Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: httpd ssl failures



On Dec 16, 2019 10:22 PM, Geoff Wing <gcw%pobox.com@localhost> wrote:
>
> On Monday 2019-12-16 19:56 -0600, edgar%pettijohn-web.com@localhost output:
> :> > Certificate/key created like so:
> :> > openssl req -x509 -nodes -days 365 -sha256 -newkey rsa:2048 -keyout
> :> > mycert.pem -out mycert.pem
> [...]
> :> > Is this a problem with my setup?
> :> Think it may be an httpd issue. Used the cert/key with postfix and tested
> :> with openssl s_client and didn't see any issues.
> :Just tried my letsencrypt cert and key with the same results.
>
> Hi,
> I tried this on amd64 -current yesterday with a letsencrypt cert/key and
> also with a self-signed cert/key using, e.g.
>
> /usr/libexec/httpd -df -Z  /tmp/test.pem /tmp/testkey.pem /www
>
> and had no problems.  Maybe there was a miscompile or other issue with your
> httpd binary (or libs).
>
> Do you have  mozilla-rootcerts  installed to test the letsencrypt cert?
>
> Regards,
> Geoff

I wonder if using the ASLR kernel has anything to do with it. Not likely though since it works with postfix. I was trying to rebuild current yesterday but it kept erroring out. Might need to just clear out the src directory and start fresh.

Edgar


Home | Main Index | Thread Index | Old Index