Hi Joel,
After generating the test certificate, I get the following error when httpsd
was started...:
[Mon Dec 6 05:04:47 1999] [error] mod_ssl: Init: Unable to read server
certificate from file /etc/httpd/conf/ssl.crt/server.crt (Op
enSSL library error follows)
[Mon Dec 6 05:04:47 1999] [error] OpenSSL: error:0D09F007:asn1 encoding
routines:d2i_X509:expecting an asn1 sequence
Any clue why?
Thanks
----- Original Message -----
From: Morris, Joel <jmorri15@sprintspectrum.com>
To: <redhat-secure-server@redhat.com>
Sent: Tuesday, November 30, 1999 8:33 AM
Subject: RE: make testcert
> I forgot to mention that you need to be in the /etc/httpd/conf directory
> when you run that and you need to perform all the other steps upto the
point> they tell you to run ''make testcert''. Then it worked
fine for me.
>
> Joel
>
> -----Original Message-----
> From: Jeremy Hogan [mailto:jeremy_hogan@suth.com]
> Sent: Tuesday, November 30, 1999 10:22 AM
> To: redhat-secure-server@redhat.com
> Subject: Re: make testcert
>
>
> "Morris, Joel" wrote:
>
> > Here is the command to make a test cert.
> >
> > /usr/sbin/openssl req -new -key ssl.key/server.key -out
ssl.crt/server.crt> >
> > I don''t know why the RedHat guys couldn''t give you
that. Going out to
> > someones sight to get a test cert is a pain.
> >
> > Joel Morris
> > (913)307-7346
> > IT Enterprise Application Integration Team
> > Sprint PCS
> >
> > -----Original Message-----
> > From: pbrown@redhat.com [mailto:pbrown@redhat.com]
> > Sent: Tuesday, November 30, 1999 9:04 AM
> > To: redhat-secure-server@redhat.com
> > Subject: Re: make testcert
> >
> > On Wed, 24 Nov 1999, Bernie Reger wrote:
> >
> > > So I installed the Secure Server that is packaged with RedHat 6.1
> > > Professional. I follow the directions to make my own test
certificate.> I
> >
> > > try to ''make testcert'' and it tells me that
there is no rule to make
> > > testcert. In fact the Makefile has no mention of testcert. Is
there
a> > > Makefile somewhere else do does this?
> >
> > the "make testcert" target was inadvertently removed, but
will be
> > replaced in a small upcoming errata release for Red Hat Linux
> > Professional 6.2
> >
> > However, it is probably even easier to visit one of the CAs like
Thawte
or> > VeriSign and get one of their test certificates (free).
> >
> > ---
> > Preston Brown Systems Engineer
> > pbrown@redhat.com Red Hat, Inc.
> >
> > --
> > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST
ARCHIVES!> > http://www.redhat.com http://archive.redhat.com
> > To unsubscribe: mail redhat-secure-server-request@redhat.com
with> > "unsubscribe" as the Subject.
> >
> > --
> > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST
ARCHIVES!> > http://www.redhat.com http://archive.redhat.com
> > To unsubscribe: mail redhat-secure-server-request@redhat.com
with> > "unsubscribe" as the Subject.
>
> I''ve tried that and it didn''t work, did you get this
method to work?
>
> Jeremy
>
>
> --
> PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> http://www.redhat.com http://archive.redhat.com
> To unsubscribe: mail redhat-secure-server-request@redhat.com with
> "unsubscribe" as the Subject.
>
>
> --
> PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> http://www.redhat.com http://archive.redhat.com
> To unsubscribe: mail redhat-secure-server-request@redhat.com with
> "unsubscribe" as the Subject.
From mail@mail.redhat.com Mon Dec 6 12:36:58 1999
Received: (qmail 21190 invoked from network); 6 Dec 1999 17:36:59 -0000
Received: from mail.redhat.com (199.183.24.239)
by lists.redhat.com with SMTP; 6 Dec 1999 17:36:59 -0000
Received: from smtpgw2.sprintspectrum.com (smtpgw2.sprintspectrum.com
[208.18.119.43])
by mail.redhat.com (8.8.7/8.8.7) with ESMTP id MAA20903
for <redhat-secure-server@redhat.com>; Mon, 6 Dec 1999 12:36:58 -0500
Received: from uskmessoa034.sprintspectrum.com (uskmessoa034 [208.10.75.44])
by smtpgw2.sprintspectrum.com (8.9.3/8.9.3) with ESMTP id LAA09897;
Mon, 6 Dec 1999 11:34:51 -0600 (CST)
Received: by uskmessoa034.sprintspectrum.com with Internet Mail Service
(5.5.2650.21)
id <YD8FNT01>; Mon, 6 Dec 1999 11:34:50 -0600
Message-ID:
<9B6241AA098AD211B46D00A024E023AE01740721@uskmessoa018.sprintspectrum.com>
From: "Morris, Joel" <jmorri15@sprintspectrum.com>
To: "''Timothy Ayodele''" <toa@ttns.net>,
redhat-secure-server@redhat.com
Cc: "Morris, Joel" <jmorri15@sprintspectrum.com>
Subject: RE: make testcert
Date: Mon, 6 Dec 1999 11:34:49 -0600
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
Content-Type: text/plain;
charset="iso-8859-1"
Sorry,
I missed a flag.
It should be
/usr/sbin/openssl req -new -x509 -key ssl.key/server.key -out
ssl.crt/server.crt
Instead of
/usr/sbin/openssl req -new -key ssl.key/server.key -out ssl.crt/server.crt
Hope this works,
Joel
-----Original Message-----
From: Timothy Ayodele [mailto:toa@ttns.net]
Sent: Monday, December 06, 1999 7:10 AM
To: redhat-secure-server@redhat.com
Cc: jmorri15@sprintspectrum.com
Subject: Re: make testcert
Hi Joel,
After generating the test certificate, I get the following error when httpsd
was started...:
[Mon Dec 6 05:04:47 1999] [error] mod_ssl: Init: Unable to read server
certificate from file /etc/httpd/conf/ssl.crt/server.crt (Op
enSSL library error follows)
[Mon Dec 6 05:04:47 1999] [error] OpenSSL: error:0D09F007:asn1 encoding
routines:d2i_X509:expecting an asn1 sequence
Any clue why?
Thanks
----- Original Message -----
From: Morris, Joel <jmorri15@sprintspectrum.com>
To: <redhat-secure-server@redhat.com>
Sent: Tuesday, November 30, 1999 8:33 AM
Subject: RE: make testcert
> I forgot to mention that you need to be in the /etc/httpd/conf directory
> when you run that and you need to perform all the other steps upto the
point> they tell you to run ''make testcert''. Then it worked
fine for me.
>
> Joel
>
> -----Original Message-----
> From: Jeremy Hogan [mailto:jeremy_hogan@suth.com]
> Sent: Tuesday, November 30, 1999 10:22 AM
> To: redhat-secure-server@redhat.com
> Subject: Re: make testcert
>
>
> "Morris, Joel" wrote:
>
> > Here is the command to make a test cert.
> >
> > /usr/sbin/openssl req -new -key ssl.key/server.key -out
ssl.crt/server.crt> >
> > I don''t know why the RedHat guys couldn''t give you
that. Going out to
> > someones sight to get a test cert is a pain.
> >
> > Joel Morris
> > (913)307-7346
> > IT Enterprise Application Integration Team
> > Sprint PCS
> >
> > -----Original Message-----
> > From: pbrown@redhat.com [mailto:pbrown@redhat.com]
> > Sent: Tuesday, November 30, 1999 9:04 AM
> > To: redhat-secure-server@redhat.com
> > Subject: Re: make testcert
> >
> > On Wed, 24 Nov 1999, Bernie Reger wrote:
> >
> > > So I installed the Secure Server that is packaged with RedHat 6.1
> > > Professional. I follow the directions to make my own test
certificate.> I
> >
> > > try to ''make testcert'' and it tells me that
there is no rule to make
> > > testcert. In fact the Makefile has no mention of testcert. Is
there
a> > > Makefile somewhere else do does this?
> >
> > the "make testcert" target was inadvertently removed, but
will be
> > replaced in a small upcoming errata release for Red Hat Linux
> > Professional 6.2
> >
> > However, it is probably even easier to visit one of the CAs like
Thawte
or> > VeriSign and get one of their test certificates (free).
> >
> > ---
> > Preston Brown Systems Engineer
> > pbrown@redhat.com Red Hat, Inc.
> >
> > --
> > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST
ARCHIVES!> > http://www.redhat.com http://archive.redhat.com
> > To unsubscribe: mail redhat-secure-server-request@redhat.com
with> > "unsubscribe" as the Subject.
> >
> > --
> > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST
ARCHIVES!> > http://www.redhat.com http://archive.redhat.com
> > To unsubscribe: mail redhat-secure-server-request@redhat.com
with> > "unsubscribe" as the Subject.
>
> I''ve tried that and it didn''t work, did you get this
method to work?
>
> Jeremy
>
>
> --
> PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> http://www.redhat.com http://archive.redhat.com
> To unsubscribe: mail redhat-secure-server-request@redhat.com with
> "unsubscribe" as the Subject.
>
>
> --
> PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> http://www.redhat.com http://archive.redhat.com
> To unsubscribe: mail redhat-secure-server-request@redhat.com with
> "unsubscribe" as the Subject.