Date: Fri, 10 Nov 2000 07:21:54 +1300 From: "Dan Langille" <dan@langille.org> To: freebsd-questions@freebsd.org Subject: certficiate problems with OpenSSL Message-ID: <200011091822.HAA64242@ducky.nz.freebsd.org>
next in thread | raw e-mail | index | archive | help
Under FreeBSD 4.1-stable, I just installed apache+mod_ssl-1.3.14+2.7.1 When I try to browse to this server, I get the following message from Netscape: "SSL has recieved an error from the server indicating an incorrect Message Authentication Code. This could indicate a network error, a bad server implementation, or a security violation." Associated with the above message are the following lines from /var/log/apache_error_log: [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 192.168.0.99) (OpenSSL library error follows) [error] OpenSSL: error:0407106B::lib(4) :func(113) :reason(107) [error] OpenSSL: error:04065072::lib(4) :func(101) :reason(114) [error] OpenSSL: error:1408F071::lib(20) :SSL3_GET_RECORD:bad mac decode [Hint: Browser still remembered details of a re-created server certificate?] And following the instructions for creating a real SSL server Certificate as found in the mod_ssl manual, I issued the following command, which failed. Any clues? # openssl genrsa -des3 -out server.key 1024 1120 semi-random bytes loaded Generating RSA private key, 1024 bit long modulus .....+++++ ....x...........+++++ e is 65537 (0x10001) Enter PEM pass phrase: Verifying password - Enter PEM pass phrase: Verify failure 64231:error:0906406D:PEM routines:DEF_CALLBACK:problems getting password:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/pem/ pem_lib.c:99: 64231:error:0906906F:PEM routines:PEM_ASN1_write_bio:read key:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/pem/pem_li b.c:315: -- Dan Langille The FreeBSD Diary - http://www.freebsddiary.org/ FreshPorts - http://freshports.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200011091822.HAA64242>