Re: httpd ssl failures

To: current-users%netbsd.org@localhost, Geoff Wing <gcw%pobox.com@localhost>
Subject: Re: httpd ssl failures
From: Edgar Pettijohn <edgar%pettijohn-web.com@localhost>
Date: Tue, 17 Dec 2019 09:14:10 -0600

On Dec 16, 2019 10:22 PM, Geoff Wing <gcw%pobox.com@localhost> wrote:
>
> On Monday 2019-12-16 19:56 -0600, edgar%pettijohn-web.com@localhost output:
> :> > Certificate/key created like so:
> :> > openssl req -x509 -nodes -days 365 -sha256 -newkey rsa:2048 -keyout
> :> > mycert.pem -out mycert.pem
> [...]
> :> > Is this a problem with my setup?
> :> Think it may be an httpd issue. Used the cert/key with postfix and tested
> :> with openssl s_client and didn't see any issues.
> :Just tried my letsencrypt cert and key with the same results.
>
> Hi,
> I tried this on amd64 -current yesterday with a letsencrypt cert/key and
> also with a self-signed cert/key using, e.g.
>
> /usr/libexec/httpd -df -Z  /tmp/test.pem /tmp/testkey.pem /www
>
> and had no problems.  Maybe there was a miscompile or other issue with your
> httpd binary (or libs).
>
> Do you have  mozilla-rootcerts  installed to test the letsencrypt cert?
>
> Regards,
> Geoff

I wonder if using the ASLR kernel has anything to do with it. Not likely though since it works with postfix. I was trying to rebuild current yesterday but it kept erroring out. Might need to just clear out the src directory and start fresh.

Edgar

Prev by Date: Re: amd64 -current build failure
Next by Date: daily CVS update output
Previous by Thread: Re: httpd ssl failures
Next by Thread: NetBSD 9.0 RC1 compile error
Indexes:

Home | Main Index | Thread Index | Old Index