I've got the same problem OP has with a freshly generated key and signed
cert from wosign.com on OpenBSD 5.7-stable.
The cert/key work fine with nginx, but with httpd the client simply
times out when trying to open a session with the server.
OpenSSL s_client stops right after connecting to the
Hey!
Thanks for getting back to me. Unfortunately that does not seem to be
the problem in my case. :(
On Mon, May 11, 2015 at 09:45:13PM -0500, Theodore Wynnychenko wrote:
From: Joel Sing
Sent: Sunday, March 29, 2015 5:13 AM
Subject: Re: httpd tls - what am i missing?
Okay, I've at least
Ok, so a little followup. I found out what the problem was:
The server certificate bundle given to me by my CA contained a SHA1
certificate along with the other SHA256 certificates. Apparently httpd
didn't like that. Removing this certificate from the bundle fixed my
problem.
Subject: Re: httpd tls - what am i missing?
Okay, I've at least tracked down the source of the problem - your server.pem
file contains the text version of the certificate followed by the PEM encoded
version. The combined size seems to be triggering an issue in httpd -
removing the text version
On Thu, 26 Mar 2015 08:30:23 +0100
mxb wrote:
Thank you for the suggestion. I was not aware of pound.
I?d rather go for relayd. Which is out of the box. No need to install ?yet
another port and make sure it is up2date?.
httpd is based on relayd code which would reduce the scope of the
On Fri, 27 Mar 2015 00:56:31 -0500
Theodore Wynnychenko wrote:
If there is anything else to try, please let me know.
Running current:
OpenBSD 5.7-current (RAMDISK_CD) #818: Wed Mar 18 18:59:52 MDT 2015
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD
A snapshot has
And, finally:
4. they DO NOT work when loaded by httpd
I will be the first to admit that I don't really know much about
public key cryptography and how openssl implements things. But, being
simple, it seems to me that there are really only two possibilities.
Either apache, pound, and
And, finally:
4. they DO NOT work when loaded by httpd
I will be the first to admit that I don't really know much about
public key cryptography and how openssl implements things. But, being
simple, it seems to me that there are really only two possibilities.
Either apache, pound, and
Is the certificate and key PEM encoded?
On Thu, 26 Mar 2015 08:30:23 +0100
mxb wrote:
Thank you for the suggestion. I was not aware of pound.
I’d rather go for relayd. Which is out of the box. No need to install “yet
another port and make sure it is up2date”.
httpd is based on relayd code which would reduce the scope of the
Quoting Kevin Chadwick m8il1i...@gmail.com:
On Thu, 26 Mar 2015 08:30:23 +0100
mxb wrote:
Thank you for the suggestion. I was not aware of pound.
I?d rather go for relayd. Which is out of the box. No need to install ?yet
another port and make sure it is up2date?.
httpd is based on
Also i would try something like tcpdump while connecting to a new machine
with https.
On Thu, 26 Mar 2015 23:55 Theodore Wynnychenko t...@wynnychenko.com wrote:
Quoting Kevin Chadwick m8il1i...@gmail.com:
On Thu, 26 Mar 2015 08:30:23 +0100
mxb wrote:
Thank you for the suggestion.
On 25 mar 2015, at 23:44, Theodore Wynnychenko t...@uchicago.edu wrote:
Thank you for the suggestion. I was not aware of pound.
Iâd rather go for relayd. Which is out of the box. No need to install âyet
another port and make sure it is up2dateâ.
//mxb
On Wed, Mar 25, 2015 at 05:40:11PM GMT, Theodore Wynnychenko wrote:
Hi Theodore,
So, I checked the certificate:
openssl x509 -text -noout -in /etc/ssl/server.crt
and I get:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm:
Hello again:
I am still having no luck with https and the new httpd server.
I am sorry if this is something stupid, but I would really appreciate a whack
with the clue stick.
As I said originally, http connections work fine with openbsd-current, but
https connections never connect.
I have
On Wed, 25 Mar 2015 12:40:11 -0500
Theodore Wynnychenko wrote:
I took the server.key and server.crt files to an older machine (actually, the
one I am trying to replace) that is running 4.9 (I
think) and apache.
Why not see if you can get it working with pound from packages/ports
(very quick)
On Wed, 25 Mar 2015 12:40:11 -0500
I took the server.key and server.crt files to an older machine (actually,
the one I am trying to replace) that is running 4.9 (I
think) and apache.
On Wednesday, March 25, 2015 1:52 PM:
Why not see if you can get it working with pound from packages/ports
On 3/25/15, Theodore Wynnychenko t...@uchicago.edu wrote:
Is there anything for me to look at/consider in trying to correct this?
Thanks
Ted
Here is a working example from my server. Note that I don't bother
with port 80. You might want to try without the port 80 listen line to
rule out
On March 25, 2015 6:40:11 PM GMT+01:00, Theodore Wynnychenko
t...@uchicago.edu wrote:
Hello again:
I am still having no luck with https and the new httpd server.
I am sorry if this is something stupid, but I would really appreciate a
whack with the clue stick.
As I said originally, http
On 3/25/15, Alexander Hall alexan...@beard.se wrote:
I have a feeling you cannot mix encrypted and plaintext in the same block,
but I could be wrong.
/Alexander
The example in the man page implies that it will work, also I just
tried it with my config. Seems to be working fine.
Tim.
Subject: Re: httpd tls - what am i missing?
On 3/25/15, Theodore Wynnychenko t...@uchicago.edu wrote:
Is there anything for me to look at/consider in trying to correct this?
Thanks
Ted
Here is a working example from my server. Note that I don't bother
with port 80. You might want to try
Ah, ok. Sorry for the noise, then. :-)
/Alexander
On March 26, 2015 1:47:00 AM GMT+01:00, trondd tro...@gmail.com wrote:
On 3/25/15, Alexander Hall alexan...@beard.se wrote:
I have a feeling you cannot mix encrypted and plaintext in the same
block,
but I could be wrong.
/Alexander
The
Hello Theodore,
On 23 March 2015 at 19:35, Theodore Wynnychenko t...@uchicago.edu wrote:
Hello
I think I missing something very obvious, but I have been struggling with
this for a while, and hope that someone will point out my
oversight.
Running current:
OpenBSD 5.7-current (RAMDISK_CD)
Hello
I think I missing something very obvious, but I have been struggling with this
for a while, and hope that someone will point out my
oversight.
Running current:
OpenBSD 5.7-current (RAMDISK_CD) #818: Wed Mar 18 18:59:52 MDT 2015
24 matches
Mail list logo