Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: httpd ssl failures

On 2019-12-15 20:09, Edgar Pettijohn wrote:

On 2019-12-15 18:18, Edgar Pettijohn wrote:
laptop$ uname -a
NetBSD 9.99.24 NetBSD 9.99.24 (GENERIC_KASLR) #0: Sat Dec 14 21:37:06 CST 2019 amd64

Testing ssl with httpd run from inetd I get the following in the xferlog:

laptop$ sudo tail -n 20 /var/log/xferlog
Dec 15 18:07:07 laptop httpd[2847]: accept: SSL_ERROR 1
Dec 15 18:07:07 laptop httpd[2847]: SSL Error: SSL routines:ssl3_read_bytes:sslv3 alert bad certificate

Certificate/key created like so:

openssl req -x509 -nodes -days 365 -sha256 -newkey rsa:2048 -keyout mycert.pem -out mycert.pem

I also tried the following with the same results:

openssl genrsa -out mycert.key 4096

openssl req -new -x509 -key mycert.key -out mycert.crt -days 365

The inetd.conf isn't anything special just added the following:

https stream tcp nowait:600 _httpd /usr/libexec/httpd httpd -Z /path/to/cert /path/to/key -X /var/www

When attempting to access the service with firefox it causes firefox to exit.

Is this a problem with my setup?



Think it may be an httpd issue. Used the cert/key with postfix and tested with openssl s_client and didn't see any issues.


Just tried my letsencrypt cert and key with the same results.


Home | Main Index | Thread Index | Old Index