Re: Errors in Apache
Hi Mark Nazzaro, Mark (Mark) wrote: We are getting the following error messages in our Apache error_log: [Wed Nov 21 08:43:40 2001] [error] mod_ssl: SSL handshake failed (server mylucent.web.lucent.com:443, client 135.103.93.70) (OpenSSL library error follows) [Wed Nov 21 08:43:40 2001] [error] OpenSSL: error:27066221::lib(39) :func(102) :reason(545) [Wed Nov 21 08:43:40 2001] [error] OpenSSL: error:1409B004::lib(20) :func(155) :reason(4) Any help would be greatly appreciated. Was your server running OK befor, or is it a new error? Which service: apache wih mod_ssl or apache_ssl? Which version? Laurent Jouannic http:/www.d2i.fr (in french) __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Compilation problem/missing files:openssl.pod
Hi to the ML when I want to compile openssl-0.9.6b I have the following answer: make[1]: Entering directory `/home/julien/source/openssl-0.9.6b/doc' pod2man --center='OpenSSL Documentation' --release=OpenSSL --section=1 openssl.pod openssl.1 Can't open openssl.pod for reading: No such file or directory at /usr/bin/pod2man line 48 make[1]: *** [openssl.1] Error 255 make[1]: Leaving directory `/home/julien/source/openssl-0.9.6b/doc' make: *** [sub_all] Error 1 Anyone go an idea? Thanks. Laurent Jouannic __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Compilation problem/missing files:openssl.pod
Hi Lutz, First, thanks 4 your answer. Lutz Jaenicke wrote: On Fri, Nov 16, 2001 at 09:05:52AM +, Laurent Jouannic wrote: Hi to the ML when I want to compile openssl-0.9.6b I have the following answer: make[1]: Entering directory `/home/julien/source/openssl-0.9.6b/doc' pod2man --center='OpenSSL Documentation' --release=OpenSSL --section=1 openssl.pod openssl.1 Can't open openssl.pod for reading: No such file or directory at /usr/bin/pod2man line 48 make[1]: *** [openssl.1] Error 255 make[1]: Leaving directory `/home/julien/source/openssl-0.9.6b/doc' make: *** [sub_all] Error 1 Anyone go an idea? No. the openssl.pod file is in openssl-0.9.6b/doc/apps. I am somewhat irritated that make claims to be in openssl-0.9.6b/doc (please note the missing apps in the location), and I am even more irritated that /usr/bin/pod2man is being called. I am quite sure that the correct call would be to $(PERL) ../../util/pod2man.pl. As far as I remember the pod2man version shipped with openssl has been modified, so using a system version of it may lead to unwanted results... Are you sure you are building from an unmodified OpenSSL-0.9.6b source? Well, I had allready downloaded a version of opennsll-0.9.6b and it ran great. But I run under Debian and to build a apache-ssl with transparent proxy, I have to get the source of the Debian-package, to patch and compile it. But I had error during compilation with undefined function. So I decided to get the openssl source from debian, but unstable package ( dependance between the packages). And I downloaded it from the: deb-src http://non-us.debian.org/debian-non-US unstable/non-US main contrib non-free So here was, my situation. Any ideas? Thanks. Laurent Jouannic. Best regards, Lutz __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
pb with apache-ssl
Hi to the ML, I got a big pb with apache-ssl (debian) It was running well, but now when I want to connect in https, the server ask me if I accept the certificat and after it give me the following message: the connection contained no data. What's on? Thank's. Regards. Laurent. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
problem while compiling the fswcert patch x509 for freeswan
Hi to the ML to apply the fswcert patch I put SSLDIR=/usr/local/openssl.0.9.6b in the Makefile and I have the following error: make gcc -L/usr/local/openssl.0.9.6b/lib -o fswcert fswcert.o -lcrypto /usr/bin/ld: cannot find -lcrypto collect2: ld returned 1 exit status make: *** [fswcert] Error 1 the lib directory doesn't exist but I have these subdir /usr/local/openssl.0.9.6b/crypto/asn1/lib /usr/local/openssl.0.9.6b/crypto/bf/lib /usr/local/openssl.0.9.6b/crypto/bio/lib /usr/local/openssl.0.9.6b/crypto/bn/lib /usr/local/openssl.0.9.6b/crypto/buffer/lib /usr/local/openssl.0.9.6b/crypto/cast/lib /usr/local/openssl.0.9.6b/crypto/comp/lib /usr/local/openssl.0.9.6b/crypto/conf/lib /usr/local/openssl.0.9.6b/crypto/des/lib /usr/local/openssl.0.9.6b/crypto/dh/lib /usr/local/openssl.0.9.6b/crypto/dsa/lib /usr/local/openssl.0.9.6b/crypto/dso/lib /usr/local/openssl.0.9.6b/crypto/engine/lib /usr/local/openssl.0.9.6b/crypto/err/lib /usr/local/openssl.0.9.6b/crypto/evp/lib /usr/local/openssl.0.9.6b/crypto/hmac/lib /usr/local/openssl.0.9.6b/crypto/idea/lib /usr/local/openssl.0.9.6b/crypto/lhash/lib /usr/local/openssl.0.9.6b/crypto/md2/lib /usr/local/openssl.0.9.6b/crypto/md4/lib /usr/local/openssl.0.9.6b/crypto/md5/lib /usr/local/openssl.0.9.6b/crypto/mdc2/lib /usr/local/openssl.0.9.6b/crypto/objects/lib /usr/local/openssl.0.9.6b/crypto/pem/lib /usr/local/openssl.0.9.6b/crypto/pkcs12/lib /usr/local/openssl.0.9.6b/crypto/pkcs7/lib /usr/local/openssl.0.9.6b/crypto/rand/lib /usr/local/openssl.0.9.6b/crypto/rc2/lib /usr/local/openssl.0.9.6b/crypto/rc4/lib /usr/local/openssl.0.9.6b/crypto/rc5/lib /usr/local/openssl.0.9.6b/crypto/ripemd/lib /usr/local/openssl.0.9.6b/crypto/rsa/lib /usr/local/openssl.0.9.6b/crypto/sha/lib /usr/local/openssl.0.9.6b/crypto/stack/lib /usr/local/openssl.0.9.6b/crypto/txt_db/lib /usr/local/openssl.0.9.6b/crypto/x509/lib /usr/local/openssl.0.9.6b/crypto/x509v3/lib /usr/local/openssl.0.9.6b/crypto/lib /usr/local/openssl.0.9.6b/rsaref/lib /usr/local/openssl.0.9.6b/ssl/lib /usr/local/ssl/lib wich one is the good one? Otherwise, is there a site where it could be possible to find all question/answer about openssl? Thanks. Laurent. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
script to generate x509 certificate
Does someone have a good script to generate x509 certificates, because I have troubles whith mine: #!/bin/sh if [ x$1 = x ]; then echo -e \nUsage: $0 certname\n exit; fi; if [ ! -e /etc/ssl/demoCA/cacert.pem ]; then echo Creating new CA. Enter read $dummy cd /etc/ssl /usr/lib/ssl/misc/CA.sh -newca fi; if [ ! -e /etc/ssl/demoCA/newca.pem ]; then echo Creating certificate with 1024 days validity. Enter read $dummy openssl x509 -out /etc/ssl/demoCA/newca.pem -days 1024 -in /etc/ssl/demoCA/cacert.pem -signkey /etc/ssl/demoCA/private/cakey.pem fi; cd /etc/ssl /usr/lib/ssl/misc/CA.sh -newreq /usr/lib/ssl/misc/CA.sh -sign openssl pkcs12 -export -in newcert.pem -inkey newreq.pem -certfile demoCA/newca.pem -out $1_key.p12 mv newcert.pem $1_cert.pem mv newreq.pem $1_key.pem Thanks. Laurent. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]