From owner-freebsd-isp  Fri Jul 17 16:24:51 1998
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id QAA14008
          for freebsd-isp-outgoing; Fri, 17 Jul 1998 16:24:51 -0700 (PDT)
          (envelope-from owner-freebsd-isp@FreeBSD.ORG)
Received: from mail.triax.com (mail.triax.com [206.58.96.4])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA14003
          for <isp@freebsd.org>; Fri, 17 Jul 1998 16:24:47 -0700 (PDT)
          (envelope-from joer@triax.com)
Received: from joe.triax.com ([206.58.97.69]) by mail.triax.com
          (Post.Office MTA v3.1.2 release (PO203-101c)
          ID# 0-41958U5000L500S0) with SMTP id AAA28997
          for <isp@freebsd.org>; Fri, 17 Jul 1998 16:19:04 -0700
X-Sender: joework@mail.triax.com
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0
Date: Fri, 17 Jul 1998 16:24:45 -0700
To: isp@FreeBSD.ORG
From: Joe Read <joer@triax.com>
Subject: Apache 1.3 + SSLEay
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-ID: <19980717231904.AAA28997@joe.triax.com>
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Help!!
(yeah, I hate messages that start like that too)...


Just renewed our verisign certificate, sent them a new CSR as per
the instructions I cc'ed to the list last week.  The CSR was based
on a private key I made earlier, and of course the final certificate
was based on the CSR.  I now have a file, private_key.pem, which 
has just the private key in it, (but I've tried it also with the
certificate in the same file), and below is the error I'm getting.
I did read somewhere that if the private key was encrypted, you'd
have to type in a password each time you hup'ed apache, and I've got
this line at the top of my key:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,D097E1AEFFA23EAC

.....
-----END RSA PRIVATE KEY-----

Here's what shows up in my error_log whenever I hup apache:

Error reading private key file
/usr/local/apache-ssl/etc/ssl/private_key.pem:3745:error:0906406D:PEM
routines:DEF_CALLBACK:problems getting password:pem_lib.c:
110:3745:error:0906A068:PEM routines:PEM_do_header:bad password
read:pem_lib.c:387:

Please help, our older certificate's now expired leaving us
without SSL capabilites until I figure this out.

Thanks

Joe


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message