How do I get rid of these errors?
FIPS Openssl 1.2
[Thu
Apr 29 15:41:22 2010] [notice] Operating in SSL FIPS mode
[Thu Apr 29 15:41:22 2010] [error] Init: Skipping generating temporary 512 bit
RSA
private key in FIPS mode
[Thu Apr 29 15:41:22 2010] [error] Init:
Skipping
How do I get rid of these errors?
FIPS Openssl 1.2
[Thu Apr 29 15:41:22 2010] [notice] Operating in SSL FIPS mode
[Thu Apr 29 15:41:22 2010] [error] Init: Skipping generating temporary 512 bit
RSA private key in FIPS mode
[Thu Apr 29 15:41:22 2010] [error] Init: Skipping generating temporary
Mod SSL
I would like fo get the technical reason for
this. I know of someone who installed the
WebAgent.tar file from your web site and
it worked with the latest versions of
Apache and mod_ssl.
I am worried that I might be using the
Web Agent in incorrect manner.
Thanks for your help with this
Apache Version / RSA Secure ID question:
Why is RSA WebAgent5.1 not supported
with Apache 1.3.27 and mod_ssl-2.8.12-1.3.27
(had to use Apache 1.3.26 not 1.3.27)?
I would like fo get the technical reason for
this. I know of someone who installed the
WebAgent.tar file from your web site
://www.rsasecurity.com/go/apacheagent/, not from
http://www.modssl.org/. If you're having a problem
with WebAgent, contact RSA, not the mod_ssl group.
--Cliff
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support
Hello Owen,
After I have set ServerName in the ssl.conf file to yin.fokus.gmd.de,
this error [warn] RSA server certificate CommonName (CN)
`yin.fokus.gmd.de' does NOT match server name!?does not exist in file
error_log.
It seems that I can start HTTP secure server ... ( I think that I have
with the host address.
I now start apache with apachect1 startssland get the following message
in error_log file, but no errors in the console
[Wed Jan 29 08:34:02 2003] [warn] RSA server certificate CommonName (CN)
`yin.fokus.gmd.de' does NOT match server name!?
[Wed Jan 29 08:34:03 2003
-Original Message-
From: Aihong Yin [mailto:[EMAIL PROTECTED]]
Sent: Mittwoch, 29. Januar 2003 11:00
To: [EMAIL PROTECTED]
Subject: [warn] RSA server certificate CommonName (CN) `yin.*' does NOT
match server name!?
Hello all,
I am trying to setup my server (apache 2.0.43, opensl 0.9.6g
On Wed, Jan 29, 2003 at 11:00:05AM +0100, Aihong Yin wrote:
Hello all,
I am trying to setup my server (apache 2.0.43, opensl 0.9.6g on RedHat
7.1).
I have created a SSL server certificate using a self-made CA, and am
sure that
the Common Name in the Server Certificate und ServerName in
ith "apachect1 startssl"and get the following messagein error_log file, but no errors in the console[Wed Jan 29 08:34:02 2003] [warn] RSA server certificate CommonName (CN)`yin.fokus.gmd.de' does NOT match server name!?[Wed Jan 29 08:34:03 2003] [notice] Digest: generating secret for di
PROTECTED]]
Sent: Mittwoch, 29. Januar 2003 12:07
To: [EMAIL PROTECTED]
Subject: Re: [warn] RSA server certificate CommonName (CN)
`yin.fokus.gmd.de' does NOT match server name!?
Hello Owen and Toftum,
thanks for your mail.
Hello all,I am trying to setup my server (apache 2.0.43, opensl 0.9.6g
Boyle Owen wrote:
PLease post in plain text - my mail client doesn't handle HTML mail...
The thing you type into the browser's Location window has to match
what's in the cert. Does it?
Yes, it does. but this error [warn] RSA server certificate CommonName (CN)
does NOT match server name
-Original Message-
From: Aihong Yin [mailto:[EMAIL PROTECTED]]
Sent: Mittwoch, 29. Januar 2003 12:47
To: [EMAIL PROTECTED]
Subject: Re: [warn] RSA server certificate CommonName (CN)
`yin.fokus.gmd.de' does NOT match server name!?
Boyle Owen wrote:
PLease post in plain text - my mail
We're using RSA bsafe sslc22 libraries to generate a PKCS#8
encryypted RSA private key for Apache 2.0.39 mod_ssl
using openssl 0.9.6e. We can use the key in cleartext
but when we encrypt it Apache can't decrypt it.
The interesting thing is that the openssl rsa command
can read the key file
en install
your changes. Since mod_ssl is tied to a specific version of Apache I
am afraid your changes may mix it up if _you_ patch first.
I'm still confused by the RSARef box in the architecture
diagrams that I've seen. Is it also a legacy reference, or do I also
still need some component fr
temporary 512 bit RSA private
key
Hi, all.
I've been trying to add a couple of modules to my Apache, and just
can't seem to get it to do it's thing. Forgive me if I tell you too
much, but I'm just trying to be thorough.
STEP 1:
===
perl Makefile.PL USE_APACI=1 USE_DSO=0 EVERYTHING=1 \
RSA private key. I've moved to the apache
directory
and run "make certificate" before the "make test", but it doesn't
help.
If I'm not mistaken, I had this problem when I was first installing
the
server, and ended up skipping the test. It installed and has been
On Fri, Feb 09, 2001 at 01:04:51PM -0800, Paul wrote:
EGD is great -- thanks for the suggestion -- but the "make test" is
still no go. The OpenSSL manpage for RAND_egd (to which egd.pl docs
pointed me) says if the socket is /dev/egd-pool it'll use it
automatically, but it's a no-go so far.
--- Lutz Jaenicke [EMAIL PROTECTED] wrote:
On Fri, Feb 09, 2001 at 01:04:51PM -0800, Paul wrote:
EGD is great -- thanks for the suggestion -- but the "make test" is
still no go. The OpenSSL manpage for RAND_egd (to which egd.pl docs
pointed me) says if the socket is /dev/egd-pool it'll
.
==
STEP 3: make test
Here's the problem. It runs fine till t/TEST tries to spawn a server
and hit it. The server fails at init because it can't generate a
temporary 512 bit RSA private key. I've moved to the apache directory
and run "make certificate" before the
file.
[error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
Any suggestions are welcome.
Anu.
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List
to generate
temporary 512 bit RSA private key
I know, that this problem is mentioned in the Mod_SSL FAQ,
but this didn't resolve my problem.
I have tried
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
with an ".rnd" file in the home-Directory of the Webserver-User
a
:
Sun Solaris 2.7
Apache 1.3.14
modssl 2.7-1.3.14
open-ssl.0.9.6
I got the following message when I tried to start APACHE...
./apachectl start: httpd could not be started
and error_log shows this:
mod_ssl: Init: failed to generate temporary 512 bit RSA private key
I went through modssl
Title: Failed to generate temporary 512 bit RSA private key on Solaris 2.7
Hello everybody,
I am running the following:
Sun Solaris 2.7
Apache 1.3.14
modssl 2.7-1.3.14
open-ssl.0.9.6
I got the following message when I tried to start APACHE...
./apachectl start: httpd could
install
When I run /usr/local/apache/bin/httpd -d /export/home0/apache/gamsau to
test my normal web server with this new version, I get the error
" mod_ssl: Init: Failed to generate temporary 512 bit RSA private key"
Thanks for any help
--
Anne DURAND
GAMSAU - MAP
UMR CNRS-MCC n° 694
&
Hi,
I am trying to enable https on my openbsd
box.
I just made and signed my keys with the CA.sh
script.
I placed the certificate and the private key in the
right place and started apache with apachectl startssl
command
Server kmoware.com:443 (RSA)Enter pass
phrase:
Ok: Pass Phrase
Full_Name: koroten v
Version: win32 apache 1.3.12
OS: win98
Submission from: (NULL) (62.76.169.62)
Failed to generate temporary 512 bit RSA private key
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
Hi,
I have the exact problem of "Failed to generate
temporary 512 bit RSA private key" as stated in your mod_ssl:FAQ.
My server is compiled on Solaris-2.6 platform with the combination of
/Apache-1.3.9/openssl-2.4.9/mod-ssl-0.9.5a/mm-1.1.3/rsaref-2.0.
Can you kindly tell me
On Tue, Oct 17, 2000 at 12:28:07PM -0700, T. Charng wrote:
Hi,
I have the exact problem of "Failed to generate
temporary 512 bit RSA private key" as stated in your mod_ssl:FAQ.
My server is compiled on Solaris-2.6 platform with the combination of
/Apache-1.3.9/openssl-2.4
Bonjour!
Now that mod_ssl-2.7.1-1.3.14 can't use that buggy and restricted peice
of code anymore what can we use now !?!
And what option do we use in the ./configure line to use it?
TIA,
Armand
--
Linux 2.4.0-test10 #1 SMP Sun Oct 15 20:23:06 MST 2000 i686
Tue Oct 17 01:03:00 MST 2000
KxICQ
On Tue, Oct 17, 2000 at 01:06:52AM -0700, Armand wrote:
Now that mod_ssl-2.7.1-1.3.14 can't use that buggy and restricted peice
of code anymore what can we use now !?!
And what option do we use in the ./configure line to use it?
You don't need to do anything! OpenSSL contains the RSA
to use it?
You don't need to do anything! OpenSSL contains the RSA algorithms.
-Dave
--
Linux 2.4.0-test10 #1 SMP Sun Oct 15 20:23:06 MST 2000 i686
Tue Oct 17 08:03:00 MST 2000
KxICQ 53763745
__
Apache Interface to OpenSSL
was finally able to generate a key and csr successfully. But when I
run: apachectl start or apachectl startssl, I'm still receiving:
./apachectl start: httpd could not be started
and error_log shows this:
mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
Any suggestions would
and csr successfully. But when I
run: apachectl start or apachectl startssl, I'm still receiving:
./apachectl start: httpd could not be started
and error_log shows this:
mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
Any suggestions would be appreciated
me a lot of time setting this up.
Thanks!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Duane Gran
Sent: Wednesday, September 27, 2000 12:14 PM
To: [EMAIL PROTECTED]
Subject: Re: Failed to generate temporary 512 bit RSA private key
Jennifer,
I had
PROTECTED]
Subject: Re: Failed to generate temporary 512 bit RSA private key
Jennifer,
I had this problem and you will find a third party Solaris /dev/random
implementation here:
http://www.cosy.sbg.ac.at/~andi/
I have been using it for months in production with good results.
Duane
requires cc.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Duane Gran
Sent: Wednesday, September 27, 2000 1:55 PM
To: [EMAIL PROTECTED]
Subject: Re: Failed to generate temporary 512 bit RSA private key
Jennifer,
The default httpd.conf should work, however
:55 PM
To: [EMAIL PROTECTED]
Subject: Re: Failed to generate temporary 512 bit RSA private key
Jennifer,
The default httpd.conf should work, however you have to have the
following two entries in place in order for the new /dev/random device
to work:
SSLRandomSeed startup file:/dev
"apachectl start" commands. I see the following entry in the error_log:
[Mon Aug 21 11:01:04 2000] [error] mod_ssl: Init: Failed to generate
temporary 512 bit RSA private key
Has anyone else encountered this error, and if so, could you give some
hints about how to resolve it? Ma
On Wednesday, August 23, 2000, at 09:02 AM, Duane Gran wrote:
I just wanted to give an update. I was able to solve this problem with
a free third party /dev/random and /dev/urandom implementation:
http://www.cosy.sbg.ac.at/~andi/
I want to add my 2 cents here. I'm using Andi's package
what I got:
[snip]
in the logfile:
[Fri Aug 18 17:18:28 2000] [notice] Apache/1.3.12 (Unix) configured -- resuming
normal operations
[Fri Aug 18 17:22:43 2000] [error] mod_ssl: Init: Failed to generate temporary
512 bit RSA private key
I put debug and trace in the S
On Wed, Aug 23, 2000 at 12:20:22PM -0400, Bill Garrison wrote:
On Wednesday, August 23, 2000, at 09:02 AM, Duane Gran wrote:
I just wanted to give an update. I was able to solve this problem with
a free third party /dev/random and /dev/urandom implementation:
apachectl start" commands. I see the following entry in the error_log:
[Mon Aug 21 11:01:04 2000] [error] mod_ssl: Init: Failed to generate
temporary 512 bit RSA private key
Has anyone else encountered this error, and if so, could you give some
hints about how to resolve it? Many thanks in
a the "apachectl startssl" or the regular
"apachectl start" commands. I see the following entry in the error_log:
[Mon Aug 21 11:01:04 2000] [error] mod_ssl: Init: Failed to generate
temporary 512 bit RSA private key
Has anyone else encountered this error, and if so,
"apachectl start" commands. I see the following entry in the error_log:
[Mon Aug 21 11:01:04 2000] [error] mod_ssl: Init: Failed to generate
temporary 512 bit RSA private key
Has anyone else encountered this error, and if so, could you give some
hints about how to resolve it? Ma
A modest proposal:
Since
"Failed to generate temporary 512 bit RSA private key"
is such an FAQ on this list (even though it's in the FAQ ;-),
perhaps some defensive coding might be order that detects possible
errors earlier and so gives a more informative error message?
An easy
Mads Toftum wrote:
On Fri, Jul 28, 2000 at 06:01:33PM +0900, Simon Dubey wrote:
Hello
I have just installed mod-ssl on a solaris /sparc machine and get the
above error.
I have read the FAQ and tried to following what it is suggesting with
$HOME/.rnd but do not quite follow it -
son
[EMAIL PROTECTED]
Simon Dubey [EMAIL PROTECTED] on 07/31/2000 01:00:47 PM
Please respond to [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
cc:
Subject: Re: Problem with "Failed to generate temporary 512 bit RSA
private key"
Mads Toftum wrote:
On Fri, Jul 28, 2000 at 06:01:33P
On Fri, Jul 28, 2000 at 06:01:33PM +0900, Simon Dubey wrote:
Hello
I have just installed mod-ssl on a solaris /sparc machine and get the
above error.
I have read the FAQ and tried to following what it is suggesting with
$HOME/.rnd but do not quite follow it - well what I did, did not
Hello
I have just installed mod-ssl on a solaris /sparc machine and get the
above error.
I have read the FAQ and tried to following what it is suggesting with
$HOME/.rnd but do not quite follow it - well what I did, did not work.
I have also tried truerand as well but that did not work either.
Full_Name: Robert Aden
Version: 2.6.0-1.3.12
OS: bsdi 3.1
Submission from: (NULL) (195.67.147.20)
I think the subject pretty much says it all.
Don't really know if this is a bug or a bad configuration on my system but i
cant find anything wrong and the same setup works on bsdi4.1.
using:
Hello,
I get this error message when i start apache after installing modssl :
"Failed to generate temporary 512 bit RSA private key"
I have looked in the archive and found people having the same problem... but
no answer.
How can I fix this ?
Thank you very much,
To: [EMAIL PROTECTED]
Sent: Tuesday, July 11, 2000 11:28 AM
Subject: Re: Failed to generate temporary 512 bit RSA private key
On Tue, Jul 11, 2000 at 11:15:22AM -0400, Silesky Marketing Inc, Support
wrote:
Hello,
I get this error message when i start apache after installing modssl :
"Fai
On Tue, Jul 11, 2000 at 11:52:32AM -0400, Silesky Marketing Inc, Support wrote:
Thank you very much,
but we still couldn't make it work.
We made sure the PRNG has been seeded with at least 128 bits of randomness.
The error message is still there. How can we fix that ?
Please make sure
The ssl_engine_log is empty
any idea ?
Thanks,
Laurent
- Original Message -
From: "Lutz Jaenicke" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, July 11, 2000 2:06 PM
Subject: Re: 2 - Failed to generate temporary 512 bit RSA private key
On Tue, Jul 11, 2000 at
On Tue, Jul 11, 2000 at 02:16:11PM -0400, Silesky Marketing Inc, Support wrote:
The ssl_engine_log is empty
any idea ?
mod_ssl (2.6.5) will initialize the seed (ssl_engine_init.c:348), then
immediately call RSA_generate_key(). If this one fails, it will
die and log the contents of the error
Full_Name: Robert Aden
Version: 2.6.0-1.3.12
OS: bsdi 3.1
Submission from: (NULL) (195.67.147.20)
I think the subject pretty much says it all.
Don't really know if this is a bug or a bad configuration on my system but i
cant find anything wrong and the same setup works on bsdi4.1.
using:
Hi,
I would like to know the difference between RSA and DSA Encryption
Engine.
Thank you,
Mark
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List
On Fri, May 19, 2000 at 07:07:04AM +0200, [EMAIL PROTECTED] wrote:
When I started the apachectl -startssl. There is message on the log file:
[Fri May 19 13:55:00 2000] [error] mod_ssl: Init: Failed to generate temporary
512 bit RSA private key
This is a FAQ - http://www.modssl.org/docs
/sbin/openssl rsa -in server.key.org -out
server.k
openssl:Error: 'rsa' is an invalid command.
Standard commands
asn1parse cipherscrlcrl2pkcs7
dgst
dh dsadsaparam enc
errstr
gendh gendsa genrsa
Full_Name: Kelvin Kwok
Version: mod_ssl-2.6.3-1.3.12
OS: Solaris 2.7
Submission from: (NULL) (202.33.124.22)
When I started the apachectl -startssl. There is message on the log file:
[Fri May 19 13:55:00 2000] [error] mod_ssl: Init: Failed to generate temporary
512 bit RSA private key
Hi,
Ii noticed that in the SSL_CTX setup code for each server you pre-create
temporary RSA and DH keys and set them into the SSLModConfigRec
structure
but nowhere do you free up the keys by calling RSA/DH_free(). Is there
some thought behind this or is this because you expect the OS to clean
up
Ii noticed that in the SSL_CTX setup code for each server you pre-create
temporary RSA and DH keys and set them into the SSLModConfigRec
structure but nowhere do you free up the keys by calling RSA/DH_free().
Is there some thought behind this or is this because you expect the OS
to clean up
I've been reading through Schneier book and
noticed that you have (at least) 2 public key
crypto options, RSA and DSA. i noticed that
openssl supports both RSA and DSA but when i
figured out how to get mod_ssl to work with
DSA.
under "apache-modssl" on MARC, i found the
followi
Does anyone know what version of RSA BSAFE toolkit is used in OpenSSL 0.9.x
(crypto altgorithms, etc.)?
-Jeff
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List
On Wed, Mar 15, 2000, Jeff wrote:
Does anyone know what version of RSA BSAFE toolkit is used in OpenSSL 0.9.x
(crypto altgorithms, etc.)?
Our OpenSSL doesn't contain the RSA BSAFE toolkit, nor do we use it.
Or did I misunderstood your question?
Ralf S
On Mon, Mar 13, 2000 at 05:53:24PM -0800, Saleej T wrote:
...
/usr/local/apache/bin/apachectl startssl:
httpd could not be started
and in the ssl log file it is giving
[13/Mar/2000 17:24:56 06351] [error] Init: Failed to
generate temporary 512 bit RSA private key
[13/Mar
sr/local/apache/bin/apachectl
startssl" it is giving the following message.
/usr/local/apache/bin/apachectl startssl:
httpd could not be started
and in the ssl log file it is giving
[13/Mar/2000 17:24:56 06351] [error] Init: Failed to
generate temporary 512 bit RSA private ke
On Fri, Mar 10, 2000, Bill Stasiowski wrote:
I'm using Solaris 2.7 and I've had the same problem as below and tried
creating the random file in $HOME/.rnd and still get the same error
message. has anyone else had any success with this? thankyou.
It depends _how_ you create it. A "touch
wrote:
Verifying password - Enter PEM pass phrase:
unable to write key
15808:error:24064064:random number generator:SSLEAY_RAND_BYTES:prng not
seeded:md_rand.c:470:
mkcert.sh:Error: Failed to encrypt RSA private key
*** Error code 1
make: Fatal error: Command failed for target
"Ralf S. Engelschall" wrote:
[Tue Mar 7 17:42:46 2000] [error] mod_ssl: Init: Failed to generate
temporary 512 bit RSA private key
FAQ: http://www.modssl.org/docs/2.6/ssl_faq.html#entropy
Cool thanks - didn't realise it'd be this easy :)
Regar
...
Verifying password - Enter PEM pass phrase:
unable to write key
15808:error:24064064:random number generator:SSLEAY_RAND_BYTES:prng not
seeded:md_rand.c:470:
mkcert.sh:Error: Failed to encrypt RSA private key
*** Error code 1
make: Fatal error: Command failed for target `certificate'
Current
On Thu, Mar 09, 2000, Dave Kimberley wrote:
Verifying password - Enter PEM pass phrase:
unable to write key
15808:error:24064064:random number generator:SSLEAY_RAND_BYTES:prng not
seeded:md_rand.c:470:
mkcert.sh:Error: Failed to encrypt RSA private key
*** Error code 1
make: Fatal error
temporary 512 bit RSA private key
Does anyone know why this might be the case?
I also upgraded OpenSSL from v0.9.4 to 0.9.5, would this have broken
anything?
Regards,
Graham
--
__
Apache Interface to OpenSSL (mod_ssl
] mod_ssl: Init: Failed to generate
temporary 512 bit RSA private key
FAQ: http://www.modssl.org/docs/2.6/ssl_faq.html#entropy
Ralf S. Engelschall
[EMAIL PROTECTED
this logged to error.log, and it bombs out:
[error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
I'm not quite sure why it's trying to generate this temporary key...I'm not
located in the US, so, from what I understand, don't need an RSA key, right?
Is it expecting
, and it bombs out:
[error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
I'm not quite sure why it's trying to generate this temporary key...I'm not
located in the US, so, from what I understand, don't need an RSA key, right?
Is it expecting a key to have already been generated
On Wed, Sep 29, 1999, Fabrizio Pivari wrote:
I've read the FAQ and I was able to test SSL and Client- Authentication
The documentation is very well and explain like to generate all the
certificates with RSA, 3DES, MD5
Is it possible to use
DSA, IDEA, SHA1 ?
Could you explain me
Hi,
I've read the FAQ and I was able to test SSL and Client- Authentication
The documentation is very well and explain like to generate all the
certificates with RSA, 3DES, MD5
Is it possible to use
DSA, IDEA, SHA1 ?
Could you explain me the command I need to use?
Thanks
Fabrizio
to pay Covalent or C2Net a fee in order to obtain a
legitimate license-to-use the RSA algorithms, I am highly averse to
blindly linking object code into my production Apache server!
Is it possible to compile Apache + mod_ssl + OpenSSL entirely from
source *AND* still include the RC4, RC5, etc
--with-ssl=../openssl-0.9.2b
\
--with-rsa=../rsaref-2.0/local --prefix=/usr/local/apache
--disable-rule=SSL_COMPAT
-- cd ..
4. mod_perl-1.19:
-- cd mod_perl-1.19
-- perl Makefile.PL APACHE_SRC=../apache_1.3.6/src DO_HTTPD=1 USE_APACI=1
\
PREP_HTTPD=1 EVERYTHING=1
A while ago on this list there was some discussion as to buying RedHat
Secure server and shelving it so you had a license to use rsaref.
did it come to a concrete conclusion?
Thanks
Chris
__
Apache Interface to SSLeay
c.
Insert this flag into your platform line in SSLeay's Configure script and
recompile SSLeay and relink mod_ssl's libssl.so. The problem went away for me
then. Alternatively you can build mod_ssl without DSO? Or do you already
compiling mod_ssl statically? When this is the case I've still no cl
ve still no clue why the
RSA part of SSLeay dumps core.
Thanks, using -fPIC (in openssl) didn't help but compiling apache statically
got me to a working apache server with SSL. Wow, I never saw an 8 MB httpd,
guess I can remove all those '-g' switches now.
Yes, you can. But don't panic becaus
lem went away for me
then. Alternatively you can build mod_ssl without DSO? Or do you already
compiling mod_ssl statically? When this is the case I've still no clue why the
RSA part of SSLeay dumps core.
Ralf S. Engelschall
Hello all. Just joined the list, but thought I'd put in my 2 sense
about RSA.
Back before I grew a brain and migrated to Apache, I was running several
Netscape Enterprise servers on an intranet and wanted to keep traffic to
it private. Being the low-level gumby that I am, I knew that my
Platform is gcc 2.8.1 on an SGI Indigo2 (irix-gcc).
Have you noticed this paragraph in mod_ssl's INSTALL file?
Perhaps your SGI box has a similar problem?
I don't know anything about this problem, but this hint may help: I heard
that the SGI cc compiler is useing some "workarounds" to avoid
with gdb, found that the error occurs in a function called RSA_flags:
(gdb) bt
#0 0x41926e0 in RSA_flags (r=0x100abc50) at rsa_lib.c:246
#1 0x415c130 in ssl_set_pkey (c=0x100bb578, pkey=0x100b9cd8) at
ssl_rsa.c:235
#2 0x415c024 in SSL_use_RSAPrivateKey (ssl=0x100bb468, rsa=0x100abc50
for personal or corporate use under the
following conditions:
oRSAREF, RSAREF applications, and services based on
RSAREF applications may not be sold.
oYou must give RSA the source code of any free RSAREF
application you plan
Basically, RSA has discontinued all support for their rsaref stuff, and
they wish it would just go away. At least, this is how they are making it
appear to the outside world.
To really use RSA encryption in the US, you have to go with a third party
solution, such as Red Hat Secure Web Server
RSA implimentation
running, and we have a single RSA license. That way, RSA has their licensing
fees.
Logically, that make sense to me, but US law only makes sense on rare
occasions.
dsp
On Friday, November 20, 1998 1:16 AM, Preston Brown [SMTP:[EMAIL PROTECTED]]
wrote:
Basically, RSA has
I am doing exactly this. I contacted RSA to buy a license
to use RSA for my ssl webserver. They told me that I needed
to buy a commercial server as their pricing is not setup for
small guys like me. I then asked them if I could use the
"Advanced Crypto License" that came with Red
In article you wrote:
I am doing exactly this. I contacted RSA to buy a license to use RSA for my
ssl webserver. They told me that I needed to buy a commercial server as
their pricing is not setup for small guys like me. I then asked them if I
could use the "Advanced Crypto Li
), and given the fact that I'm not a lawyer, what if we (US developers)
were to purchase a commercial solution, shelve it, then use that license in our
own (individual) mod_ssl package? We still have only one RSA implimentation
running, and we have a single RSA license. That way, RSA has their licensing
) mod_ssl package? We
still have only one RSA implimentation running, and we have a single
RSA license. That way, RSA has their licensing fees.
Probably easier to wait until the patent runs out. It isn't too far off.
---
Preston Brown
Red Hat Software, Inc.
[EMAIL PROTECTED
it,
then use that license in our own (individual) mod_ssl package? We
still have only one RSA implimentation running, and we have a single
RSA license. That way, RSA has their licensing fees.
Probably easier to wait until the patent runs out. It isn't too far off.
RSA's patent expires
I have just emailed RSA asking them to "put it in writing."
Whatever I get back will go directly to Ralf.
Dan Roscigno InterSoft Solutions, Inc.
[EMAIL PROTECTED] http://issbase.com
On Fri, 20 Nov 1998, Dave Paris wrote:
The big question in my mind:
Do you have
that the BSAFE development libs
for Linux would be $295 (v3.0, that is--v4.0 wasn't available, and
probably won't be until someone with lots of $$$ convinces RSA to do
the work) and that there were a number of licensing options: an annual
royalty or a flat per-user buyout. Not a big fan of recurring
On Fri, Nov 20, 1998, Dan Roscigno wrote:
I have just emailed RSA asking them to "put it in writing."
Whatever I get back will go directly to Ralf.
[...]
And I've sent a mail from me to them, too. In this I gave them a little bit
more information about mod_ssl and me and describe
Hopefully Dan Roscigno's account is correct, and RSA will be satisfied as
long as one has a license for a commercial product such as Red Hat's
(which comes with that $25 Thwate discount too - so the price is quite
reasonable).
Meanwhile, folks may wish to note the Apache "ServerT
1 - 100 of 104 matches
Mail list logo
