Date: Thu, 16 Mar 2000 17:28:00 +0200 (SAST) From: Khetan Gajjar <khetan@uunet.co.za> To: ports@freebsd.org Cc: dirk@freebsd.org Subject: Problems with apache+php+mod_ssl-1.3.12+3.0.15+2.6.2 Message-ID: <Pine.BSF.4.21.0003161721060.546-100000@bofh.ops.uunet.co.za>
next in thread | raw e-mail | index | archive | help
Hi. Just a quick query; has anyone built apache+php+mod_ssl-1.3.12+3.0.15+2.6.2 on 5-current and managed to get the SSL support to work ? I upgraded both my version of mod_ssl and my system from a month-old 4-CURRENT to yesterday's 5-CURRENT, and found that I get errors when connecting to it. This is after hacking work/apache_1.3.12/src/helpers/GuessOS to recognise FreeBSD 5-CURRENT (an "unsupported platform", as opposed to 4-CURRENT which is a supported platform). The errors from openssl (when I try and use s_client to connect manually) are CONNECTED(00000003) depth=0 /C=ZA/ST=Cape Province/L=Cape Town/O=OS Users Group/OU=System Administration/CN=xxx.xxx.xxx.xxx/Email=khetan@freebsd.os.org.za verify error:num=18:self signed certificate verify return:1 depth=0 /C=ZA/ST=Cape Province/L=Cape Town/O=OS Users Group/OU=System Administration/CN=xxx.xxx.xxx.xxx/Email=khetan@freebsd.os.org.za verify return:1 67740:error:1407D071:SSL routines:SSL2_READ:bad mac decode:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s2_pkt.c:217: and the matching error in ssl_engine (from Apache) is [16/Mar/2000 17:20:33 67735] [info] Connection to child 4 established (server b ofh.ops.uunet.co.za:443, client 196.7.0.164) [16/Mar/2000 17:20:33 67735] [info] Seeding PRNG with 1160 bytes of entropy [16/Mar/2000 17:20:33 67735] [error] SSL handshake failed (server xxx.xxx.xxx .xxx:443, client 196.7.0.164) (OpenSSL library error follows) [16/Mar/2000 17:20:33 67735] [error] OpenSSL: error:140BB004:SSL routines:SSL_RS A_PRIVATE_DECRYPT:nested asn1 error I know I'm an idiot for upgrading the box and apache at the same time, but this is not a production box so I'm not too concerned. It just would be nice to be able to view my PHP3-based mail systems through an SSL web interface. Khetan Gajjar. --- khetan@uunet.co.za * khetan@os.org.za * PGP Key, contact UUNET South Africa * FreeBSD enthusiast * details and other http://www.uunet.co.za * http://www.freebsd.org * information at System Administration * http://office.os.org.za * kg+details@uunet.co.za To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0003161721060.546-100000>