Re: [OpenXPKI-users] Web Virtual Host not Working

2024-01-30 Thread Mark Farrugia 
Hello Martin,

Thank you for the quick response, it is very appreciated.

That mod you mentioned was definitely the issue.  Upon restart of Apache it
is failing to start, and I see in the logs that I have a problem with my
certificates I am trying to assign to the web client.

[Tue Jan 30 13:25:48.494120 2024] [ssl:emerg] [pid 24560] AH01896: Unable
to determine list of acceptable CA certificates for client authentication

I will go and work on trying to fix this issue now, but at least now it's
trying to load the SSL certificates.

Thank you
Mark.

On Tue, Jan 30, 2024 at 12:58 PM Martin Bartosch via OpenXPKI-users <
openxpki-users@lists.sourceforge.net> wrote:

> Hi Mark,
>
> > root@certca:/var/www/openxpki# openxpkicmd  --realm certca crl_issuance
> > Workflow created (ID: 255), State: SUCCESS
> >
> > But When I get to the portion of Adding the Webclient, once again
> following the instructions, I do not see Apache start listening on port 443.
> >
> > root@certca:~# netstat -an | grep 443
> > root@certca:~#
> >
> > I have created a self signed certificate and put them in the locations
> specified in the document.
> >
> > root@certca:/etc/openxpki/tls# ls -R
> > .:
> > endentity  private
> >
> > ./endentity:
> > openxpki.crt
> >
> > ./private:
> > openxpki.key
> >
> > I am not sure what I am missing, I see the openxpki.conf linked from
> "sites-enabled" to "sites-available" in /etc/apache2 directory.
> >
> > Currently, because Apache is not listening on port 443, every connection
> is understandably refused.
>
> It is quite likely that mod_ssl is not enabled in your Apache.
>
> Try
>
> a2enmod ssl
>
> and restart Apache.
>
> Cheers
>
> Martin
>
>
>
>
> ___
> OpenXPKI-users mailing list
> OpenXPKI-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openxpki-users
>
___
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users

Re: [OpenXPKI-users] Web Virtual Host not Working

2024-01-30 Thread Martin Bartosch via OpenXPKI-users 
Hi Mark,

> root@certca:/var/www/openxpki# openxpkicmd  --realm certca crl_issuance
> Workflow created (ID: 255), State: SUCCESS
> 
> But When I get to the portion of Adding the Webclient, once again following 
> the instructions, I do not see Apache start listening on port 443.
> 
> root@certca:~# netstat -an | grep 443
> root@certca:~#
> 
> I have created a self signed certificate and put them in the locations 
> specified in the document.
> 
> root@certca:/etc/openxpki/tls# ls -R
> .:
> endentity  private
> 
> ./endentity:
> openxpki.crt
> 
> ./private:
> openxpki.key
> 
> I am not sure what I am missing, I see the openxpki.conf linked from 
> "sites-enabled" to "sites-available" in /etc/apache2 directory.
> 
> Currently, because Apache is not listening on port 443, every connection is 
> understandably refused.

It is quite likely that mod_ssl is not enabled in your Apache.

Try

a2enmod ssl

and restart Apache.

Cheers

Martin




___
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users

[OpenXPKI-users] Web Virtual Host not Working

2024-01-30 Thread Mark Farrugia 
Hello,

I have been following the Quickstart Guide
 to get
OpenXPKI running on a Debian 12.4 system.

I have downloaded the latest published packages from the repository.

I can see that the Server is working, at least according to the guide.

root@certca:/var/www/openxpki# openxpkicmd  --realm certca crl_issuance
Workflow created (ID: 255), State: SUCCESS

But When I get to the portion of Adding the Webclient
,
once again following the instructions, I do not see Apache start listening
on port 443.

root@certca:~# netstat -an | grep 443
root@certca:~#

I have created a self signed certificate and put them in the locations
specified in the document.

root@certca:/etc/openxpki/tls# ls -R
.:
endentity  private

./endentity:
openxpki.crt

./private:
openxpki.key

I am not sure what I am missing, I see the openxpki.conf linked from
"sites-enabled" to "sites-available" in /etc/apache2 directory.

Currently, because Apache is not listening on port 443, every connection is
understandably refused.

Any and all help or suggestions are welcome.
Thank you
Mark.
___
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users