Mod_ssl Init Pass Phrase Incorrect Openssl Library Error Follows
Contents |
Hardware and Tech Technical Support Apache mod-SSL certificate passphrase error + Reply to Thread Results 1 to 1 of 1 Thread:
Apache 2.4 Failed To Configure Ca Certificate Chain!
Apache mod-SSL certificate passphrase error Thread Tools Show Printable Version Subscribe ah01903: failed to configure ca certificate chain! to this Thread… January 7th, 2003,08:38 PM #1 LittleKing View Profile View Forum Posts View Blog Entries Senior Member Join Date Oct 2001 Location Chattanooga, TN Posts 661 Apache mod-SSL certificate passphrase error I recently had to create a new .key & .csr file for my apache mod-ssl server. However, now when I restart the server logs the following error. I know the passphase was changed, but how do I get the server to reconize the new passphrase? ############ERROR################ [error] mod_ssl: Init: Pass phrase incorrect (OpenSSL library error follows) [error] OpenSSL: error:0D084069:asn1 encoding routines:d2i_ASN1_SET:bad tag [error] OpenSSL: error:0D09D082:asn1 encoding routines:d2i_RSAPrivateKey:parsing [error] OpenSSL: error:0D09B00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib ################################ Thanks, LK ============UPDATE================= I don't know if this has anything to do with it, but I found a file called "pp.sh" in the apache directory, with the following. #!/bin/sh echo "REMOVED FOR SECURITY" When I opened it, it had what looked like an old passphrase (note that I don't know what the old phrase was, that is why I said looked like.) I changed it to the following. #!/bin/sh #echo "OLD PHRASE" echo "NEW PHRASE" NOTE: removed echo statements for security Does this have anything to do with it? Last edited by LittleKing; January 7th, 2003 at 08:46 PM. Reply Reply With Quote + Reply to Thread Quick Navigation Technical Support Top Site Areas Settings Private Messages Subscriptions Who's Online Search Forums Forums Home Forums TechIMO Community IMO Community DebateIMO: Politics, Religion, Controversy Distributed Computing Suggestion Box PC Hardware and Tech Technical Support General Tech Discussion PC Hardware Applications and Operating Systems Networking and Internet Web Design, Development, Graphics, Photography Security and Privacy Issues Certification and Education Single
your account only takes a few minutes. Join Now Good morning, all. I have an odd issue with one of my web servers and SSL services it provides. This is a VM running Ubuntu Server 14.04.02 and Apache 4.0.2. I will say with no shame that I am not an web guy at all, so this is uncharted territory for me. I recently updated the SSL certificate and have had problems ever since. After http://www.techimo.com/forum/technical-support/47500-apache-mod-ssl-certificate-passphrase-error.html adding the new certificate, one of the websites that relies on it stops accepting connections around 6:30-7:00 AM every morning. They just timeout. Since I haven't had the option of a true maintenance window yet, I've been rolling back to a working snapshot, which includes the new SSL certificate changes I made. I guess my question is: Why does https://community.spiceworks.com/topic/1602211-after-adding-new-ssl-cert-web-services-cease-to-work-early-morning-every-day the website work normally from the point of me applying the new snapshot until an undefined time in the morning; 6:30-7:00 AM? After which point it denies any connections until I re-apply the working snapshot. I do see an Apache cron job that runs htcacheclean once /var/cache/apache2/mod_cache_disk reaches 300MB. Could that be it? I'll drop in some of the syslog, apache2 and SSL log entries I've been seeing in a follow-up reply. Side note: The SSL certificate that I generated has a passphrase, so any time Apache restarts, I have to manually enter the passphrase each time for Apache to start. Any thoughts or suggestions are much appreciated. Thanks all! Edited May 9, 2016 at 2:38 UTC Reply Subscribe View Best Answer RELATED TOPICS: Configure SSL Cert .local SSL cert issue. SSL Cert question   4 Replies Serrano OP Josh Dunbar May 9, 2016 at 2:23 UTC Here's /var/log/apache2/error.log. Notice the Apr 25 timestamp. That's when I installed the new SSL certificateWed Mar 16 06:57:59.853007 2016] [ssl:warn] [pid 2492] AH01909: RSA certificate
and earlier Please enter a title. You can not post a blank message. Please type your message and try again. This discussion is locked Vijay-Kumar Level 1 (75 https://discussions.apple.com/thread/513402?start=0&tstart=0 points) Q: Certificate not Working - crashing server Hi All,Thought I would https://www.afp548.com/forums/topic/os-x-server-apache-problem-using-certificates-with-a-passphrase/ start a seperate thread on this:Just upgraded from panther Server to Tiger Server and one site that uses a web Certificate we got from Thawte does not work.I made sure that the site setting from Server Admin were the same as before for the certificate - specifically the failed to following:
OS X Server Apache - Problem using certificates with a passphrase This topic contains 2 replies, has 3 voices, and was last updated by [emailprotected] 8 years, 11 months ago. Viewing 3 posts - 1 through 3 (of 3 total) Author Posts June 2, 2007 at 5:46 am #369212 [emailprotected]Participant OS X SERVER : [BUG] SSLPassPhraseDialog exec:/etc/httpd/getsslpassphrase I have spent untold hours, over the period of several days, tracking down this problem… There is a problem using commercial, or self signed SSL certificates that contain a key passphrase. OS X Server Web GUI inserts in the httpd.conf code the following line : SSLPassPhraseDialog exec:/etc/httpd/getsslpassphrase The apache httpd.conf stuff below is generated by OS X Server GUI SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown SSLPassPhraseDialog exec:/etc/httpd/getsslpassphrase SSLSessionCache dbm:/var/log/httpd/ssl_scache SSLSessionCacheTimeout 300 SSLMutex file:/var/log/httpd/ssl_mutex SSLRandomSeed startup builtin SSLRandomSeed connect builtin SSLLogLevel info AddType application/x-x509-ca-cert crt AddType application/x-pkcs7-crl crl ## Default Virtual Host Configuration ServerName http://www.boats.com_ssl ServerAdmin [emailprotected] DocumentRoot "/usr/local/httpd/htdocs/boats.com/www" DirectoryIndex "index.php" "index.html" CustomLog ‘|/usr/sbin/rotatelogs "/var/log/httpd/access_log" 2592000' "%h %l %u %t \"%r\" %>s %b" ErrorLog ‘|/usr/sbin/rotatelogs "/var/log/httpd/error_log" 2592000' ErrorDocument 404 error.html SSLEngine On SSLLog "/var/log/httpd/ssl_engine_log" # THESE SELF SIGNED certs WORK FINE # SSLCertificateFile "/etc/certs/Default.crt" # SSLCertificateKeyFile "/etc/certs/Default.key"
# THESE [ from RapidSSL ] DO NOT WORK CORRECTLY # SSLCertificateFile "/etc/certs/RapidSSL/boats.com.crt" # SSLCertificateKeyFile "/etc/certs/RapidSSL/boats.com.key" # SSLCACertificateFile "/etc/certs/RapidSSL/rapidssl_01.crt" # THESE [ from Thawte ] DO NOT WORK CORRECTLY SSLCertificateFile "/etc/certs/Thawte/boats.com.crt" SSLCertificateKeyFile "/etc/certs/Thawte/boats.com.key" # THESE DO NOT WORK CORRECTLY # SSLCertificateFile "/usr/local/httpd/ssl.crt/boats.com.crt" # SSLCertificateKeyFile "/usr/local/httpd/ssl.key/boats.com.key" SSLCipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:+eNULL" DAVLockDB "/var/run/davlocks/.davlockany_80_default" DAVMinTimeout 600 Options All -Indexes -ExecCGI -Includes +MultiViews DAV Off AllowOverride None RewriteEngine On