> wrote: > > I've got a Linux box with OpenSSL 0.9.8a installed (configured with > > threads, zlib & shared) I then configured and installed Apache 2.0.55 > > with SSL support (configure --enable-ssl --enable-mods-shared=all) > > > > When I try and start Apache, (httpd -D SSL) I get the error: > > > > Cannot load (path)/mod_ssl.so into server (path)/mod_ssl.so: undefined > > symbol: RSA_Generate_key > > It's highly likely this is the same problem described by me long long ago on > this forum related to X509_free being undefined. Take a look at this: > > http://www.mail-archive.com/modssl-users@modssl.org/msg14344.html > > The short short version is that you should try recompiling apache with > --enable-ssl=static . Or upgrade to 2.2, which fixes this problem ;) joe __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
Re: undefined symbol: RSA_generate_key
On 2/7/06, Gordon Ross <[EMAIL PROTECTED]> wrote:> I've got a Linux box with OpenSSL 0.9.8a installed (configured with> threads, zlib & shared) I then configured and installed Apache 2.0.55> with SSL support (configure --enable-ssl --enable-mods-shared=all)> > When I try and start Apache, (httpd -D SSL) I get the error:> > Cannot load (path)/mod_ssl.so into server (path)/mod_ssl.so: undefined > symbol: RSA_Generate_keyIt's highly likely this is the same problem described by me long long ago on this forum related to X509_free being undefined. Take a look at this: http://www.mail-archive.com/modssl-users@modssl.org/msg14344.htmlThe short short version is that you should try recompiling apache with --enable-ssl=static .--Cliff
SSLCACertificateFile crashes Apache
Hi -- I'm experiencing a problem setting up SSL using mod_ssl. I'm trying to get ssl running on my client's ISP-hosted virtual server: Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_ssl/2.8.12 OpenSSL/0.9.6b PHP/4.4.1 I have a cert from Comodo. SSL works properly for my recent browsers (Firefox 1.07, IE 6.0) but an older version of Opera doesn't recognize the cert and prompts the user to accept it. That situation should be fixed by installing the ca-bundle file supplied by Comodo, and setting the SSLCACertificateFile parameter in httpd.conf. However, when I add the line SSLCACertificateFile/path/to/comodo-ca-bundle Apache dies when restarting, and logs the following OpenSSL errors: [07/Feb/2006 11:57:08 25653] [error] Init: (www.domain.com:443) Unable to configure verify locations for client authentication (OpenSSL library error follows) [07/Feb/2006 11:57:08 25653] [error] OpenSSL: error:02001002:system library:fopen:No such file or directory [07/Feb/2006 11:57:08 25653] [error] OpenSSL: error:2006D002:BIO routines:BIO_new_file:system lib [07/Feb/2006 11:57:08 25653] [error] OpenSSL: error:0E064002:configuration file routines:CONF_load:system lib [07/Feb/2006 11:57:08 25653] [error] OpenSSL: error:0906D06C:PEM routines:PEM_read_bio:no start line [Hint: Bad file contents or format - or even just a forgotten SSLCertificateKeyFile?] [07/Feb/2006 11:57:08 25653] [error] OpenSSL: error:0B084009:x509 certificate routines:X509_load_cert_crl_file:missing asn1 eos I'm not sure what all that means. The SSLCertificateKeyFile is there, and it works fine as long as there is no mention of SSLCACertificateFile. Note that openssl itself is not installed on the server. The ISP has an interface for generating the csr and creating the key. The second time I generated the files on another similar server, but the end result is the same. I'm wondering if possibly openssl is looking for its configuration file openssl.cnf, and that is what is not being found. Any ideas? Liam Liam Kirsher 415-456-4420 415-438-0384 (cell) PGP: http://liam.numenet.com/pgp/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
undefined symbol: RSA_generate_key
I've got a Linux box with OpenSSL 0.9.8a installed (configured with threads, zlib & shared) I then configured and installed Apache 2.0.55 with SSL support (configure --enable-ssl --enable-mods-shared=all) When I try and start Apache, (httpd -D SSL) I get the error: Cannot load (path)/mod_ssl.so into server (path)/mod_ssl.so: undefined symbol: RSA_Generate_key Suggestions ? Thanks, GTG __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
