From owner-freebsd-isp Fri Jul 17 16:24:51 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA14008 for freebsd-isp-outgoing; Fri, 17 Jul 1998 16:24:51 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from mail.triax.com (mail.triax.com [206.58.96.4]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA14003 for ; Fri, 17 Jul 1998 16:24:47 -0700 (PDT) (envelope-from joer@triax.com) Received: from joe.triax.com ([206.58.97.69]) by mail.triax.com (Post.Office MTA v3.1.2 release (PO203-101c) ID# 0-41958U5000L500S0) with SMTP id AAA28997 for ; Fri, 17 Jul 1998 16:19:04 -0700 X-Sender: joework@mail.triax.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0 Date: Fri, 17 Jul 1998 16:24:45 -0700 To: isp@FreeBSD.ORG From: Joe Read Subject: Apache 1.3 + SSLEay Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Message-ID: <19980717231904.AAA28997@joe.triax.com> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Help!! (yeah, I hate messages that start like that too)... Just renewed our verisign certificate, sent them a new CSR as per the instructions I cc'ed to the list last week. The CSR was based on a private key I made earlier, and of course the final certificate was based on the CSR. I now have a file, private_key.pem, which has just the private key in it, (but I've tried it also with the certificate in the same file), and below is the error I'm getting. I did read somewhere that if the private key was encrypted, you'd have to type in a password each time you hup'ed apache, and I've got this line at the top of my key: -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,D097E1AEFFA23EAC ..... -----END RSA PRIVATE KEY----- Here's what shows up in my error_log whenever I hup apache: Error reading private key file /usr/local/apache-ssl/etc/ssl/private_key.pem:3745:error:0906406D:PEM routines:DEF_CALLBACK:problems getting password:pem_lib.c: 110:3745:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:387: Please help, our older certificate's now expired leaving us without SSL capabilites until I figure this out. Thanks Joe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message