From owner-freebsd-ports Thu Mar 16 7:28:17 2000 Delivered-To: freebsd-ports@freebsd.org Received: from kg.ops.uunet.co.za (kg.ops.uunet.co.za [196.31.1.31]) by hub.freebsd.org (Postfix) with ESMTP id D2BAA37B959; Thu, 16 Mar 2000 07:28:13 -0800 (PST) (envelope-from khetan@uunet.co.za) Received: from bofh.ops.uunet.co.za (bofh.ops.uunet.co.za [196.31.1.35]) by kg.ops.uunet.co.za (Postfix) with ESMTP id 6903E16E6F; Thu, 16 Mar 2000 17:28:02 +0200 (SAST) Received: by bofh.ops.uunet.co.za (Postfix, from userid 1000) id C2B6C5BD4; Thu, 16 Mar 2000 17:28:00 +0200 (SAST) Received: from localhost (localhost [127.0.0.1]) by bofh.ops.uunet.co.za (Postfix) with ESMTP id 8D0D51ED9; Thu, 16 Mar 2000 17:28:00 +0200 (SAST) Date: Thu, 16 Mar 2000 17:28:00 +0200 (SAST) From: Khetan Gajjar X-Sender: khetan@bofh.ops.uunet.co.za To: ports@freebsd.org Cc: dirk@freebsd.org Subject: Problems with apache+php+mod_ssl-1.3.12+3.0.15+2.6.2 Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi. Just a quick query; has anyone built apache+php+mod_ssl-1.3.12+3.0.15+2.6.2 on 5-current and managed to get the SSL support to work ? I upgraded both my version of mod_ssl and my system from a month-old 4-CURRENT to yesterday's 5-CURRENT, and found that I get errors when connecting to it. This is after hacking work/apache_1.3.12/src/helpers/GuessOS to recognise FreeBSD 5-CURRENT (an "unsupported platform", as opposed to 4-CURRENT which is a supported platform). The errors from openssl (when I try and use s_client to connect manually) are CONNECTED(00000003) depth=0 /C=ZA/ST=Cape Province/L=Cape Town/O=OS Users Group/OU=System Administration/CN=xxx.xxx.xxx.xxx/Email=khetan@freebsd.os.org.za verify error:num=18:self signed certificate verify return:1 depth=0 /C=ZA/ST=Cape Province/L=Cape Town/O=OS Users Group/OU=System Administration/CN=xxx.xxx.xxx.xxx/Email=khetan@freebsd.os.org.za verify return:1 67740:error:1407D071:SSL routines:SSL2_READ:bad mac decode:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s2_pkt.c:217: and the matching error in ssl_engine (from Apache) is [16/Mar/2000 17:20:33 67735] [info] Connection to child 4 established (server b ofh.ops.uunet.co.za:443, client 196.7.0.164) [16/Mar/2000 17:20:33 67735] [info] Seeding PRNG with 1160 bytes of entropy [16/Mar/2000 17:20:33 67735] [error] SSL handshake failed (server xxx.xxx.xxx .xxx:443, client 196.7.0.164) (OpenSSL library error follows) [16/Mar/2000 17:20:33 67735] [error] OpenSSL: error:140BB004:SSL routines:SSL_RS A_PRIVATE_DECRYPT:nested asn1 error I know I'm an idiot for upgrading the box and apache at the same time, but this is not a production box so I'm not too concerned. It just would be nice to be able to view my PHP3-based mail systems through an SSL web interface. Khetan Gajjar. --- khetan@uunet.co.za * khetan@os.org.za * PGP Key, contact UUNET South Africa * FreeBSD enthusiast * details and other http://www.uunet.co.za * http://www.freebsd.org * information at System Administration * http://office.os.org.za * kg+details@uunet.co.za To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message