From owner-freebsd-questions@freebsd.org Sun Apr 1 01:55:43 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0C2E5F718C6 for ; Sun, 1 Apr 2018 01:55:43 +0000 (UTC) (envelope-from gobble.wa@gmail.com) Received: from mail-vk0-x230.google.com (mail-vk0-x230.google.com [IPv6:2607:f8b0:400c:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A694882492 for ; Sun, 1 Apr 2018 01:55:42 +0000 (UTC) (envelope-from gobble.wa@gmail.com) Received: by mail-vk0-x230.google.com with SMTP id q198so6740316vke.3 for ; Sat, 31 Mar 2018 18:55:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=d1em/V/QXBLX3Si8ce+IYnZ+4SAkrWEz/bH7Od0ZZm0=; b=QoXc74JBXXc2ax1zwyLr3gxiwgVuv+CerKRl/2yfbM3hREXVJlM/g+roSQj0y+oGCG d3z91mN+wdStHWuYgavC8jWRhx/hbvIGAujYrw9ZX9nIWpYcmaSiigFdWriGV/dM5zaF l+TTFBMGRRCb94nQziFgPKVGEkjCdgknWN9dfdtUhxLWSZ4hkvrx2mcYRzAMR1r1OE/d +on23EgtIzGars6uIwmaLpfDJveDHUTYqXMOVdAI5Mktc+Whqa2XT1Zt9zDiDvxB6mbN Cz/9RPvnsuu2MABIQUKNDPC490j6yRYTnUtsUiRBxzjdNFi1RlCb93zGhPtY2Vdocqkm +8MQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=d1em/V/QXBLX3Si8ce+IYnZ+4SAkrWEz/bH7Od0ZZm0=; b=ifClvSVykCaSBgsOtqQnG21XRbi8b+FX+ZH8sOzTBiWh3oigcCEG8lys/lOFy6e28F ANki4Njb5H18lbhrocpdasGrC6Fgus+KTDSEHB2mSmpUO49ZBxRjARfUIk6CPJRW/gxf /YPfCnszwFY3HcqLzRMVq+PodkThqgOihFLl0R9xrTzbhdLVu8+PAoGcPFpFEv2njZR/ 05rCntLZAzjxd0XkuAHYZwBjUpWJJK5Z6e3QbDEh3xKb5RexHf2sJT4WWIFc+lQkQTqb JBN1ikW3mhn7frrcqhvtABZRy/SNYyyxAUriXLESugb77RqyQd+NarKSVIaj39q09yU1 AdUQ== X-Gm-Message-State: ALQs6tCnZkPbSf8y7PSyhqL2N1+ykMoNoerh2SiUQ03QS046NsHBhMhV ScLXMoeGefOO5AR32unzHOX1TGP6xpAAHJChlcI= X-Google-Smtp-Source: AIpwx49muv4Gmsn0hIR/ccW7PkKiKSIwZR6uTedjXCO5XZOvSNMQD4ijb3IraTzhHwNL9KXn4FpWqOtIfYr7pWPo/sg= X-Received: by 10.31.219.2 with SMTP id s2mr2416272vkg.87.1522547741795; Sat, 31 Mar 2018 18:55:41 -0700 (PDT) MIME-Version: 1.0 From: Waitman Gobble Date: Sun, 01 Apr 2018 01:55:30 +0000 Message-ID: Subject: FreeBSD src broken? To: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2018 01:55:43 -0000 Updating src following handbook. svn update updating src fails with checksum mismatch on llvm-objdump/COFFdump.cpp I found some suggestions about deleting the directory and trying update again. Stops on same file. is this a problem with the source repository? From owner-freebsd-questions@freebsd.org Sun Apr 1 02:24:44 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 511FAF737C3 for ; Sun, 1 Apr 2018 02:24:44 +0000 (UTC) (envelope-from gobble.wa@gmail.com) Received: from mail-vk0-x22c.google.com (mail-vk0-x22c.google.com [IPv6:2607:f8b0:400c:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C60A3836A3 for ; Sun, 1 Apr 2018 02:24:43 +0000 (UTC) (envelope-from gobble.wa@gmail.com) Received: by mail-vk0-x22c.google.com with SMTP id d201so2374872vke.0 for ; Sat, 31 Mar 2018 19:24:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=OeinB/OGF2Sqg+TD+pJPAYXlrINBtNw3HgI7sjzIVBI=; b=foLTTCdOUk/z36Xdkm5TYQsfgbMDiqKk5lUStFFNFohKkiwCQ/WlmqxT5QDrsh2HWn zN3zSqGUtxksAQBCLV5sR3WuiY3fGPYOppd60nnhr+XI+oJ/cyb1OM/76uFm4XYuIbOr Z/lJ3HpounnpSVVkOQKo34NZR1gC43S/+yCjfgAf3jrS6F62uPahC+ujrVtDzBQ8V41A JkCeQ+HQI1ndBiM1P7b1S0f1AlyL86RhZSNyIURvMTi23v8RIWPADDfGQQlc0hYjX3TW 9kFw2oF1ATk5VDUvXvvIEjqFeP3/TP9IMBNbxbZchFHMY3iWy22kfF0IQ6MzKFsymUFH T2vQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=OeinB/OGF2Sqg+TD+pJPAYXlrINBtNw3HgI7sjzIVBI=; b=Sld3emi82lTGU/f9e80B5FaevUeg5pC/pejFUnPNTLFNCrEiNDENaGO4jICSJBDN3Y Wx4Yz2rrQoM2uzY0fHzdLRmals16e09Q10jmGC5/vi47UkfXURLRYqKvJGf+IWviVLKc D6MQ3JuJBWVYHSZ1eVIOeNaGCaasab7yLly5fAnRy7QWFx3Hgn5u/pTnK+mOrPNkt9dj TYUNDoArfsm88i50CJ6VfbyCD11oZTZxrJBKVMmFA7xK0XyagC3ntJyKbMDniCHB5R5v vJdcfMzLmCkzlmPomnGr0Hh5pEq/uUQ/z1GGJDVFM8CIUmVg/v1Ivti1SMIYA3Wxhd26 iqtQ== X-Gm-Message-State: ALQs6tBuxWTdBGK+J1xdNkEXcOh0mEnLpMN2y7Uh5er7OZ6gxm+uo53q A0l1lMR0Cpgn0PXuM+PoFmHCS0ssquQOvuorbRM= X-Google-Smtp-Source: AIpwx49txBLeSrIG1onpIwVj0J9IQo6A3o9LWofjJChZgEOsrsM6+vyER3M1/d8tmW5bcvaCBMQumsf+gImrUMF/Bn0= X-Received: by 10.31.114.201 with SMTP id n192mr2373710vkc.70.1522549482598; Sat, 31 Mar 2018 19:24:42 -0700 (PDT) MIME-Version: 1.0 Received: by 10.103.129.216 with HTTP; Sat, 31 Mar 2018 19:24:42 -0700 (PDT) In-Reply-To: References: From: Waitman Gobble Date: Sat, 31 Mar 2018 20:24:42 -0600 Message-ID: Subject: Re: FreeBSD src broken? To: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2018 02:24:44 -0000 On Sat, Mar 31, 2018 at 7:55 PM, Waitman Gobble wrote: > Updating src following handbook. > svn update > > updating src fails with checksum mismatch on llvm-objdump/COFFdump.cpp > > I found some suggestions about deleting the directory and trying update > again. Stops on same file. > > is this a problem with the source repository? > > I deleted /usr/src and re-fetched src, seems to be working. I guess svn update 'usually works'. but not always? -- Waitman Gobble Los Altos California USA 650-621-0423 From owner-freebsd-questions@freebsd.org Sun Apr 1 03:41:17 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BE105F78189 for ; Sun, 1 Apr 2018 03:41:17 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from nightmare.dreamchaser.org (ns.dreamchaser.org [66.109.141.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "nightmare.dreamchaser.org", Issuer "nightmare.dreamchaser.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 251D686CBD for ; Sun, 1 Apr 2018 03:41:16 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from breakaway.dreamchaser.org (breakaway [192.168.151.122]) by nightmare.dreamchaser.org (8.15.2/8.15.2) with ESMTP id w313f3mZ014944; Sat, 31 Mar 2018 21:41:04 -0600 (MDT) (envelope-from freebsd@dreamchaser.org) Subject: Re: apache24 ssl setup problems; "unknown protocol" To: Bruce Ferrell , freebsd-questions@freebsd.org References: <3ebae04a-4928-7979-9100-b0c3317a5284@dreamchaser.org> Reply-To: freebsd@dreamchaser.org From: Gary Aitken Message-ID: <210673da-f441-491f-7de4-f4bfbadbf5a5@dreamchaser.org> Date: Sat, 31 Mar 2018 21:40:22 -0600 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2018 03:41:18 -0000 On 03/31/18 17:30, Bruce Ferrell wrote: > > On 03/31/2018 04:06 PM, Gary Aitken wrote: >> On 03/31/18 16:36, Bruce Ferrell wrote: >>> That *looks* like you have no certs installed >> >> That's what I don't understand.  It says it found the cert fine >> and it matches the domain. >> From the error log: >> >> [Sat Mar 31 13:56:14.019094 2018] [ssl:info] [pid 13686] AH01887: Init: Initializing (virtual) servers for SSL >> [Sat Mar 31 13:56:14.019107 2018] [ssl:info] [pid 13686] AH01914: Configuring server www.dreamchaser.org:443 for SSL protocol >> [Sat Mar 31 13:56:14.019438 2018] [ssl:debug] [pid 13686] ssl_engine_init.c(412): AH01893: Configuring TLS extension handling >> [Sat Mar 31 13:56:14.019920 2018] [ssl:warn] [pid 13686] AH01906: www.dreamchaser.org:443:0 server certificate is a CA certificate ( >> BasicConstraints: CA == TRUE !?) >> [Sat Mar 31 13:56:14.020047 2018] [ssl:debug] [pid 13686] ssl_util_ssl.c(443): AH02412: ... Cert matches for name 'www.dreamchaser.org' ,,, >> [Sat Mar 31 13:56:14.020071 2018] [ssl:info] [pid 13686] AH02568: Certificate and private key www.dreamchaser.org:443:0 configured f >> rom /tmp/test.crt and /tmp/test.key >> [Sat Mar 31 13:56:14.020324 2018] [ssl:info] [pid 13686] AH01876: mod_ssl/2.4.25 compiled against Server: Apache/2.4.25, Library: Op >> enSSL/1.0.1s-freebsd >> [Sat Mar 31 13:56:14.031071 2018] [mpm_prefork:notice] [pid 13686] AH00163: Apache/2.4.25 (FreeBSD) OpenSSL/1.0.1s-freebsd configure >> d -- resuming normal operations >> [Sat Mar 31 13:56:14.031116 2018] [mpm_prefork:info] [pid 13686] AH00164: Server built: unknown >> [Sat Mar 31 13:56:14.031154 2018] [core:notice] [pid 13686] AH00094: Command line: '/usr/local/sbin/httpd -D NOHTTPACCEPT' >> [Sat Mar 31 13:56:14.031166 2018] [core:debug] [pid 13686] log.c(1543): AH02639: Using SO_REUSEPORT: no (1) >> [Sat Mar 31 13:56:14.031177 2018] [mpm_prefork:debug] [pid 13686] prefork.c(1027): AH00165: Accept mutex: flock (default: flock) >> >>> On 03/31/2018 03:20 PM, Gary Aitken wrote: >>>> Hi all, >>>> >>>> I'm trying to set up apache24 ssl for the first time; getting nowhere >>>> very slowly. >>>> >>>> Server starts up ok, serves port 80 normally as usual. >>>> sockstat shows it listening on 443 ok. >>>> >>>> When I attempt to connect I get this: >>>> >>>> $ openssl s_client -connect 192.168.151.101:443 >>>> CONNECTED(00000003) >>>> 34379279064:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:782: >>>> --- >>>> no peer certificate available >>>> --- >>>> No client certificate CA names sent >>>> --- >>>> SSL handshake has read 7 bytes and written 291 bytes >>>> --- >>>> New, (NONE), Cipher is (NONE) >>>> Secure Renegotiation IS NOT supported >>>> Compression: NONE >>>> Expansion: NONE >>>> SSL-Session: >>>>     Protocol  : TLSv1.2 >>>>     Cipher    : 0000 >>>>     Session-ID: >>>>     Session-ID-ctx: >>>>     Master-Key: >>>>     Key-Arg   : None >>>>     PSK identity: None >>>>     PSK identity hint: None >>>>     SRP username: None >>>>     Start Time: 1522531949 >>>>     Timeout   : 300 (sec) >>>>     Verify return code: 0 (ok) >>>> >>>> I assume the problem is the unknown protocol issue, but it's not clear >>>> to me what the unknown protocol it's looking for is. >>>> My extra/httpd-ssl.conf says: >>>>   SSLProtocol all -SSLv3 >>>> and my extra/httpd-vhosts.conf does not override it. >>>> The error log simply says: >>>>    [core:debug] [pid 13758] protocol.c(1272): ... : request failed: malformed request line >>>> >>>> Running apache24-2.4.25_1 on a 10.3 amd64 > > Try this on the certificate: > > |openssl x509 -text -in /path/to/cert > > Make sure it's the correct kind of certificate Thanks for the suggestions. It looks like I was overriding the cert in httpd-ssl.conf with one in httpd-vhosts.conf which was obsolete, but for some reason it wasn't even mentioned in the log, which is troubling. I've changed that but no difference -- restarted the server and I see the same behavior. It looks to me like the cert should be ok, generated today: $ openssl x509 -text -in test.crt Certificate: Data: Version: 3 (0x2) Serial Number: 11683896583821530168 (0xa2258a09ff151438) Signature Algorithm: sha256WithRSAEncryption Issuer: ... Validity Not Before: Mar 31 15:42:46 2018 GMT Not After : Mar 30 15:42:46 2023 GMT ... Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) ... X509v3 extensions: X509v3 Subject Key Identifier: ... X509v3 Authority Key Identifier: ... X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha256WithRSAEncryption ... I'm not sure what "correct kind" is in reference to? > |[ssl:warn] [pid 13686] AH01906: www.dreamchaser.org:443:0 server certificate is a CA certificate ( > BasicConstraints: CA == TRUE !?) > > That log line bothers me. I think you may have the worn cert installed The bad cert was expired, but I'm still seeing that message with the new certs afik. I don't see the expired certs mentioned in the log. Thanks for any further pointers, Gary From owner-freebsd-questions@freebsd.org Sun Apr 1 05:03:09 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CBFD6F8595C for ; Sun, 1 Apr 2018 05:03:09 +0000 (UTC) (envelope-from bferrell@baywinds.org) Received: from baywinds.org (50-196-187-248-static.hfc.comcastbusiness.net [50.196.187.248]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "baywinds.org", Issuer "rr-v" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 61C0D698FB for ; Sun, 1 Apr 2018 05:03:08 +0000 (UTC) (envelope-from bferrell@baywinds.org) Received: from [192.0.2.130] (rr-iii [192.0.2.130]) by baywinds.org (8.14.4/8.14.4) with ESMTP id w31530Wt022834; Sat, 31 Mar 2018 22:03:01 -0700 Subject: Re: apache24 ssl setup problems; "unknown protocol" To: freebsd@dreamchaser.org, freebsd-questions@freebsd.org References: <3ebae04a-4928-7979-9100-b0c3317a5284@dreamchaser.org> <210673da-f441-491f-7de4-f4bfbadbf5a5@dreamchaser.org> From: Bruce Ferrell Message-ID: <80dadfa7-ea5f-4027-f862-e1cd39f5694b@baywinds.org> Date: Sat, 31 Mar 2018 22:03:00 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: <210673da-f441-491f-7de4-f4bfbadbf5a5@dreamchaser.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-Greylist: inspected by milter-greylist-4.5.12 (baywinds.org [192.0.2.134]); Sat, 31 Mar 2018 22:03:02 -0700 (PDT) for IP:'192.0.2.130' DOMAIN:'rr-iii' HELO:'[192.0.2.130]' FROM:'bferrell@baywinds.org' RCPT:'' X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.12 (baywinds.org [192.0.2.134]); Sat, 31 Mar 2018 22:03:02 -0700 (PDT) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2018 05:03:10 -0000 On 03/31/2018 08:40 PM, Gary Aitken wrote: > On 03/31/18 17:30, Bruce Ferrell wrote: >> >> On 03/31/2018 04:06 PM, Gary Aitken wrote: >>> On 03/31/18 16:36, Bruce Ferrell wrote: >>>> That *looks* like you have no certs installed >>> >>> That's what I don't understand.  It says it found the cert fine >>> and it matches the domain. >>> From the error log: >>> >>> [Sat Mar 31 13:56:14.019094 2018] [ssl:info] [pid 13686] AH01887: Init: Initializing (virtual) servers for SSL >>> [Sat Mar 31 13:56:14.019107 2018] [ssl:info] [pid 13686] AH01914: Configuring server www.dreamchaser.org:443 for SSL protocol >>> [Sat Mar 31 13:56:14.019438 2018] [ssl:debug] [pid 13686] ssl_engine_init.c(412): AH01893: Configuring TLS extension handling >>> [Sat Mar 31 13:56:14.019920 2018] [ssl:warn] [pid 13686] AH01906: www.dreamchaser.org:443:0 server certificate is a CA certificate ( >>> BasicConstraints: CA == TRUE !?) >>> [Sat Mar 31 13:56:14.020047 2018] [ssl:debug] [pid 13686] ssl_util_ssl.c(443): AH02412: ... Cert matches for name 'www.dreamchaser.org' ,,, >>> [Sat Mar 31 13:56:14.020071 2018] [ssl:info] [pid 13686] AH02568: Certificate and private key www.dreamchaser.org:443:0 configured f >>> rom /tmp/test.crt and /tmp/test.key >>> [Sat Mar 31 13:56:14.020324 2018] [ssl:info] [pid 13686] AH01876: mod_ssl/2.4.25 compiled against Server: Apache/2.4.25, Library: Op >>> enSSL/1.0.1s-freebsd >>> [Sat Mar 31 13:56:14.031071 2018] [mpm_prefork:notice] [pid 13686] AH00163: Apache/2.4.25 (FreeBSD) OpenSSL/1.0.1s-freebsd configure >>> d -- resuming normal operations >>> [Sat Mar 31 13:56:14.031116 2018] [mpm_prefork:info] [pid 13686] AH00164: Server built: unknown >>> [Sat Mar 31 13:56:14.031154 2018] [core:notice] [pid 13686] AH00094: Command line: '/usr/local/sbin/httpd -D NOHTTPACCEPT' >>> [Sat Mar 31 13:56:14.031166 2018] [core:debug] [pid 13686] log.c(1543): AH02639: Using SO_REUSEPORT: no (1) >>> [Sat Mar 31 13:56:14.031177 2018] [mpm_prefork:debug] [pid 13686] prefork.c(1027): AH00165: Accept mutex: flock (default: flock) >>> >>>> On 03/31/2018 03:20 PM, Gary Aitken wrote: >>>>> Hi all, >>>>> >>>>> I'm trying to set up apache24 ssl for the first time; getting nowhere >>>>> very slowly. >>>>> >>>>> Server starts up ok, serves port 80 normally as usual. >>>>> sockstat shows it listening on 443 ok. >>>>> >>>>> When I attempt to connect I get this: >>>>> >>>>> $ openssl s_client -connect 192.168.151.101:443 >>>>> CONNECTED(00000003) >>>>> 34379279064:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:782: >>>>> --- >>>>> no peer certificate available >>>>> --- >>>>> No client certificate CA names sent >>>>> --- >>>>> SSL handshake has read 7 bytes and written 291 bytes >>>>> --- >>>>> New, (NONE), Cipher is (NONE) >>>>> Secure Renegotiation IS NOT supported >>>>> Compression: NONE >>>>> Expansion: NONE >>>>> SSL-Session: >>>>>     Protocol  : TLSv1.2 >>>>>     Cipher    : 0000 >>>>>     Session-ID: >>>>>     Session-ID-ctx: >>>>>     Master-Key: >>>>>     Key-Arg   : None >>>>>     PSK identity: None >>>>>     PSK identity hint: None >>>>>     SRP username: None >>>>>     Start Time: 1522531949 >>>>>     Timeout   : 300 (sec) >>>>>     Verify return code: 0 (ok) >>>>> >>>>> I assume the problem is the unknown protocol issue, but it's not clear >>>>> to me what the unknown protocol it's looking for is. >>>>> My extra/httpd-ssl.conf says: >>>>>   SSLProtocol all -SSLv3 >>>>> and my extra/httpd-vhosts.conf does not override it. >>>>> The error log simply says: >>>>>    [core:debug] [pid 13758] protocol.c(1272): ... : request failed: malformed request line >>>>> >>>>> Running apache24-2.4.25_1 on a 10.3 amd64 >> >> Try this on the certificate: >> >> |openssl x509 -text -in /path/to/cert >> >> Make sure it's the correct kind of certificate > > Thanks for the suggestions. > It looks like I was overriding the cert in httpd-ssl.conf with one > in httpd-vhosts.conf which was obsolete, but for some reason it wasn't > even mentioned in the log, which is troubling.  I've changed that but > no difference -- restarted the server and I see the same behavior. > It looks to me like the cert should be ok, generated today: > > $ openssl x509 -text -in test.crt > Certificate: >     Data: >         Version: 3 (0x2) >         Serial Number: 11683896583821530168 (0xa2258a09ff151438) >     Signature Algorithm: sha256WithRSAEncryption >         Issuer: ... >         Validity >             Not Before: Mar 31 15:42:46 2018 GMT >             Not After : Mar 30 15:42:46 2023 GMT > ... >             Public Key Algorithm: rsaEncryption >                 Public-Key: (2048 bit) > ... >         X509v3 extensions: >             X509v3 Subject Key Identifier: > ... >             X509v3 Authority Key Identifier: > ... >             X509v3 Basic Constraints: >                 CA:TRUE >     Signature Algorithm: sha256WithRSAEncryption > ... > > I'm not sure what "correct kind" is in reference to? > >> |[ssl:warn] [pid 13686] AH01906: www.dreamchaser.org:443:0 server certificate is a CA certificate ( >> BasicConstraints: CA == TRUE !?) >> >> That log line bothers me. I think you may have the worn cert installed > > The bad cert was expired, but I'm still seeing that message with the > new certs afik.  I don't see the expired certs mentioned in the log. > > Thanks for any further pointers, > Gary > This is an expired cert from Let's Encrypt... Nothing confidential about them, so in it's entirety: Certificate:     Data:         Version: 3 (0x2)         Serial Number:             03:ca:27:c0:72:10:33:87:1c:e4:49:84:c3:8e:7a:de:08:d2     Signature Algorithm: sha256WithRSAEncryption         Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3         Validity             Not Before: Oct 31 18:50:59 2017 GMT             Not After : Jan 29 18:50:59 2018 GMT         Subject: CN=baywinds.org         Subject Public Key Info:             Public Key Algorithm: rsaEncryption                 Public-Key: (2048 bit)                 Modulus:                     00:ca:3c:d2:f2:91:90:6d:fb:df:93:b4:92:11:1b:                     e3:d3:ac:57:08:4b:de:12:3d:46:2a:1d:19:d6:76:                     a8:8d:b1:e2:60:4e:09:4c:e4:82:b2:fe:a8:14:c7:                     1d:39:d4:c6:cb:99:f0:e2:08:92:85:c4:0e:ad:fd:                     0a:09:71:67:c2:83:50:d4:ae:a0:f4:15:fa:38:ac:                     9c:d9:ef:45:4d:c2:ae:e2:f8:20:32:e3:b2:d7:e7:                     c0:1f:d9:79:1a:b4:9b:28:6b:2b:4d:38:cf:d3:01:                     3f:d7:28:bf:23:64:c7:c7:93:1f:c9:41:78:69:c3:                     c3:fa:e2:17:72:11:3a:ec:ce:6d:6d:be:29:ba:46:                     09:73:8f:b6:26:1c:55:ce:76:34:c4:7e:6b:f0:3c:                     15:51:f8:78:c8:8d:ca:6b:fa:6c:26:26:f6:4d:a3:                     68:ca:ab:52:f8:b3:c8:c4:9d:c7:69:10:74:62:5d:                     2f:78:78:3c:78:1f:9c:f7:7b:f9:d0:59:3f:4b:6b:                     98:bd:0d:eb:4d:de:aa:a4:56:07:71:c5:ad:a1:90:                     15:56:44:30:46:69:15:2d:44:e4:81:41:f8:a3:10:                     02:56:43:47:d3:b7:39:af:6a:c9:af:08:b8:46:6f:                     5b:3d:67:9e:9b:05:e5:ab:48:5d:87:a9:25:41:ff:                     3c:2f                 Exponent: 65537 (0x10001)         X509v3 extensions:             X509v3 Key Usage: critical                 Digital Signature, Key Encipherment             X509v3 Extended Key Usage:                 TLS Web Server Authentication, TLS Web Client Authentication             X509v3 Basic Constraints: critical                 CA:FALSE             X509v3 Subject Key Identifier: 4B:3D:63:4F:E1:92:2A:7D:44:4D:D7:AC:2D:4E:7C:44:BD:58:EE:20             X509v3 Authority Key Identifier: keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1             Authority Information Access:                 OCSP - URI:http://ocsp.int-x3.letsencrypt.org                 CA Issuers - URI:http://cert.int-x3.letsencrypt.org/             X509v3 Subject Alternative Name:                 DNS:baywinds.org             X509v3 Certificate Policies:                 Policy: 2.23.140.1.2.1                 Policy: 1.3.6.1.4.1.44947.1.1.1                   CPS: http://cps.letsencrypt.org                   User Notice:                     Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/     Signature Algorithm: sha256WithRSAEncryption          32:4b:8d:ce:a6:b6:b5:0a:1e:ec:8e:01:3f:f7:c1:c6:90:ba:          5b:bc:72:dc:b5:e8:d7:73:22:ba:70:73:e3:7e:7e:97:8b:b9:          a0:e8:36:8c:9c:45:5e:8f:94:42:d0:1d:33:fc:6e:03:40:fb:          5f:ed:5a:75:6d:8a:41:8a:1a:0d:59:b2:b3:1d:3d:f7:a2:a8:          c3:b1:a1:99:f3:01:42:32:be:a0:79:e3:cb:3a:2e:22:6d:2d:          e6:31:19:ca:23:fd:57:74:a4:74:d2:96:91:24:de:f1:b2:f9:          c2:bf:9e:93:ba:fa:b9:28:8e:f8:6c:6e:42:73:6a:26:1c:be:          54:1e:3c:2d:de:f2:12:68:9b:87:f0:02:76:f7:3b:8a:54:26:          ff:81:9d:20:d6:9d:ca:27:a9:07:5a:25:e6:01:10:ae:d3:f6:          32:d8:87:96:bc:27:49:5b:2e:41:05:5a:22:a9:73:af:27:83:          da:ca:c1:31:7d:24:5e:6d:85:0c:48:0c:f6:29:cd:3f:c5:4d:          6b:7b:d6:df:bd:2d:bb:fa:aa:99:89:5e:01:80:27:e7:87:e5:          c3:29:b4:91:74:45:e3:9b:52:ec:58:f9:de:1b:24:73:b2:09:          31:28:e1:94:49:a9:7e:b6:be:bf:3f:2a:a8:f8:5a:23:5b:a6:          b8:68:5c:98 and the the ascii of the cert.... Compare yours against this.  Yours seems to say CA: True where mine says CA: False. From owner-freebsd-questions@freebsd.org Sun Apr 1 18:31:48 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 88904F73398 for ; Sun, 1 Apr 2018 18:31:48 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from nightmare.dreamchaser.org (ns.dreamchaser.org [66.109.141.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "nightmare.dreamchaser.org", Issuer "nightmare.dreamchaser.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 0D1DE782B0 for ; Sun, 1 Apr 2018 18:31:47 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from breakaway.dreamchaser.org (breakaway [192.168.151.122]) by nightmare.dreamchaser.org (8.15.2/8.15.2) with ESMTP id w31IVWJH018981; Sun, 1 Apr 2018 12:31:32 -0600 (MDT) (envelope-from freebsd@dreamchaser.org) Reply-To: freebsd@dreamchaser.org Subject: Re: apache24 ssl setup problems; "unknown protocol" To: Bruce Ferrell , freebsd-questions@freebsd.org References: <3ebae04a-4928-7979-9100-b0c3317a5284@dreamchaser.org> <210673da-f441-491f-7de4-f4bfbadbf5a5@dreamchaser.org> <80dadfa7-ea5f-4027-f862-e1cd39f5694b@baywinds.org> From: Gary Aitken Message-ID: Date: Sun, 1 Apr 2018 12:30:51 -0600 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: <80dadfa7-ea5f-4027-f862-e1cd39f5694b@baywinds.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2018 18:31:48 -0000 On 03/31/18 23:03, Bruce Ferrell wrote: > Compare yours against this. Yours seems to say CA: True where mine > says CA: False. The differences I see are as follows (yours first): Yours: Serial Number: 03:ca:27:c0:72:10:33:87:1c:e4:49:84:c3:8e:7a:de:08:d2 Mine: Serial Number: 17102700810868824541 (0xed58ffc6039f19dd) that looks like just a matter of form in terms of the text output Issuer: Yours is an actual CA, lists C,O,CN fields; mine is self-signed, lists C, ST, L, CN fields Validity: Dates are different but both are current X509v3 extensions: Yours: X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: 4B:3D:63:4F:E1:92:2A:7D:44:4D:D7:AC:2D:4E:7C:44:BD:58:EE:20 X509v3 Authority Key Identifier: keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1 Authority Information Access: OCSP - URI:http://ocsp.int-x3.letsencrypt.org CA Issuers - URI:http://cert.int-x3.letsencrypt.org/ X509v3 Subject Alternative Name: DNS:baywinds.org X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 Policy: 1.3.6.1.4.1.44947.1.1.1 CPS: http://cps.letsencrypt.org User Notice: Explicit Text: ... Mine: X509v3 extensions: X509v3 Subject Key Identifier: F0:C6:CB:DE:A6:DC:55:89:C7:3B:0C:AC:67:34:E0:C5:82:FC:6E:DA X509v3 Authority Key Identifier: keyid:F0:C6:CB:DE:A6:DC:55:89:C7:3B:0C:AC:67:34:E0:C5:82:FC:6E:DA X509v3 Basic Constraints: CA:TRUE Finally, mine has an actual cert at the end, presumably because it says it is a CA so the cert itself is included? The main difference seems to be all of the x509v3 extensions present, plus the CA false vs true. Makes me wonder if there is some apache config option which causes it to not work with these kind of test certs. But if that was the case I would expect something in the error log other than the message that it read the cert and key. Your extensions explicitly indicate "Key Usage" (critical, of two types; and "Extended Key Usage" for web server and client authentication; mine does not. But it's not clear to me how to get those into a test cert. If I startup with a different cert without a fqdn matching the server name, I see messages in the log notifying me of this but it still starts up and says it is using the cert. Those are warnings only, so I presume should work ok: [ssl:debug] [pid 18520] ssl_engine_init.c(412): AH01893: Configuring TLS extension handling [ssl:info] [pid 18520] AH02575: Reusing existing private key from /etc/ssl/test3_cert.key on restart [ssl:warn] [pid 18520] AH01906: www.dreamchaser.org:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [ssl:debug] [pid 18520] ssl_util_ssl.c(443): AH02412: [www.dreamchaser.org:443] Cert does not match for name 'www.dreamchaser.org' [subject: CN=Gary Aitken,L=Ovando,ST=MT,C=US / issuer: CN=Gary Aitken,L=Ovando,ST=MT,C=US / serial: E20611662B12B685 / notbefore: Apr 1 17:48:44 2018 GMT / notafter: Mar 31 17:48:44 2020 GMT] [ssl:warn] [pid 18520] AH01909: www.dreamchaser.org:443:0 server certificate does NOT include an ID which matches the server name [ssl:info] [pid 18520] AH02568: Certificate and private key www.dreamchaser.org:443:0 configured from /etc/ssl/test3_cert.crt and /etc/ssl/test3_cert.key More questions: When I hit the server with: openssl s_client -connect 192.168.151.101:443 -showcerts -state I get back: SSL_connect:SSLv2/v3 write client hello A SSL_connect:error in SSLv2/v3 read server hello A 34379279064:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:782: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 291 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1522605618 Timeout : 300 (sec) Verify return code: 0 (ok) --- Does the "no peer certificate available" mean the client did not get a cert back from the server, or is it a complaint from the server saying the client didn't send a cert? The unknown protocol message bothers me. Does this mean: A. the default crypto library port build is missing something needed by apache24? B. the client crypto library is missing something? C. The client is requesting a garbled up protocol the server doesn't know about? D. The server is telling the client it (the server) wants a protocol the client doesn't know about? E. My "openssl s_client ..." command needs some extra args? I presume the client needs no certs/keys on its end, right? libgcrypt on the server is 1.7.6 but 1.8.2 on the client, but there are no port options other than docs. The latest notice in UPDATING is dated 20130503, so it seems like the versioning shouldn't be an issue. still bewildered... Gary From owner-freebsd-questions@freebsd.org Sun Apr 1 19:57:32 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 22164F77E5B; Sun, 1 Apr 2018 19:57:32 +0000 (UTC) (envelope-from efbatey@gmail.com) Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com [IPv6:2a00:1450:400c:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8B8BC7AFB4; Sun, 1 Apr 2018 19:57:31 +0000 (UTC) (envelope-from efbatey@gmail.com) Received: by mail-wm0-x235.google.com with SMTP id w2so3501035wmw.1; Sun, 01 Apr 2018 12:57:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=B8WHJqhsTauqJVbnok8WxeF+buU+1+JSa8bry4OTcFg=; b=PeRLIjt8NiBqQO2U8pBYYnJtiUGdlx3K/107Yg53Fo1z09LJJMaO29KLzuXskrPCIW jxUvKXpkYfREky1TCFU6qbOVXfB8dJXgnVo51G4F7ZxT5VX0So2R0or/22xMvJvbqhPu vzivtlEJd+qyElNiMvvL78EybrWEHonvT9JoLKwKfKcH+d0HCa/N3/9NVJsuUCK5owfb yM6MbZqC0/7TfrkDDthcUdhr6zbf9SiC1X14pT1FcjBVX0WfnjWGkTcRPrHYuTCbm17O t2jGSihL10XdJiF7Ey+8eGa9wX2EaEWS3XphXLYLmymZcjGnoj7BJw7dExu8XkQpR8v5 7zzg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=B8WHJqhsTauqJVbnok8WxeF+buU+1+JSa8bry4OTcFg=; b=SOs2tFGCLOvVNBosj557SJsNihupTbpnXQhevjwlR5KqCYO/miaEYBxl3/XV8ZjAGt vWGiJX1whYzbW5s5B38SQP4LJBIQCD4bLCbOPGyxawtA/PdVYD2BNvIrUQkQUjwO48Zy McZmJx5hfsr/DUINqk0KQTWnWLl4wsuXJmxlC2LJcZYQ3LKiUN01iVBkinNnCABBrty5 vvd9BNr/oXRxA+hUP0ZKfV/QLepxLWFOIMfIlwSuopjNw7IVJ2heT3a/5OE0CyUFkwNQ 3+HILy1cpRHY/xHm0zU2c8TDN2XY8VX4qrB0Q0ZWip8AJVDERF2qjsf/cVArCo4cDZWC UB3w== X-Gm-Message-State: AElRT7Hm2NLL8SkcNy215PXMOWlSV33nZGeTXY/pNnTnnw3VJjbavT6j DitId2YeBVQKvjANgjOsv8BzJfzvucmsBfqLofarsg== X-Google-Smtp-Source: AIpwx48fsIemxZwfqFSg8/tR2yq6fQcdl2CB+hsgIYFtmO0GbmWPIIiUbk1NwzAC7tvq4S2kDv42R04zWzbvUFmiPJc= X-Received: by 10.80.235.65 with SMTP id z1mr10370149edp.154.1522612650183; Sun, 01 Apr 2018 12:57:30 -0700 (PDT) MIME-Version: 1.0 Received: by 10.80.165.131 with HTTP; Sun, 1 Apr 2018 12:57:29 -0700 (PDT) From: Everett Batey G Date: Sun, 1 Apr 2018 12:57:29 -0700 Message-ID: Subject: FBSD on Xenserver, experience To: Questions at FreeBSD , FreeBSD X11 , freebsd-questions@freebsd.org, "Alan Bryan, UUASC" , "Peter Serwe, UUASC" , "Randal L. Schwartz, UUASC" X-Mailman-Approved-At: Sun, 01 Apr 2018 20:19:32 +0000 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2018 19:57:32 -0000 Hope I still have good addresses for Help with FreeBSD. About to migrate Centos Host to probably XenServer. Anyone in FreeBSD country tried a VM of FBSD on a XenServer .. https://docs.citrix.com/content/dam/docs/en-us/xenserver/xenserver-65/XenSe= rver_6.5.0_Technical_FAQ.pdf ? Citrix says: Does XenServer support FreeBSD, NetBSD, or any other BSD variants as a guest operating system? XenServer does not support any BSD-based guest operating systems for general-purpose virtualization deployments. However, FreeBSD 6.3 VMs running on XenServer have been certified for use in specific Citrix products. (At: https://docs.citrix.com/content/dam/docs/en-us/xenserver/xenserver-65/XenSe= rver_6.5.0_Technical_FAQ.pdf ) R/ Everett Batey / efbatey@gmail.com / Skype: wa6cre-10 +1-703-879-6471 or efbarc@cotdazr.org or wa6cre@gmail.com or lioneverett@gmail.com Auxiliary Lions 4-A3 Web Lions 4-A3 Calendar / http://lions.vhwy.com/lcal +1-805-616-2471 / G-Talk/Twitter: efbatey / CrisisLinks http://bit.ly/cw95Um =E2=80=8B *Visit SoCal Linux Expo. > =E2=80=8B Q1-=E2=80=8B201=E2=80=8B9* From owner-freebsd-questions@freebsd.org Sun Apr 1 21:45:42 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0C763F7E317 for ; Sun, 1 Apr 2018 21:45:42 +0000 (UTC) (envelope-from bferrell@baywinds.org) Received: from baywinds.org (50-196-187-248-static.hfc.comcastbusiness.net [50.196.187.248]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "baywinds.org", Issuer "rr-v" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 9EE787F50F for ; Sun, 1 Apr 2018 21:45:40 +0000 (UTC) (envelope-from bferrell@baywinds.org) Received: from [192.0.2.130] (rr-iii [192.0.2.130]) by baywinds.org (8.14.4/8.14.4) with ESMTP id w31LjWOH029411; Sun, 1 Apr 2018 14:45:33 -0700 Subject: Re: apache24 ssl setup problems; "unknown protocol" To: freebsd@dreamchaser.org, freebsd-questions@freebsd.org References: <3ebae04a-4928-7979-9100-b0c3317a5284@dreamchaser.org> <210673da-f441-491f-7de4-f4bfbadbf5a5@dreamchaser.org> <80dadfa7-ea5f-4027-f862-e1cd39f5694b@baywinds.org> From: Bruce Ferrell Message-ID: <3fe11187-df4f-bdf7-1252-75348faf3ff4@baywinds.org> Date: Sun, 1 Apr 2018 14:45:32 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-Greylist: inspected by milter-greylist-4.5.12 (baywinds.org [192.0.2.134]); Sun, 01 Apr 2018 14:45:35 -0700 (PDT) for IP:'192.0.2.130' DOMAIN:'rr-iii' HELO:'[192.0.2.130]' FROM:'bferrell@baywinds.org' RCPT:'' X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.12 (baywinds.org [192.0.2.134]); Sun, 01 Apr 2018 14:45:35 -0700 (PDT) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2018 21:45:42 -0000 Gary, I didn't include the ascii of the cert is all.  We both have that openssl s_client -connect 192.168.151.101:443 -showcerts -state This one is interesting - mine: openssl s_client -connect 127.0.0.1:443 -showcerts -state | more SSL_connect:before/connect initialization SSL_connect:SSLv2/v3 write client hello A SSL_connect:SSLv3 read server hello A depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 verify return:1 depth=0 CN = baywinds.org verify error:num=10:certificate has expired notAfter=Jan 29 18:50:59 2018 GMT verify return:1 depth=0 CN = baywinds.org notAfter=Jan 29 18:50:59 2018 GMT verify return:1 SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server key exchange A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL_connect:SSLv3 read server session ticket A SSL_connect:SSLv3 read finished A CONNECTED(00000003) --- Certificate chain  0 s:/CN=baywinds.org    i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 yours: SSL_connect:SSLv2/v3 write client hello A SSL_connect:error in SSLv2/v3 read server hello A 34379279064:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:782: indicates a failure in the ssl handshake before crypto starts causing the cert to not be returned.  if you do a tcpdump tcpdump -nni port 443 -s0 -w ssl.pcap Pull that into wireshark, you can see that negotiation go on.... client hello server hello, cert, server key exchange, server hello done client key exchange, change cipher spec, encrypted handshake message new session ticket, change cipher spec,  encrypted handshake message If you look at the hello messages, you'll see the supported cyphers for each. I think you'll find there are no ciphers in common and ssl link setup fails.  With no secure channel, no cert is returned On 04/01/2018 11:30 AM, Gary Aitken wrote: > On 03/31/18 23:03, Bruce Ferrell wrote: > >> Compare yours against this.  Yours seems to say CA: True where mine >> says CA: False. > > The differences I see are as follows (yours first): > Yours: >  Serial Number: >      03:ca:27:c0:72:10:33:87:1c:e4:49:84:c3:8e:7a:de:08:d2 > Mine: >  Serial Number: 17102700810868824541 (0xed58ffc6039f19dd) > that looks like just a matter of form in terms of the text output > >  Issuer: > Yours is an actual CA, lists C,O,CN fields; > mine is self-signed, lists C, ST, L, CN fields > >  Validity: > Dates are different but both are current > >  X509v3 extensions: > Yours: >         X509v3 extensions: >             X509v3 Key Usage: critical >                 Digital Signature, Key Encipherment >             X509v3 Extended Key Usage: >                 TLS Web Server Authentication, TLS Web Client Authentication >             X509v3 Basic Constraints: critical >                 CA:FALSE >             X509v3 Subject Key Identifier: > 4B:3D:63:4F:E1:92:2A:7D:44:4D:D7:AC:2D:4E:7C:44:BD:58:EE:20 >             X509v3 Authority Key Identifier: > keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1 >                                 Authority Information Access: >                 OCSP - URI:http://ocsp.int-x3.letsencrypt.org >                 CA Issuers - URI:http://cert.int-x3.letsencrypt.org/ > >             X509v3 Subject Alternative Name: >                 DNS:baywinds.org >             X509v3 Certificate Policies: >                 Policy: 2.23.140.1.2.1 >                 Policy: 1.3.6.1.4.1.44947.1.1.1 >                   CPS: http://cps.letsencrypt.org >                   User Notice: >                     Explicit Text: ... > Mine: >         X509v3 extensions: >             X509v3 Subject Key Identifier: > F0:C6:CB:DE:A6:DC:55:89:C7:3B:0C:AC:67:34:E0:C5:82:FC:6E:DA >             X509v3 Authority Key Identifier: > keyid:F0:C6:CB:DE:A6:DC:55:89:C7:3B:0C:AC:67:34:E0:C5:82:FC:6E:DA > >             X509v3 Basic Constraints: >                 CA:TRUE > > Finally, mine has an actual cert at the end, presumably because it > says it is a CA so the cert itself is included? > > The main difference seems to be all of the x509v3 extensions present, > plus the CA false vs true.  Makes me wonder if there is some > apache config option which causes it to not work with these kind of > test certs.  But if that was the case I would expect something in > the error log other than the message that it read the cert and key. > > Your extensions explicitly indicate "Key Usage" (critical, of two > types; and "Extended Key Usage" for web server and client > authentication; mine does not.  But it's not clear to me how to get > those into a test cert. > > If I startup with a different cert without a fqdn matching the > server name, I see messages in the log notifying me of this but it > still starts up and says it is using the cert.  Those are warnings > only, so I presume should work ok: > > [ssl:debug] [pid 18520] ssl_engine_init.c(412): AH01893: Configuring TLS extension handling > [ssl:info] [pid 18520] AH02575: Reusing existing private key from /etc/ssl/test3_cert.key on restart > [ssl:warn] [pid 18520] AH01906: www.dreamchaser.org:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) > [ssl:debug] [pid 18520] ssl_util_ssl.c(443): AH02412: [www.dreamchaser.org:443] Cert does not match for name 'www.dreamchaser.org' [subject: CN=Gary Aitken,L=Ovando,ST=MT,C=US / > issuer: CN=Gary Aitken,L=Ovando,ST=MT,C=US / serial: E20611662B12B685 / notbefore: Apr  1 17:48:44 2018 GMT / notafter: Mar 31 17:48:44 2020 GMT] > [ssl:warn] [pid 18520] AH01909: www.dreamchaser.org:443:0 server certificate does NOT include an ID which matches the server name > [ssl:info] [pid 18520] AH02568: Certificate and private key www.dreamchaser.org:443:0 configured from /etc/ssl/test3_cert.crt and /etc/ssl/test3_cert.key > > More questions: > > When I hit the server with: >   openssl s_client -connect 192.168.151.101:443 -showcerts -state > I get back: > > SSL_connect:SSLv2/v3 write client hello A > SSL_connect:error in SSLv2/v3 read server hello A > 34379279064:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:782: > --- > no peer certificate available > --- > No client certificate CA names sent > --- > SSL handshake has read 7 bytes and written 291 bytes > --- > New, (NONE), Cipher is (NONE) > Secure Renegotiation IS NOT supported > Compression: NONE > Expansion: NONE > SSL-Session: >     Protocol  : TLSv1.2 >     Cipher    : 0000 >     Session-ID: >     Session-ID-ctx: >     Master-Key: >     Key-Arg   : None >     PSK identity: None >     PSK identity hint: None >     SRP username: None >     Start Time: 1522605618 >     Timeout   : 300 (sec) >     Verify return code: 0 (ok) > --- > > Does the "no peer certificate available" mean the client did not get > a cert back from the server, or is it a complaint from the server > saying the client didn't send a cert? > > The unknown protocol message bothers me.  Does this mean: >   A. the default crypto library port build is missing something >      needed by apache24? >   B. the client crypto library is missing something? >   C. The client is requesting a garbled up protocol the server >      doesn't know about? >   D. The server is telling the client it (the server) wants a >      protocol the client doesn't know about? >   E. My "openssl s_client ..." command needs some extra args? >      I presume the client needs no certs/keys on its end, right? > > libgcrypt on the server is 1.7.6 but 1.8.2 on the client, but there > are no port options other than docs.  The latest notice in UPDATING > is dated 20130503, so it seems like the versioning shouldn't be an > issue. > > still bewildered... > > Gary > From owner-freebsd-questions@freebsd.org Sun Apr 1 23:12:32 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 85568F82671 for ; Sun, 1 Apr 2018 23:12:32 +0000 (UTC) (envelope-from knezour@weboutsourcing.cz) Received: from smtp-out.ujezd.net (smtp-out.ujezd.net [81.90.241.92]) by mx1.freebsd.org (Postfix) with ESMTP id 12DAE82937 for ; Sun, 1 Apr 2018 23:12:31 +0000 (UTC) (envelope-from knezour@weboutsourcing.cz) Received: by smtp-out.ujezd.net (Postfix, from userid 1001) id 40DrVh2WXpz9sJJ; Mon, 2 Apr 2018 01:03:08 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on smtp-out.ujezd.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=7.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.3.2 Received: from [192.168.1.221] (unknown [10.52.128.10]) by smtp-out.ujezd.net (Postfix) with ESMTP id 40DrVg4C36z9sFK for ; Mon, 2 Apr 2018 01:03:07 +0200 (CEST) Subject: Re: FBSD on Xenserver, experience To: freebsd-questions@freebsd.org References: From: Ondra Knezour Message-ID: <47f2be2b-a692-76b4-2cad-23feff2c3c7c@weboutsourcing.cz> Date: Mon, 2 Apr 2018 01:03:08 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms030404040509030003030007" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2018 23:12:32 -0000 This is a cryptographically signed message in MIME format. --------------ms030404040509030003030007 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: cs Content-Transfer-Encoding: quoted-printable Dne 01.04.2018 v 21:57 Everett Batey G napsal(a): > About to migrate Centos Host to probably XenServer. Works for me, XenServers from 5.x up to 7.2, FreeBSD guests from 9.x to 1= 1.x You may like to install sysutils/xe-guest-utilities for better integratio= n https://www.freshports.org/sysutils/xe-guest-utilities/ Side note - as you write "probably XenServer" i would suppose you didn't = settle there definitely, so you may be interested in the ressurected=20 community effort to provide complete server, not only hypervisor -=20 XCP-ng https://xcp-ng.github.io/news/2018/03/31/first-xcp-ng-release.html= --=20 Ondra Knezour --------------ms030404040509030003030007 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: Elektronicky podpis S/MIME MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC Dh8wggZfMIIFR6ADAgECAgFxMA0GCSqGSIb3DQEBCwUAMFsxCzAJBgNVBAYTAkNaMSwwKgYD VQQKDCPEjGVza8OhIHBvxaF0YSwgcy5wLiBbScSMIDQ3MTE0OTgzXTEeMBwGA1UEAxMVUG9z dFNpZ251bSBSb290IFFDQSAyMB4XDTEwMDExOTExMzEyMFoXDTIwMDExOTExMzAyMFowXzEL MAkGA1UEBhMCQ1oxLDAqBgNVBAoMI8SMZXNrw6EgcG/FoXRhLCBzLnAuIFtJxIwgNDcxMTQ5 ODNdMSIwIAYDVQQDExlQb3N0U2lnbnVtIFF1YWxpZmllZCBDQSAyMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAptFF5UWWYyihAP9nMkD0zv3ctxmK8dG9YQbyOwSmnbFNrJHX ui+zw4x6hgqO8ajo8N+QImz6wFhLSrlZAUCl1aTKX+1Q7DWhnZI9Krq5gslTI5hIo8w6ArPi 7de4HgqLVn6LwVvvN5HJ7p6pqEr62qXdkAmeskqALhfZNrVEqTEr4e7Vt2FYkDeDAv5aQhls v89gjON6375PyyxYrU9Z0FexJ8o5OKQ3Nm3ZU8RMBAMGk5jGoCAt8JFtxv0pTZYgxPc03Egu 7ew2X44z2BX8ZY73jckew4wBXIlJBERpmSwbkoPPM3NBL8uxtiQW2ckCaaHuD2n0KLpwQn6l 8FO0wQIDAQABo4IDKDCCAyQwgfEGA1UdIASB6TCB5jCB4wYEVR0gADCB2jCB1wYIKwYBBQUH AgIwgcoagcdUZW50byBrdmFsaWZpa292YW55IHN5c3RlbW92eSBjZXJ0aWZpa2F0IGJ5bCB2 eWRhbiBwb2RsZSB6YWtvbmEgMjI3LzIwMDBTYi4gYSBuYXZhem55Y2ggcHJlZHBpc3UvVGhp cyBxdWFsaWZpZWQgc3lzdGVtIGNlcnRpZmljYXRlIHdhcyBpc3N1ZWQgYWNjb3JkaW5nIHRv IExhdyBObyAyMjcvMjAwMENvbGwuIGFuZCByZWxhdGVkIHJlZ3VsYXRpb25zMBIGA1UdEwEB /wQIMAYBAf8CAQAwgbwGCCsGAQUFBwEBBIGvMIGsMDcGCCsGAQUFBzAChitodHRwOi8vd3d3 LnBvc3RzaWdudW0uY3ovY3J0L3Bzcm9vdHFjYTIuY3J0MDgGCCsGAQUFBzAChixodHRwOi8v d3d3Mi5wb3N0c2lnbnVtLmN6L2NydC9wc3Jvb3RxY2EyLmNydDA3BggrBgEFBQcwAoYraHR0 cDovL3Bvc3RzaWdudW0udHRjLmN6L2NydC9wc3Jvb3RxY2EyLmNydDAOBgNVHQ8BAf8EBAMC AQYwgYMGA1UdIwR8MHqAFBUpjMVFaau4s8Pq/ku4Mdjc8Od2oV+kXTBbMQswCQYDVQQGEwJD WjEsMCoGA1UECgwjxIxlc2vDoSBwb8WhdGEsIHMucC4gW0nEjCA0NzExNDk4M10xHjAcBgNV BAMTFVBvc3RTaWdudW0gUm9vdCBRQ0EgMoIBZDCBpQYDVR0fBIGdMIGaMDGgL6AthitodHRw Oi8vd3d3LnBvc3RzaWdudW0uY3ovY3JsL3Bzcm9vdHFjYTIuY3JsMDKgMKAuhixodHRwOi8v d3d3Mi5wb3N0c2lnbnVtLmN6L2NybC9wc3Jvb3RxY2EyLmNybDAxoC+gLYYraHR0cDovL3Bv c3RzaWdudW0udHRjLmN6L2NybC9wc3Jvb3RxY2EyLmNybDAdBgNVHQ4EFgQUiehM34smOT7X JC4SDnrn5ifl1pcwDQYJKoZIhvcNAQELBQADggEBAHXszZUHjwBcJV9V544ujQsgllyDkTId Qq6tud9/q1A6bJPuDOmQk1jcjeKNbYSsF9Qz/od58zFgopZKziNeoZIrlB/EbQHQ7e4Z8c9L hYV+1o9ICdaTW2Ilnhzjf7NIkJwffef2kOa+3yfSP7pxABkhaHg8+maS9SDe43gTRvNkecfa 4rMy+lWcTrAqaXqhX49R88BI8hhDD2AUQA1wzOnXSFckeuc6jRqU+SXKZl1NWywFfB3OFIGw V6XV5UFK9U7Hr7LzN1uuREs69NWdIxvrMf5+zKBTjSaKZ2jfStj/o3611CFsz+xMLGB1YDLa DR6UA3XOL0nHppDvrCgNyf4wgge4MIIGoKADAgECAgMl0IkwDQYJKoZIhvcNAQELBQAwXzEL MAkGA1UEBhMCQ1oxLDAqBgNVBAoMI8SMZXNrw6EgcG/FoXRhLCBzLnAuIFtJxIwgNDcxMTQ5 ODNdMSIwIAYDVQQDExlQb3N0U2lnbnVtIFF1YWxpZmllZCBDQSAyMB4XDTE3MDgxNDA4MzMy MloXDTE4MDkwMzA4MzMyMlowgbAxCzAJBgNVBAYTAkNaMRcwFQYDVQRhEw5OVFJDWi02ODg4 NTQ4MjEpMCcGA1UECgwgT25kxZllaiBLbsSbxb5vdXIgW0nEjCA2ODg4NTQ4Ml0xCjAIBgNV BAsTATExGjAYBgNVBAMMEU9uZMWZZWogS27Em8W+b3VyMRIwEAYDVQQEDAlLbsSbxb5vdXIx EDAOBgNVBCoMB09uZMWZZWoxDzANBgNVBAUTBlAxODIzNjCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBALMTzolQJ4/7Uw+BlI54R2eFXu6phVh7rkWGtr+SFkhb1XGVFmh1pBhO 5b9t5LZOLDrbwClN/P01/ETkIXV8jelvIm4LwhHLyzgPBFmjflHot0m4gf7og9PGEPl4gmdj aqcvQw9sa5+UUm1vOxA5DblvqGOVm26Nmijz0TGS+2ZGfnP2s4UgKZn9+DNDn/6Tky47rfiJ 7tX1g6VrvD1KgpBEDgNdoxtE/xoL9enoyHrphyTSwrNbEmsDcYNHCKe+Awy6deXkoSyxc1Fa 3BbZgZ6EYWExzh435wl3AI+PKftvprOfgTMr43dWK6hUtE9+LQYE2Cx6O0iFHEkQsDsJUqEC AwEAAaOCBCkwggQlMEoGA1UdEQRDMEGBGWtuZXpvdXJAd2Vib3V0c291cmNpbmcuY3qgGQYJ KwYBBAHcGQIBoAwTCjExMjg5MTE4NjGgCQYDVQQNoAITADAJBgNVHRMEAjAAMIIBKwYDVR0g BIIBIjCCAR4wggEPBghngQYBBAERZDCCAQEwgdgGCCsGAQUFBwICMIHLGoHIVGVudG8ga3Zh bGlmaWtvdmFueSBjZXJ0aWZpa2F0IHBybyBlbGVrdHJvbmlja3kgcG9kcGlzIGJ5bCB2eWRh biB2IHNvdWxhZHUgcyBuYXJpemVuaW0gRVUgYy4gOTEwLzIwMTQuVGhpcyBpcyBhIHF1YWxp ZmllZCBjZXJ0aWZpY2F0ZSBmb3IgZWxlY3Ryb25pYyBzaWduYXR1cmUgYWNjb3JkaW5nIHRv IFJlZ3VsYXRpb24gKEVVKSBObyA5MTAvMjAxNC4wJAYIKwYBBQUHAgEWGGh0dHA6Ly93d3cu cG9zdHNpZ251bS5jejAJBgcEAIvsQAEAMIGbBggrBgEFBQcBAwSBjjCBizAIBgYEAI5GAQEw agYGBACORgEFMGAwLhYoaHR0cHM6Ly93d3cucG9zdHNpZ251bS5jei9wZHMvcGRzX2VuLnBk ZhMCZW4wLhYoaHR0cHM6Ly93d3cucG9zdHNpZ251bS5jei9wZHMvcGRzX2NzLnBkZhMCY3Mw EwYGBACORgEGMAkGBwQAjkYBBgEwgfoGCCsGAQUFBwEBBIHtMIHqMDsGCCsGAQUFBzAChi9o dHRwOi8vd3d3LnBvc3RzaWdudW0uY3ovY3J0L3BzcXVhbGlmaWVkY2EyLmNydDA8BggrBgEF BQcwAoYwaHR0cDovL3d3dzIucG9zdHNpZ251bS5jei9jcnQvcHNxdWFsaWZpZWRjYTIuY3J0 MDsGCCsGAQUFBzAChi9odHRwOi8vcG9zdHNpZ251bS50dGMuY3ovY3J0L3BzcXVhbGlmaWVk Y2EyLmNydDAwBggrBgEFBQcwAYYkaHR0cDovL29jc3AucG9zdHNpZ251bS5jei9PQ1NQL1FD QTIvMA4GA1UdDwEB/wQEAwIF4DAfBgNVHSMEGDAWgBSJ6EzfiyY5PtckLhIOeufmJ+XWlzCB sQYDVR0fBIGpMIGmMDWgM6Axhi9odHRwOi8vd3d3LnBvc3RzaWdudW0uY3ovY3JsL3BzcXVh bGlmaWVkY2EyLmNybDA2oDSgMoYwaHR0cDovL3d3dzIucG9zdHNpZ251bS5jei9jcmwvcHNx dWFsaWZpZWRjYTIuY3JsMDWgM6Axhi9odHRwOi8vcG9zdHNpZ251bS50dGMuY3ovY3JsL3Bz cXVhbGlmaWVkY2EyLmNybDAdBgNVHQ4EFgQUqufjUxGsMA+xtVWU4YLcbVlSzwMwDQYJKoZI hvcNAQELBQADggEBABsAmzl0z0QC4GNX/4anD814EgO8fAky/e0CQi32q//hwlR3lilKKaFv 58pQjPZW6+EDi0yvUTFNI1H232l27PVdWMrvAsbuaP53YcT9X3gLuocysXV6gxFdUl+YTbXH 2xLyf2XPZUwSAvSNq3hoMvEKhG2G1LTtGN4kOlKne3k1kLqjharrvvbXRFKAR/NtLSUPiHoT Yl0VyixfJpRxUcxzxwBPai8mHM5elpucI8Z4jUz/8zYaoXyYNOzo081XtwuD8h/uv1fhwyTu 6oCxsGqcxiWhochkwxBMZ4dE1DRioPUciDW/D0WCS2WXMiwZzmYKA92y3N3V/x0/GDRo1c0x ggNcMIIDWAIBATBmMF8xCzAJBgNVBAYTAkNaMSwwKgYDVQQKDCPEjGVza8OhIHBvxaF0YSwg cy5wLiBbScSMIDQ3MTE0OTgzXTEiMCAGA1UEAxMZUG9zdFNpZ251bSBRdWFsaWZpZWQgQ0Eg MgIDJdCJMA0GCWCGSAFlAwQCAQUAoIIBxzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwG CSqGSIb3DQEJBTEPFw0xODA0MDEyMzAzMDhaMC8GCSqGSIb3DQEJBDEiBCD6BL0Gk+JWRRoo IlPP7UOHCN2eFe0RGaivwhWOJ6MWxzBsBgkqhkiG9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjAL BglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFA MAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMHUGCSsGAQQBgjcQBDFoMGYwXzELMAkGA1UEBhMC Q1oxLDAqBgNVBAoMI8SMZXNrw6EgcG/FoXRhLCBzLnAuIFtJxIwgNDcxMTQ5ODNdMSIwIAYD VQQDExlQb3N0U2lnbnVtIFF1YWxpZmllZCBDQSAyAgMl0IkwdwYLKoZIhvcNAQkQAgsxaKBm MF8xCzAJBgNVBAYTAkNaMSwwKgYDVQQKDCPEjGVza8OhIHBvxaF0YSwgcy5wLiBbScSMIDQ3 MTE0OTgzXTEiMCAGA1UEAxMZUG9zdFNpZ251bSBRdWFsaWZpZWQgQ0EgMgIDJdCJMA0GCSqG SIb3DQEBAQUABIIBAGU0UDA27twmyiDq4Pw6mB86bOthqzkDquKn98r7Hm+8cCc0x1UJlIa+ d0Z0qHO7HJP/QwfkPo7stscvCrhBWMjD82cjrtRmmZf+sB1ZT2PoaMvZrwUT2UnXLNlvYj8U kB5/y5ZyBfktHCm40EsJhUt0gT4szv+tyw0+jCldqzhajnm5fIdcq59nvKDHQY+T/UrhlwzK jpBU1uvrIglqcIuHE8gN2uNAC3bk0txh1z+RbcpMadSymH7AU1Ww37da7LLs2/sD7bmHABOb xMxXJWsQApbGpBh9iGXYRQARugwa3LG+Hq/A9PcUR+AKuQmdHDOIdXe+sBJN8/aqfqYbDcwA AAAAAAA= --------------ms030404040509030003030007-- From owner-freebsd-questions@freebsd.org Sun Apr 1 23:43:26 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6F027F83DEF for ; Sun, 1 Apr 2018 23:43:26 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.17.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CAF9983784 for ; Sun, 1 Apr 2018 23:43:24 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de ([92.195.125.23]) by mrelayeu.kundenserver.de (mreue102 [212.227.15.183]) with ESMTPA (Nemesis) id 0MIe7s-1f4yP71gUa-002DJ8; Mon, 02 Apr 2018 01:38:05 +0200 Date: Mon, 2 Apr 2018 01:38:05 +0200 From: Polytropon To: Waitman Gobble Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD src broken? Message-Id: <20180402013805.7430aacf.freebsd@edvax.de> In-Reply-To: References: Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:ZM/HK3//Ljes1xEXavt8Jla8wycNas6e72YEeMUrRXoJy0w4lnJ N8r0eacMLuxwgJv+54DuTLr4VXAzvh+v19jUk9gB/GWfK34mdV0E/2vHVklep/bASghjNy4 brVnt6p5s9keGXFoqvaLDHaKjeNP6bK7e+IBpq/Lj9EGlh/1wvjQFNtpzfS3dHSayoILsoe xysZrSaZVbQoo0NZ5ITSw== X-UI-Out-Filterresults: notjunk:1;V01:K0:hUJ94hWmpPo=:or9u1xpukUBmeTzU9vkgou 6zgSRsxa5nnpHBgvQfAkZhIea7RADr6sXJbt7AvkbfYooUH7VW7VD6vlp59nDZ0PmG0zhMsCE r2nAF0FbSo422IITvzRgcdenMvFrKgZzoOxASrftTg5XHyDLj9J5L9ovg5x06PTfIZXwE30w8 xj5Yr+v+XkUDITVsK1HEJOoWvKTKLpZXT+UPanQIBhhlkJ77JD806eYHJPSXkvRQy272H7ct6 qUB4XdEpIEM/Murd0n8DCELtbs2F+zgk0gWSfCt6+ZVarf5iU41gGPuUtvXi6lXc86db+e+dH SBPuc4YGrkBN4DkcgweRRqSAVR+xbu9biIuA+z8d4S7TtteiaDZAs7jEooDopfQPkkke7d3Yw 7fzLuFXDfCDpj36/epli9mfDafsG+x6OBBEn2pQf0PI00yB+ckUi0TDszrDHK/6vRy5tp5k7f jEugtjl96Vr2pxidr9oR7tlWQaJuauCj2pMK9XRvJ5S6p5/+s0NUv7Oi1hWneV8x7B0vQxXYD I5YPsb/eIah9Lee2gNlx00ztSlGfc9+KIdxi+ZYPrLMz30Uwld8RREQFACHQNbc78hpSRU05B oQ7Vsndmk2huYPy5WHK5eaVBjmQYG+bDkTzV/zYaN92u5ka54knHxetmadRbPKciLjtsbCj1s PDcywMexlauwBlYt8NQV13D1fYVCBUn79uQhWAs46L3/SSNthmmNSjkWCbJInyaKqxQPS5VF8 upYi4FwHoD5OPPz8vb0oLs5J4ign2kJv7WSsPhUV7s6aOX3KrUSAkufVkQc= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2018 23:43:26 -0000 On Sat, 31 Mar 2018 20:24:42 -0600, Waitman Gobble wrote: > On Sat, Mar 31, 2018 at 7:55 PM, Waitman Gobble wrote: > > Updating src following handbook. > > svn update > > > > updating src fails with checksum mismatch on llvm-objdump/COFFdump.cpp > > > > I found some suggestions about deleting the directory and trying update > > again. Stops on same file. > > > > is this a problem with the source repository? > > > > > > I deleted /usr/src and re-fetched src, seems to be working. I guess > svn update 'usually works'. but not always? Did you previously install (using src.txz) / update / overwrite the /usr/src subtree with freebsd-update? -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Sun Apr 1 23:48:15 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 44423F8413F for ; Sun, 1 Apr 2018 23:48:15 +0000 (UTC) (envelope-from gobble.wa@gmail.com) Received: from mail-ua0-x236.google.com (mail-ua0-x236.google.com [IPv6:2607:f8b0:400c:c08::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C3C9F8391B for ; Sun, 1 Apr 2018 23:48:14 +0000 (UTC) (envelope-from gobble.wa@gmail.com) Received: by mail-ua0-x236.google.com with SMTP id q26so3032069uab.0 for ; Sun, 01 Apr 2018 16:48:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ePBg3PbbOEjY75yIVgqqF3EIu3zQ8nYwQxlTLsc8y0g=; b=Wx8qqGwWxh6aNxNeB5x+kDwOkPSGxTS25OgVYAvXQTp3gRKT67N+thp6I9RvlPmuD1 snbYQDTi7MTIbVPxXpNRO7flC+Hp8KxNzMkJN4QQWKDXYhaCj4w6O5GJJdMOqXmkXLfj ObsuL32DzIn9MqJHIJSLAcAzECe1rG9u2x56Cb2tO7A0CKWu/noK7aKTRzUh4U+pF+qx newXuES38HRj26r0AkofgGIgnteRkuO0sUv4ZhH/9AHLPpVaLg3V5kHb7qDKHhJphjjh 4+107sD1gQdyeHg3mvtsO91uYN7ZqD3QHcoGQLS5C4rDns8oiUj3v78lRoBHjJVRPt1J Kt5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ePBg3PbbOEjY75yIVgqqF3EIu3zQ8nYwQxlTLsc8y0g=; b=H+xloxat1DxngLcValEUXr/74jJUZNklyuRr/HM+nhhFbyUK4zoBCMQcghMxff+2bZ 4KI5mAFkDbzgCeM/v3hGkD+Dprcs58bWlXQiJORkTxX9fy/W8J+4xeFwoy4oFt/5yagN 0dHoEga50nkRcmvxDKLp+1BZIBJV/TdbYqFW138eE4a2xcokC/on6qqX6eZPc3O3R/nl SQlH/LwPRFE+A16UaSvqLufkk5aubNdGy83Ln+Y6V6x49uBZWSr8QErcTco8wuVDeVmJ v4j7KdG1CS/grHuuuKfrYbHPofjKojwIZCllooneo1QGYdnqOsHkMLOqAWW+MUnD6QOu B0FA== X-Gm-Message-State: AElRT7GOrp6GvL3D8tiOrud0UTHphk1BTQtnhdmo8zgr8ax+VuznMBbs YG30Dq3AUI36YtDqv/g1zbJbAlT7LYNU424QXV4= X-Google-Smtp-Source: AIpwx4+mIVX+0gt4C6HqGUBzWFfycMxV7bYgWgISNVwHVXSInWGBSDWkWrRgsAQzUCyQac5NZrD/WKWpszCCV0p5TEQ= X-Received: by 10.176.68.35 with SMTP id m32mr4349478uam.95.1522626494089; Sun, 01 Apr 2018 16:48:14 -0700 (PDT) MIME-Version: 1.0 References: <20180402013805.7430aacf.freebsd@edvax.de> In-Reply-To: <20180402013805.7430aacf.freebsd@edvax.de> From: Waitman Gobble Date: Sun, 01 Apr 2018 23:48:03 +0000 Message-ID: Subject: Re: FreeBSD src broken? To: Polytropon Cc: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2018 23:48:15 -0000 On Sun, Apr 1, 2018, 7:38 PM Polytropon wrote: > On Sat, 31 Mar 2018 20:24:42 -0600, Waitman Gobble wrote: > > On Sat, Mar 31, 2018 at 7:55 PM, Waitman Gobble > wrote: > > > Updating src following handbook. > > > svn update > > > > > > updating src fails with checksum mismatch on llvm-objdump/COFFdump.cpp > > > > > > I found some suggestions about deleting the directory and trying update > > > again. Stops on same file. > > > > > > is this a problem with the source repository? > > > > > > > > > > I deleted /usr/src and re-fetched src, seems to be working. I guess > > svn update 'usually works'. but not always? > > Did you previously install (using src.txz) / update / overwrite > the /usr/src subtree with freebsd-update? > > > -- > Polytropon > Magdeburg, Germany > Happy FreeBSD user since 4.0 > Andra moi ennepe, Mousa, ... > i don't remember, maybe. I have waited for the Intel bs to settle before updating, i decided its been long enough :) deleting /usr/src and pulling a fresh copy solved my problem. Thank you for the reply. From owner-freebsd-questions@freebsd.org Mon Apr 2 02:04:37 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5B423F589D0 for ; Mon, 2 Apr 2018 02:04:37 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from nightmare.dreamchaser.org (ns.dreamchaser.org [66.109.141.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "nightmare.dreamchaser.org", Issuer "nightmare.dreamchaser.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id C79E587D8E for ; Mon, 2 Apr 2018 02:04:36 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from breakaway.dreamchaser.org (breakaway [192.168.151.122]) by nightmare.dreamchaser.org (8.15.2/8.15.2) with ESMTP id w3224Icp025124; Sun, 1 Apr 2018 20:04:18 -0600 (MDT) (envelope-from freebsd@dreamchaser.org) Subject: Re: apache24 ssl setup problems; "unknown protocol" [Solved] From: Gary Aitken To: Bruce Ferrell , freebsd-questions@freebsd.org Reply-To: freebsd@dreamchaser.org, freebsd@dreamchaser.org References: <3ebae04a-4928-7979-9100-b0c3317a5284@dreamchaser.org> <210673da-f441-491f-7de4-f4bfbadbf5a5@dreamchaser.org> <80dadfa7-ea5f-4027-f862-e1cd39f5694b@baywinds.org> Message-ID: Date: Sun, 1 Apr 2018 20:03:37 -0600 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 02:04:37 -0000 The problem turned out to be an apache configuration error related to virtual hosts. The openssl error message was: SSL23_GET_SERVER_HELLO:unknown protocol I finally found this article (why I didn't get it on numerous other searches is somewhat of a mystery): https://stackoverflow.com/questions/15166950/unable-to-establish-ssl-connection-how-do-i-fix-my-ssl-cert#15168180 which, while rather outdated in some respects, gives the right hint -- the error is reported when the server sends back a normal http response instead of https. An easy test for this is to try connecting in a browser to http[no s]://addr:443; if it works, the server isn't using ssl. I had enabled and tweaked extra/httpd-ssl.conf; also httpd-vhosts.conf. httpd-ssl.conf had ssl enabled so (default from install): ... SSLEngine on I had erroneously assumed including httpd-ssl.conf would turn it on in the general case. The virtual host definitions were missing the directive to activate it. Duh. It's right there at the top of the apache web page which I had used when I started... Thanks Bruce for your patience. Gary From owner-freebsd-questions@freebsd.org Mon Apr 2 03:52:12 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DBAD6F6F60D for ; Mon, 2 Apr 2018 03:52:11 +0000 (UTC) (envelope-from freebsd.ed.lists@sumeritec.com) Received: from mx6-out9.antispamcloud.com (mx6-out9.antispamcloud.com [95.211.2.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 685C26B8F5 for ; Mon, 2 Apr 2018 03:52:10 +0000 (UTC) (envelope-from freebsd.ed.lists@sumeritec.com) Received: from [153.92.8.106] (helo=srv31.niagahoster.com) by mx68.antispamcloud.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1f2qVj-0007e7-Ko; Mon, 02 Apr 2018 05:52:01 +0200 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sumeritec.com; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:References:In-Reply-To:Message-ID:Subject:Cc:To:From:Date:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=NvJswGGlQ0NNU3NU8vOKUfDl12IF5b5COlY43PYQ8bw=; b=VnVHSWnLyZ5aqiaJIJzBGwBc7c 8Hg2c3wOzQqIMhnaSu4pizFIVXATOkkKrLVxCvWdxMhm19lJIEVEwpQrcTPN9smgzokmwZOMGiWGT EB5vlQHcXxKqCuc1aGm6dczWWBa30AfbwGMQPV5MviRbnsSQyZh1aqQGpkS4TVt+2wan66eSLwqKz kEin6/+io++PwUCp5e+u0H2cGYxugePe3Ys95VGqho7WISZb0WXFQ+2lHD8suwOPjJH+yRSrxHj7W j3hVSuXnu5NOqSQqn4eMa166SGlNEkHsOw86KAzxDEMU33RdYjM0ajqQ6SVlR84L5e9KsXcchaAh7 kXViGF/w==; Received: from [114.125.73.182] (port=64296 helo=X220.sumeritec.com) by srv31.niagahoster.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89_1) (envelope-from ) id 1f2qUr-0006Va-4D; Mon, 02 Apr 2018 10:51:09 +0700 Date: Mon, 2 Apr 2018 11:51:02 +0800 From: Erich Dollansky To: "Jean M. Vandette" Cc: "freebsd-questions@freebsd.org" Subject: Re: gpart recovery FreeBSD 7.4 Message-ID: <20180402115102.08679f26.freebsd.ed.lists@sumeritec.com> In-Reply-To: <3856200b233947ca939e1c5ffa152661@securenet.net> References: <6b89534c97b14e51b67581e34efac71c@securenet.net> <20180330221523.0b5f8fdd.freebsd.ed.lists@sumeritec.com> <20180331070140.00a1b6fa.freebsd.ed.lists@sumeritec.com> <20180331204056.619965d1.freebsd.ed.lists@sumeritec.com> <3856200b233947ca939e1c5ffa152661@securenet.net> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-OutGoing-Spam-Status: No, score=-0.5 X-AuthUser: freebsd.ed.lists@sumeritec.com X-Originating-IP: 153.92.8.106 X-AntiSpamCloud-Domain: out.niagahoster.com X-AntiSpamCloud-Username: niaga Authentication-Results: antispamcloud.com; auth=pass (login) smtp.auth=niaga@out.niagahoster.com X-AntiSpamCloud-Outgoing-Class: ham X-AntiSpamCloud-Outgoing-Evidence: Combined (0.09) X-Recommended-Action: accept X-Filter-ID: EX5BVjFpneJeBchSMxfU5p7OEqFO86woh0HWbxzWugV602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx q3u0UDjvO4WVEjIK39e0l3PJA6vYUNi1gthAiUJtF1GFtCwOi7APvyegFAN3MVG+8Mu8M+ESLE+f zSH/OCabdgYrKxSFlmxprZdPWqTAoPoTgl30IzxbXdQ4tbVi/V9RUEy9PbVbFYl9wd8Cdu9P7nDm 4wCNFvoS2TIc5KWIJ11Cs3TsJMjTYxFBjiwvt8YGG8KnqhbQXUxgANYCyD585IGoHNHA90K+ebhG qw0UC+6i7tkVEyBKGYJwT+HFpsvK90gWDRA4t76lEaoB788kk1VRHzrv8x5evune9FPWQSxbftJN ZtX4PAOCjUgciZoe1nbnonHdmEwzxPv6OleYcjgzAbIebFgNNF1hrtK2exjyNIotpcZLeuAZ/8RV tRJqu4SdYrxuM7pJnfcEt04DlAClzJj9jZZhw7smKxiBSI9drrNP8BBEa+HDctSZyW8CR81P4pQC FII0cyBdmsO5awJEhhc5swfbdYWZ/x+YqveaPZoICKmvKTjECb0PwpN4olPuA0AI98r9/dnZt1bw kV6uInQw1zvFbSB4OxBCs6AxR+H5D8V+PelKk4PhlTx9aNzC3ndKPrdeHtJHB1tEmn6pNnZDsufJ 2z4fs0eZHOeDJ6dz4Z2jRsHjMpUVGL2it/VpKpvQn5u3Hj9nzHFECLEV8EOCh/sqVOoQzwrCXZje TAZGYgNwlCoRCE9CPqqMYuF1qRuuEe0SbnlTDNHtRllIS9ElVYc8CVsONrMJuGzuoGnKTKcy1eyD 7JcQilYK02SYmSiV1ucl21y2TwmMxJz+gU1wKb+BBkENQYujqKl8rFj50trSQA8PC5NBesxO/gc2 I+P8qev5+xNLX7J80SrUE4vW6MWZ0dEqwY4lelob0ErttooptwERZXSSDZL7eS4eAbBXy8hQdO02 pRv/nbK/cXX+6jRr9/Mn670rgEzRrsP4YRqdx41tn/0JOts9UlqtbDvD3A== X-Report-Abuse-To: spam@quarantine1.antispamcloud.com X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 03:52:12 -0000 Hi, On Sat, 31 Mar 2018 18:43:06 +0000 "Jean M. Vandette" wrote: > I used the recoverdisk > root@central:/ # recoverdisk /dev/gpt/root /mnt2/root.img I never used this program. > I did newfs on the boot then it mounted seems it does not recognize That was dangerous. When I have had the problem I really went down to read the partition information from the disk into a file and tried to understand it. This method helped recently when a disk has had developed so many bad sectors that it shrank its size during a boot. So, I did the same with its GPT information, mounted it, made a backup of the last hours of work and returned it to the manufacturer. > I don't have other mount points ie disks to make copy. This is a real problem at this stage. > the recoverydisk with state 0 says it encountered no errors so it is > seeing the data (I presume) just it is a binary file it seems. Now > is the data usable is another question. Using more or less I see a > lot of binary gibberish so far. Yes, the data is all binary. The key to any disk is its first sector. > > I don't know if there is a way to write the superblock information > without losing all the data if you or anyone knows I would appreciate > the procedure. Did it once before or should say my mentor did it back > on 3.1 and then was able to fsck and mount the data. This is all not a problem but it come much, much later. There is something wrong with your partitioning tables. I would try to find this out. Get a hex editor of your choice. dd the first sector of the disk, open it in the editor. I used Wikipedia to provide me with the structure information of the disk. This all depends how it was partitioned and later formatted. MBR, GPT ... I know that this is hard work and will take time. Erich From owner-freebsd-questions@freebsd.org Mon Apr 2 04:11:38 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 18091F7091B for ; Mon, 2 Apr 2018 04:11:38 +0000 (UTC) (envelope-from jmvandette@securenet.net) Received: from ms.securenet.net (ms.securenet.net [205.236.147.20]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B45146C147 for ; Mon, 2 Apr 2018 04:11:37 +0000 (UTC) (envelope-from jmvandette@securenet.net) Received: from ms.securenet.net (localhost [127.0.0.1]) by ms.securenet.net (Postfix) with ESMTP id 61B8911E22; Mon, 2 Apr 2018 00:11:31 -0400 (EDT) X-Virus-Scanned: by f-prot anti-virus, and clamav anti-virus at SecureNet Inc. Received: from ms.securenet.net ([127.0.0.1]) by ms.securenet.net (ms.securenet.net [127.0.0.1]) (amavisd-new, port 10001) with ESMTP id oFzey2W_QMOt; Mon, 2 Apr 2018 00:11:29 -0400 (EDT) Received: from office.securenet.net (office.securenet.net [205.236.147.3]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ms.securenet.net (Postfix) with ESMTPS id D156411E1F; Mon, 2 Apr 2018 00:11:29 -0400 (EDT) Received: from office.securenet.net (172.16.0.194) by office.securenet.net (172.16.0.194) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1034.26; Mon, 2 Apr 2018 00:11:28 -0400 Received: from office.securenet.net ([fe80::fc2a:207d:850e:3424]) by office.securenet.net ([fe80::fc2a:207d:850e:3424%9]) with mapi id 15.01.1034.033; Mon, 2 Apr 2018 00:11:28 -0400 From: "Jean M. Vandette" To: Erich Dollansky CC: "freebsd-questions@freebsd.org" Subject: Re: gpart recovery FreeBSD 7.4 Thread-Topic: gpart recovery FreeBSD 7.4 Thread-Index: AdPH67s6+2Xno425Q4Gw3Y3ODMy5+wAZ1aOAAAgLB7AAClZQAAAIULXwABRMGwAAAW9JQABQpD8A///CqCw= Date: Mon, 2 Apr 2018 04:11:28 +0000 Message-ID: References: <6b89534c97b14e51b67581e34efac71c@securenet.net> <20180330221523.0b5f8fdd.freebsd.ed.lists@sumeritec.com> <20180331070140.00a1b6fa.freebsd.ed.lists@sumeritec.com> <20180331204056.619965d1.freebsd.ed.lists@sumeritec.com> <3856200b233947ca939e1c5ffa152661@securenet.net>, <20180402115102.08679f26.freebsd.ed.lists@sumeritec.com> In-Reply-To: <20180402115102.08679f26.freebsd.ed.lists@sumeritec.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-avg-scannedformalware-engineversion: 16.0.8039 4793/15532 435436 x-avg-scannedformalware-signature: 5948518D47896C3E8BBA4F03453DB28DA475572966E2494E25D85A99F7B5D2B4 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 04:11:38 -0000 Erich When you say dd the first sector of the disk are you referring to mfid0 itself or the / partition mfid0p3 ? I have all the dd of / Let me know Jean M Vandette Sent from my iPhone > On Apr 1, 2018, at 11:52 PM, Erich Dollansky wrote: > > Hi, > > On Sat, 31 Mar 2018 18:43:06 +0000 > "Jean M. Vandette" wrote: > >> I used the recoverdisk >> root@central:/ # recoverdisk /dev/gpt/root /mnt2/root.img > > I never used this program. > >> I did newfs on the boot then it mounted seems it does not recognize > > That was dangerous. When I have had the problem I really went down to > read the partition information from the disk into a file and tried to > understand it. > > This method helped recently when a disk has had developed so many bad > sectors that it shrank its size during a boot. So, I did the same with > its GPT information, mounted it, made a backup of the last hours of > work and returned it to the manufacturer. > >> I don't have other mount points ie disks to make copy. > > This is a real problem at this stage. > >> the recoverydisk with state 0 says it encountered no errors so it is >> seeing the data (I presume) just it is a binary file it seems. Now >> is the data usable is another question. Using more or less I see a >> lot of binary gibberish so far. > > Yes, the data is all binary. The key to any disk is its first sector. >> >> I don't know if there is a way to write the superblock information >> without losing all the data if you or anyone knows I would appreciate >> the procedure. Did it once before or should say my mentor did it back >> on 3.1 and then was able to fsck and mount the data. > > This is all not a problem but it come much, much later. There is > something wrong with your partitioning tables. I would try to find this > out. > > Get a hex editor of your choice. dd the first sector of the disk, open > it in the editor. I used Wikipedia to provide me with the structure > information of the disk. This all depends how it was partitioned and > later formatted. MBR, GPT ... > > I know that this is hard work and will take time. > > Erich ------------------------------- Checked by AVG. Version: 16.0.8039 / Virus Database: 4793/15532 - Release D= ate: Sun Apr 01 09:04:00 2018. The message does not contain any threats. ------------------------------- From owner-freebsd-questions@freebsd.org Mon Apr 2 04:57:02 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6D145F72884 for ; Mon, 2 Apr 2018 04:57:02 +0000 (UTC) (envelope-from bferrell@baywinds.org) Received: from baywinds.org (50-196-187-248-static.hfc.comcastbusiness.net [50.196.187.248]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "baywinds.org", Issuer "rr-v" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id E17FB6D4D1 for ; Mon, 2 Apr 2018 04:57:01 +0000 (UTC) (envelope-from bferrell@baywinds.org) Received: from [192.0.2.130] (rr-iii [192.0.2.130]) by baywinds.org (8.14.4/8.14.4) with ESMTP id w324ul9S017773; Sun, 1 Apr 2018 21:56:48 -0700 Subject: Re: apache24 ssl setup problems; "unknown protocol" [Solved] To: freebsd@dreamchaser.org, freebsd-questions@freebsd.org References: <3ebae04a-4928-7979-9100-b0c3317a5284@dreamchaser.org> <210673da-f441-491f-7de4-f4bfbadbf5a5@dreamchaser.org> <80dadfa7-ea5f-4027-f862-e1cd39f5694b@baywinds.org> From: Bruce Ferrell Message-ID: <59b606e3-eb2e-34c6-735e-d2ea211d39ee@baywinds.org> Date: Sun, 1 Apr 2018 21:56:47 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-Greylist: inspected by milter-greylist-4.5.12 (baywinds.org [192.0.2.134]); Sun, 01 Apr 2018 21:56:49 -0700 (PDT) for IP:'192.0.2.130' DOMAIN:'rr-iii' HELO:'[192.0.2.130]' FROM:'bferrell@baywinds.org' RCPT:'' X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.12 (baywinds.org [192.0.2.134]); Sun, 01 Apr 2018 21:56:49 -0700 (PDT) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 04:57:02 -0000 On 04/01/2018 07:03 PM, Gary Aitken wrote: > The problem turned out to be an apache configuration error related to > virtual hosts. > > The openssl error message was: >   SSL23_GET_SERVER_HELLO:unknown protocol > > I finally found this article (why I didn't get it on numerous other > searches is somewhat of a mystery): > https://stackoverflow.com/questions/15166950/unable-to-establish-ssl-connection-how-do-i-fix-my-ssl-cert#15168180 > which, while rather outdated in some respects, gives the right hint -- > the error is reported when the server sends back a normal http response > instead of https.  An easy test for this is to try connecting in a > browser to http[no s]://addr:443; if it works, the server isn't using > ssl. > > I had enabled and tweaked extra/httpd-ssl.conf; also httpd-vhosts.conf. > httpd-ssl.conf had ssl enabled so (default from install): >   >     ... >   SSLEngine on > > I had erroneously assumed including httpd-ssl.conf would turn it on > in the general case.  The virtual host definitions were missing the > directive to activate it.  Duh.  It's right there at the top of the > apache web page which I had used when I started... > > Thanks Bruce for your patience. > > Gary > Oops!  I hate it when I do things like that... WAY too often From owner-freebsd-questions@freebsd.org Mon Apr 2 05:05:17 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1B4B2F72F07 for ; Mon, 2 Apr 2018 05:05:17 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6648C6D911 for ; Mon, 2 Apr 2018 05:05:15 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de ([92.195.125.23]) by mrelayeu.kundenserver.de (mreue005 [212.227.15.167]) with ESMTPA (Nemesis) id 0LmgTP-1eTnst1fWd-00aB3U; Mon, 02 Apr 2018 07:05:08 +0200 Date: Mon, 2 Apr 2018 07:05:08 +0200 From: Polytropon To: Waitman Gobble Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD src broken? Message-Id: <20180402070508.ea248b82.freebsd@edvax.de> In-Reply-To: References: <20180402013805.7430aacf.freebsd@edvax.de> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:vu2odDyAbOySutlkgTLZxTTgPcE63B5kegl2g2FSi9mKIZyIeg9 KyRFJLYSO5xJidJbphpGwk5YO1YjHNtBKeCQtbqCcvEjBlloyKV9k4vZPZn+ZA5qvTMAW/h JNOdK0P9LvMD8x/ClYTJLRYzgesTCoY9mzwvrk8s8+xFe4fW1KXIZJd6/u8GcydTdbh9vMh 01wDEMiFAEmzuG8RChdLw== X-UI-Out-Filterresults: notjunk:1;V01:K0:ek1bg4IYxsw=:MTLHEDM9jX76IU02YhMVNY +o2lGxmLB50ehyujInM9TPuEnG3P30npAmZDGPIyWng4e84UrzPGWVTTjcWZrsz9ODQI2Mrlw Z85u8kp6B9Y1tajZAI1gcnCgbP5IeIWhD1ZEcgeV+1PBNiwDziepZ4YYk6onOdlMYWlEzWto1 aMvi9gGDC4hMPmR60PMx6db5P9BdP7RWEEGDpqx+4I4mGYKeYIDXf2aXmHSJa9B+aJOPy3DKH Hx2ekyfvhF8YGft+WLIS/2hh3Ys94YPGnDjn4kzUnY6JvBOJMMoXZLLpRrmWAsaIYMBCUkqRo wVk05mKrHI5BHGsIBBWelqDdljeuiT2X2LD5MfRItSuTHf+k/XJFGE+pEWbpFe+ilXY0nlpyo 45x07G6EIquj+ln7XWVIckB/qG6eWBGRxrgtO28fRfkIsaqCU+S0nztzBRNYiwGoue3UKttV/ 5ZdBxQ7b7Pmu2AxXtqQZu6wYu3sDJiGbCvtmZWVJQySh+e5ZMgAL9XBZuiZYEk25rU/E6AZam x307b7exiSJ8Wp3O2f6r2iGX86bsv31JHC/qXieA45GGKFWVcQUjwTByAvqzQJjahA05myMJ4 FkRtj4ZzwssRCvDFQAJWFBRwscdIyRpqK1Z49O/LEk1vrkydOao/trmdl7TsvyI5rFz0gK41s 3oAuF3RUPOevHZ7qiHBoNqlO2/3JGdBOAH80xsZIaOO45u5PkQFMKDDOjl84UY4fl39QOyjai jPIuE07qjq9pc4ydqmNTUFlQoBfI3bqaSNwgC4AgxXZZr4wGzRJcENCL23E= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 05:05:17 -0000 On Sun, 01 Apr 2018 23:48:03 +0000, Waitman Gobble wrote: > On Sun, Apr 1, 2018, 7:38 PM Polytropon wrote: > > > On Sat, 31 Mar 2018 20:24:42 -0600, Waitman Gobble wrote: > > > On Sat, Mar 31, 2018 at 7:55 PM, Waitman Gobble > > wrote: > > > > Updating src following handbook. > > > > svn update > > > > > > > > updating src fails with checksum mismatch on llvm-objdump/COFFdump.cpp > > > > > > > > I found some suggestions about deleting the directory and trying update > > > > again. Stops on same file. > > > > > > > > is this a problem with the source repository? > > > > > > > > > > > > > > I deleted /usr/src and re-fetched src, seems to be working. I guess > > > svn update 'usually works'. but not always? > > > > Did you previously install (using src.txz) / update / overwrite > > the /usr/src subtree with freebsd-update? > > > > i don't remember, maybe. I have waited for the Intel bs to settle before > updating, i decided its been long enough :) > > deleting /usr/src and pulling a fresh copy solved my problem. I think that might have been the reason: SVN doesn't like to deal with a directory tree it didn't checkout itself. :-) NB: "Combining" portsnap and svn usually leads to this specific kind of problem. Removing the existing tree and starting with a new one typically fixes the problem. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Mon Apr 2 08:39:52 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E2C8CF7CB4C for ; Mon, 2 Apr 2018 08:39:51 +0000 (UTC) (envelope-from freebsd.ed.lists@sumeritec.com) Received: from mx12-out4.antispamcloud.com (mx12-out4.antispamcloud.com [46.165.232.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48D0D747A5 for ; Mon, 2 Apr 2018 08:39:50 +0000 (UTC) (envelope-from freebsd.ed.lists@sumeritec.com) Received: from [153.92.8.106] (helo=srv31.niagahoster.com) by mx5.antispamcloud.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1f2v09-0003fq-2s; Mon, 02 Apr 2018 10:39:42 +0200 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sumeritec.com; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:References:In-Reply-To:Message-ID:Subject:Cc:To:From:Date:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=eQQcZa8jVn9BWdJbe/bWW/lJxgctv70PKwx+mOB5+lM=; b=iHX+/xj2nGv2JReelLnDtAnZaQ eLMBFGKy79I87uqKKDwjcnmVPLYKEDXnSWtfXUy8lTKRNphxbDXJp6+YZGeakzHNyKW0vj+tHJAvq 6hyZ5aYnsmKF3ugq9XJ/O8DxTyKdM75QnLvnEcrzgkn7+SP0BOb8FYx/AP5IZJT9iYNg+MQmCHLVs 3/qKsLAMq8PblNS0/CaZzm6xx5xFVFB63lsDb2nb0Wbdwft54XVU1B5pQCMKi6cKK/Jx/iwkL5Fex HruMQANNMrtbIjWe9cI99YByIITWBW+9yP3VdxvAUXaAyo7uJBm4/ZJV8lDsar6SHvFCqdfc/6HF+ W9vWKX6w==; Received: from [114.125.73.42] (port=35752 helo=X220.sumeritec.com) by srv31.niagahoster.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89_1) (envelope-from ) id 1f2uzI-0007SI-4T; Mon, 02 Apr 2018 15:38:51 +0700 Date: Mon, 2 Apr 2018 16:38:41 +0800 From: Erich Dollansky To: "Jean M. Vandette" Cc: "freebsd-questions@freebsd.org" Subject: Re: gpart recovery FreeBSD 7.4 Message-ID: <20180402163841.1ce3c7d6.freebsd.ed.lists@sumeritec.com> In-Reply-To: References: <6b89534c97b14e51b67581e34efac71c@securenet.net> <20180330221523.0b5f8fdd.freebsd.ed.lists@sumeritec.com> <20180331070140.00a1b6fa.freebsd.ed.lists@sumeritec.com> <20180331204056.619965d1.freebsd.ed.lists@sumeritec.com> <3856200b233947ca939e1c5ffa152661@securenet.net> <20180402115102.08679f26.freebsd.ed.lists@sumeritec.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-OutGoing-Spam-Status: No, score=-0.5 X-AuthUser: freebsd.ed.lists@sumeritec.com X-Originating-IP: 153.92.8.106 X-AntiSpamCloud-Domain: out.niagahoster.com X-AntiSpamCloud-Username: niaga Authentication-Results: antispamcloud.com; auth=pass (login) smtp.auth=niaga@out.niagahoster.com X-AntiSpamCloud-Outgoing-Class: unsure X-AntiSpamCloud-Outgoing-Evidence: Combined (0.13) X-Recommended-Action: accept X-Filter-ID: EX5BVjFpneJeBchSMxfU5tesa6sDxaWU7CGpz8St1IJ602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx q3u0UDjvO4WVEjIK39e0l3PJA6vYUNi1gthAiUJtF1GFtCwOi7APvyegFAN3MVG+8Mu8M+ESLE+f zSH/OCabdgYrKxSFlmxprZdPWqTAoPoTgl30IzxbhIWTGOWL5JeK6lhARSOKiYl9wd8Cdu9P7nDm 4wCNFvqg0pX/EiCaQjCwvIbb0f9hUz0sPgnpAk2KA2vJwMd1uUt3BzD3BTj2qquUN54CizQKmpTP FmEY0niLKkErNSWus8GP9UgT9a22OWfiUN6bqZOK6PpPPiLnZK0jPrVxfycg3cVota3cKdsOcerV 9q18Zn7XXccg9Uaw0uhz0CH6MTAs69FQbooXBmqDtpFld10K+paULmhXyxhOd6sZlmy0OGAefTcE RFakkrUayQpLFru2rhkTlD65vXTMsAKimKUP5KipH16fIljttSwUP0q2fJomEqwEsvuvXyGt8Jcf F1dA/UCQxPI+NFNfQy+MZTMIu3zHZhuDpvEr2AhNHHAWB6pNpHw8EKmGmLtc7rF6sXMcN6qoXPje nLhIOF1oeRbjdshfs+cgS4Kh0OV1IVM/MO7WnSc29W5WzBiHyD5xlojfwKX4pTCpWChnTqJY224Y A/xVRGO7+JWiHUyfHfigZzkrBa9h1GDSVpHpVAtNMlE/ysjG6tUEQD6xEcaTRXv+U40ZuszfG3cE tjztauj7mqSxPldZMaSHluNNllMH5O0Oga7EYa74a3gQnmObb6Ihu1/rdU1t/SWu+yxj6TsA/yB1 Bf3afzpNMCyHCCOoOu9FDEC0qWVO9s1gUOB9E8TKetXaAKfb6c91porY+p1+bzpvRn+S5DHP3/ZY 60+6J6Q5SxnInJFvr+p9fIGahgVlFawbDxpzYifNwA/+CbHAFhW5sHcd0FkjAklkP86zCtkYtIfM ta2Z7X3p/nLlaoZADw8Lk0F6zE7+BzYj4/ypNn8JRlAY1YIkECVE3hYDLA== X-Report-Abuse-To: spam@quarantine1.antispamcloud.com X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 08:39:52 -0000 Hi, On Mon, 2 Apr 2018 04:11:28 +0000 "Jean M. Vandette" wrote: > > When you say dd the first sector of the disk > are you referring to mfid0 itself or the / partition mfid0p3 ? it should be the first sector of the disk /dev/mfid0 Your first post looked very much like some entry here got fucked up. If this sector is fine, you can find out then in there which sectors is the next you have to read and analyse. Because you have used 7.4 it still could be a MBR partitioned disk. I even do not know when computers started to support GPT to book from. Erich From owner-freebsd-questions@freebsd.org Mon Apr 2 13:37:34 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8A0EAF59F18 for ; Mon, 2 Apr 2018 13:37:34 +0000 (UTC) (envelope-from badams@magazines.com) Received: from mail-qt0-x243.google.com (mail-qt0-x243.google.com [IPv6:2607:f8b0:400d:c0d::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 257AA7ED41 for ; Mon, 2 Apr 2018 13:37:34 +0000 (UTC) (envelope-from badams@magazines.com) Received: by mail-qt0-x243.google.com with SMTP id j26so15500592qtl.11 for ; Mon, 02 Apr 2018 06:37:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=magazines-com.20150623.gappssmtp.com; s=20150623; h=date:to:from:reply-to:subject:message-id:mime-version :content-transfer-encoding; bh=Dwzu3ObIqfTIZPF5jyA6hJdft8MmBFQISiqQ7XMOdgs=; b=f+U81rfUtTcw5IQ0mY6pY/lm74wuzCTgVmCBFpM6DS8MS0bNZVCnun5DxlGDXVk3TE B4ZOFLBvlT6Sh50L7T2yjf2uN+RMO2AJVMa89mvlqqjb1CZdHtcYlBoB7c/tYR/MgrOs hs56vJjTaY/gVJPQSZ8LtXGQNXTL7HrqekV6diEn+1l8VXvmueytl5M9uBWH13Lw/y0f jTVMTnyQdksVZ7UdTpz1rWGy9OO55x/nucxHWZf2j1LMOKXciB3+ZDXNF6+LwBVPWhjE aBuqDt74vuA6Qe0xiyc4z2a9iO5vtpCAefxQnMWJRrU5ZnQWEnFSRluw/b9uLqc8f5Wu kdzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:to:from:reply-to:subject:message-id :mime-version:content-transfer-encoding; bh=Dwzu3ObIqfTIZPF5jyA6hJdft8MmBFQISiqQ7XMOdgs=; b=OVycwWVRQHltNew5fXYO1LVco+GugrBfFGzxbYjhdrGk809jogbaekgl9CTlgpIX7K F8AfplYwPOCMCbwLGjmYr0jjzCocuL5RXKtcypcIYl/Z1pLyzQbK0JzwMLn1oFLGUpgU haGJVStasKltAl6auHCKZrhWZy/UnYcMUPjhtpxdakcpJWqG+ImABLT3TEXkwuDHWhnD K5VR5Cw0DKno6e6nPqAiJ8Q3EMQMuv4Rh32BaeDcax8SRP30gnvFUecbqBkagDRGmF9q XcFwi5AYLoLMsBmWROAfFsvASa+NjeGWdJifW+I9p0KyJzci7jgf7vQJ6xjxpcevYb4v jW/w== X-Gm-Message-State: ALQs6tDdlObHqkQQRbi2jFdSvrITCTWVYsW1XGHetzwoJsWAIKObhkwY 7LrwKt4r6dbjSAI7v8PA4uuqfCtVIFM= X-Google-Smtp-Source: AIpwx48HGxffYEDQMqxHWMhYPVem6tPX2MgwLZoedpvH7Hv4lwahW4OyBYMlyYTixPm5WIoWqFraAg== X-Received: by 10.200.55.215 with SMTP id e23mr14327993qtc.158.1522676253286; Mon, 02 Apr 2018 06:37:33 -0700 (PDT) Received: from magazines.com (ec2-54-81-0-34.compute-1.amazonaws.com. [54.81.0.34]) by smtp.gmail.com with ESMTPSA id s39sm318470qts.43.2018.04.02.06.37.31 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 02 Apr 2018 06:37:32 -0700 (PDT) Date: Mon, 2 Apr 2018 13:37:31 +0000 To: freebsd-questions@freebsd.org From: Brittany Adams Reply-To: Brittany Adams Subject: RE: I'd like to form a content partnership Message-ID: <16468364.or_mail@magazines.com> X-Priority: 3 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 13:37:34 -0000 Hi there, I reached out last week but haven't heard back so I wanted to try one last time. I wanted to follow up to see if there was an opportunity to work together! Please see my initial email below. Thanks, Brittany On Mon, Mar 26, 2018 at 1:36 PM, Brittany Adams wrote: Hi there, I reached out last week but haven't heard back. I wanted to follow up to see if there was an opportunity to work together! Please see my initial email below. Thanks, Brittany On Mon, Mar 19, 2018 at 1:41 PM, Brittany Adams wrote: Hello, My name is Brittany, and I just recently came across your site. I’ve really enjoyed your articles and think we have similar readers at our sites. I’m writing because I’d like to contribute something to your site. I work for Natural Healthy Concepts, where we write about a variety of topics in the natural health world. Our work has appeared on Mercola, Utzy, and Organic Newsroom in the past. Based on what I’ve seen of your site, I think we have similar audiences. I was wondering if you would be interested in swapping guest blog posts for each other’s sites. Would you be interested in something like that? I’m certain our followers would come to your site and get more familiar with your brand. This could work out for both of us and lead to exciting opportunities down the road. If you’re not interested in swapping content, I would love the opportunity for Natural Healthy Concepts to write a post for your blog. If this sounds like something you’d be interested in, I’d love to have a conversation about it. My contact information is below. Look forward to hearing from you. Best wishes, Brittany Adams Marketing Coordinator Natural Healthy Concepts 615-778-2113 (w) ​ From owner-freebsd-questions@freebsd.org Mon Apr 2 19:56:59 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 73306F818AC for ; Mon, 2 Apr 2018 19:56:59 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: from mail-yb0-x22e.google.com (mail-yb0-x22e.google.com [IPv6:2607:f8b0:4002:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id F19726F1E2 for ; Mon, 2 Apr 2018 19:56:58 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: by mail-yb0-x22e.google.com with SMTP id d7-v6so5164595ybn.9 for ; Mon, 02 Apr 2018 12:56:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=gQdM7e/Wxl2U08IK8Mtw2EJNv0gpGVl3dtyWHJb8VWQ=; b=I+ThkZCCtSWmtflqhO3x5rv/Yul0U+tEkxEYr20+h/YQ2SesnPYpGSmZgGYCFDhqU5 IBXGaNY4zVhuEgCCCwBNtUOF+xF+v+HzFSUhXZQb5hUQ7KFhCrWqtoVUaYkoH+vb+FyI kWUBdLBaUVqpDhkSVCNk3XQngkqgmEpwEOuZ77PJPb0EGFPhkUxPjBB3r4CfeD1Q2yN6 cXMiVKJ3DgSp9rz2Xm2CLkTf6TAiBW2gCK0RKYgqHhEDKBuZ+rGPSJ8oaOdiigsRfkK1 N+BYc13Bg7MJVxb5c2L9XcRsDEawdwEc8pr77c+vG5MUTqs3ujPyMl2rFuDz054zCtCF 3PzQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=gQdM7e/Wxl2U08IK8Mtw2EJNv0gpGVl3dtyWHJb8VWQ=; b=WNMr+wuDMU+yYT8Ua7VKd6CobJ077rIlFsG9NLSsT+4n7kBA/UFfIoFYSodOttesIJ MjxOZtBYwtGqH//oaPifof6ZhfNx/SSBHbcxr157PyISZTztmAnRsNLl8zrqS0RLsnZw An1kQFRQ9rdAgAr6AnN3Y8RC6VXk86bpgoDiwuZFaoLsITcd4nFwtaPC5Z0aVCx/PrQj utf63PlyTenwPJ6ATnQAkFkViiUas3dRugy63FeLN0kqKz4XzMVsUmt12HrqceXysle7 eLbBC4O6ulUPqlk7ZKoKsdI+y0FF6YlGlFZPTH8iamOd+gdF6OTvG9PpV95MzbI0r+8Y +7aw== X-Gm-Message-State: ALQs6tAeZlbR+GvTFRYyfTg9IE6XLn82r8OAaNRAAby53YkTm0I2ihQG wbTLIhW08Y8PIbXxzVlcPtfS2XRvhY5Pu8bVbznsNQ== X-Google-Smtp-Source: AIpwx4/3oMx4LBjW6FQTcWqIo1yQ96LIuSlZAkuR3BaOg46NL4mumgOC4Cy2eTFi6WFXvHpJR4n4kKCS5NvXGGH05aw= X-Received: by 2002:a25:5609:: with SMTP id k9-v6mr6187186ybb.215.1522699018102; Mon, 02 Apr 2018 12:56:58 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:2e48:0:0:0:0:0 with HTTP; Mon, 2 Apr 2018 12:56:57 -0700 (PDT) From: William Dudley Date: Mon, 2 Apr 2018 15:56:57 -0400 Message-ID: Subject: I broke my Apache 2.4 install and I need help! To: freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 19:56:59 -0000 FreeBSD 10.3 I stupidly obeyed the line "you may delete the httpd.conf file" that I saw when I did "pkg upgrade apache24". I didn't have a backup of that ONE file. I know, stupid. Anyway, now my server is hosed. I'm hosting a handful of domains, and have letsencrypt certs installed, that WERE working fine last week. I'm now getting this error: SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: DH PARAMETERS) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile? And all my virtual hosts are broken (all serving the default page, ignoring the DocumentRoot in the sites-enabled/foo.com.conf files Heaven knows what's broken. I'll PAY someone to ssh into my system and sort it out. Googling error messages isn't working, and I'm just not expert enough on my own to sort this out, apparently. Thanks, Bill Dudley east coast USA This email is free of malware because I run Linux. From owner-freebsd-questions@freebsd.org Mon Apr 2 20:42:07 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 80B0FF83F1C for ; Mon, 2 Apr 2018 20:42:07 +0000 (UTC) (envelope-from matt.xtaz@gmail.com) Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E79AA71116 for ; Mon, 2 Apr 2018 20:42:06 +0000 (UTC) (envelope-from matt.xtaz@gmail.com) Received: by mail-wm0-x230.google.com with SMTP id i3so6104860wmf.3 for ; Mon, 02 Apr 2018 13:42:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-disposition:in-reply-to:user-agent; bh=KJUTN8k5t9YUTxqO3hTTuYfXAU5iLfGK+izyFLtz9JE=; b=uifFoFZ8OwDNfo5puRGcya7ArZ3b9nM+qeAi2ZUsCTHP9YCVa82OeShhSg9FPpJN3i g9L1y5DjMKmC/CuAZM+t/efmETDFbVD4fdFDgdb39BszuUsEZcPQ76v44R/osXn3iO80 4Nv91PhjDn8E5EfXhrRd/nvIJElPhtAWIDXzKSavxT/Yej/mvBfVBpATCbK3iItp4+wE /8Jc70Q3Zwywd/T3ntk02q4t/tpn4UNTdvp9SOxinwpgI6kHGTnKQt9izoo8FjOM1oBH I8xhsiZx2mqQ5jw0nsxXVLOMh3UMilHgPoZz4mJVU8kQXerIKFdiTwjM4WVLYjjFXyvf UllQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id :mail-followup-to:references:mime-version:content-disposition :in-reply-to:user-agent; bh=KJUTN8k5t9YUTxqO3hTTuYfXAU5iLfGK+izyFLtz9JE=; b=rbhAg7WBgS4TH4GM5fqQQWyquwvWbudyDacPRF6+ajLaWd06uraOY2GFCB39REM/5W Q4F1oSNsQeflo12/Ey5cauDoUIwNbBD6WFf+rKfsqJWKXL/3EGA8lN6AbONIKGaHUeJC 2Q+hhack5VglLNVRr659nJW7FHq0vZ/BALUil2zDNqlA0CvAUVG0SDh79XFAaaM4rn2F 8pD7+3+f/nYcWJu1B6J9yazlPP+PwrqA88R8hue+LdWQePp7ljfjVZfceiy3kum5zkBV 7YuN+klFH3qkh92NP23WHxSxK9V62Ql/3cd1I2f0se0tih3gog8nu06WYcctts8qEsG5 Q3RQ== X-Gm-Message-State: AElRT7GzFpqcsT4febJ+45myo4rQgT0IVgWH8E8IxD5/meJeQ2UKLMw9 zKrG1ksam2Y5u2/RLM3X/e0= X-Google-Smtp-Source: AIpwx4+r40JiXFfUKMaRk6nlIBA2xIl9sRhM7v9tGFZgv1s7+6spNNr+rr9l5D6azl024Yl6/7MNBA== X-Received: by 10.28.249.22 with SMTP id x22mr1805601wmh.115.1522701725319; Mon, 02 Apr 2018 13:42:05 -0700 (PDT) Received: from gmail.com (tao.xtaz.uk. [2001:8b0:fe33::10]) by smtp.gmail.com with ESMTPSA id 24sm1490413wrt.60.2018.04.02.13.42.04 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 02 Apr 2018 13:42:04 -0700 (PDT) Date: Mon, 2 Apr 2018 21:42:02 +0100 From: Matt Smith To: William Dudley Cc: freebsd-questions Subject: Re: I broke my Apache 2.4 install and I need help! Message-ID: <20180402204202.GA3145@gmail.com> Mail-Followup-To: Matt Smith , William Dudley , freebsd-questions References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.4 (2018-02-28) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 20:42:07 -0000 On Apr 02 15:56, William Dudley wrote: >FreeBSD 10.3 > >I stupidly obeyed the line "you may delete the httpd.conf file" that >I saw when I did "pkg upgrade apache24". > >I didn't have a backup of that ONE file. I know, stupid. > >Anyway, now my server is hosed. I'm hosting a handful of domains, >and have letsencrypt certs installed, that WERE working fine last week. > >I'm now getting this error: > >SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line >(Expecting: DH PARAMETERS) -- Bad file contents or format - or even just a >forgotten SSLCertificateKeyFile? > >And all my virtual hosts are broken (all serving the default page, ignoring >the >DocumentRoot in the sites-enabled/foo.com.conf files > >Heaven knows what's broken. I'll PAY someone to ssh into my system and >sort it out. Googling error messages isn't working, and I'm just not >expert enough on my own to sort this out, apparently. > >Thanks, >Bill Dudley >east coast USA > >This email is free of malware because I run Linux. Try running pkg upgrade -f apache24 That will force a reinstall of the package and put the now deleted httpd.conf file back again. Which would be enough to get things working again *if* you've never changed anything from the defaults. If you have changed that file then you will have to remember what you changed and make the same changes. And think about getting backups! -- Matt From owner-freebsd-questions@freebsd.org Mon Apr 2 20:57:25 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E240CF84C69 for ; Mon, 2 Apr 2018 20:57:24 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: from mail-yw0-x231.google.com (mail-yw0-x231.google.com [IPv6:2607:f8b0:4002:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7742171BE6 for ; Mon, 2 Apr 2018 20:57:24 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: by mail-yw0-x231.google.com with SMTP id r29so5414745ywa.12 for ; Mon, 02 Apr 2018 13:57:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=z0PbT+jTSx+rnBvRCTWH/Fww1/QuBc7d5MtjYfvsJcs=; b=noIEZMEPamap/TbkLlu6BpNKIJswRzS41SI+DEQmzm/ll2MSkz/Xzmfkrou6Cxq7ha y73JbHpdAaNCuQbZjrG19QmJaQhTOx6TioNS7EDFItObfR2sImyYPIWLZQo+tkIJ2B6H ALV48hSEpH6ROMif5rC39kzGBm7llmFdkaXEO+cUVR2LwYX/CTvpyoHa/4mMZGED4F75 u122NT3e4IXVy3qemdf11WGTRnodz12BOXyNgdDdXvBkZfgb1Q+pJCPE9GklqckMT7xU LgUuD6FyLQNpAAbC4TwiXjVEPqsf7T1LGcDLP5PUdZsdAUmoIOYyuz9n01yZX6WunqYA i/1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=z0PbT+jTSx+rnBvRCTWH/Fww1/QuBc7d5MtjYfvsJcs=; b=O2e4jeAosndVZFwppZxSAuNjcqsBvyVRZ2T8pQDRsULnbRvfjLTKJRqOsbtwHYi0Hm uKiy3vSs+EvMeZhSNo1dfWpRt35pNuhP/Uvf3yH2vEUbUs+vXFV4n4Torq2+lVcEC4uX XbTMV5jKzSWi9mD+82/LoHrlnG44W50B8j0PS11byLRLub6atSwhh/PX+86FAkNWG6AB vfflA00Q16bW1zSCtdEAHDpcGHPBidzO6L4vCZMENuRXr7SYimgH6BcVlNM5S2F28EL7 ej4poQp2/bRXGl/5EtgAQKoy5l0lcemWZKjroMIR8Fhx2U7CUPRUpUxPICCi+waE1FV6 E3kA== X-Gm-Message-State: ALQs6tBiTOp8Du17TMCHwd2HTzZkpVrQQeLfXmKHn+dvC4yMG7Whq6Q1 uibPZ6Ea662PCyxnL/ChEWDWhWsjeq8rwl8/J+A= X-Google-Smtp-Source: AIpwx48nuKM90D3KbxiSIymCZDsmwiY0e5VdW4xRyURaAJyEXD7GTmElKYnethyqq+BhgvPHQN2zVhQW7P1IPUfvffc= X-Received: by 10.129.105.8 with SMTP id e8mr6254719ywc.443.1522702643885; Mon, 02 Apr 2018 13:57:23 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:2e48:0:0:0:0:0 with HTTP; Mon, 2 Apr 2018 13:57:23 -0700 (PDT) In-Reply-To: <20180402204202.GA3145@gmail.com> References: <20180402204202.GA3145@gmail.com> From: William Dudley Date: Mon, 2 Apr 2018 16:57:23 -0400 Message-ID: Subject: Re: I broke my Apache 2.4 install and I need help! To: Matt Smith , freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 20:57:25 -0000 I did as you suggested (I made a backup prior.) (I also have good backups, just not of the file that FreeBSD/Apache said is "no longer needed"). I got this message: "You may need to manually remove /usr/local/etc/apache24/httpd.conf if it is no longer needed." And the re-install didn't re-write that file from my attempt at getting things running. Apache is still totally hosed. I am confused as to why it says httpd.conf is no longer needed, but everything is totally hosed after I removed it. Bill Dudley This email is free of malware because I run Linux. On Mon, Apr 2, 2018 at 4:42 PM, Matt Smith wrote: > On Apr 02 15:56, William Dudley wrote: > >> FreeBSD 10.3 >> >> I stupidly obeyed the line "you may delete the httpd.conf file" that >> I saw when I did "pkg upgrade apache24". >> >> I didn't have a backup of that ONE file. I know, stupid. >> >> Anyway, now my server is hosed. I'm hosting a handful of domains, >> and have letsencrypt certs installed, that WERE working fine last week. >> >> I'm now getting this error: >> >> SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line >> (Expecting: DH PARAMETERS) -- Bad file contents or format - or even just a >> forgotten SSLCertificateKeyFile? >> >> And all my virtual hosts are broken (all serving the default page, >> ignoring >> the >> DocumentRoot in the sites-enabled/foo.com.conf files >> >> Heaven knows what's broken. I'll PAY someone to ssh into my system and >> sort it out. Googling error messages isn't working, and I'm just not >> expert enough on my own to sort this out, apparently. >> >> Thanks, >> Bill Dudley >> east coast USA >> >> This email is free of malware because I run Linux. >> > > Try running pkg upgrade -f apache24 > > That will force a reinstall of the package and put the now deleted > httpd.conf file back again. Which would be enough to get things working > again *if* you've never changed anything from the defaults. > > If you have changed that file then you will have to remember what you > changed and make the same changes. And think about getting backups! > > -- > Matt > From owner-freebsd-questions@freebsd.org Mon Apr 2 21:33:15 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A6FB4F86991 for ; Mon, 2 Apr 2018 21:33:15 +0000 (UTC) (envelope-from matt.xtaz@gmail.com) Received: from mail-wr0-x229.google.com (mail-wr0-x229.google.com [IPv6:2a00:1450:400c:c0c::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2A33173492 for ; Mon, 2 Apr 2018 21:33:15 +0000 (UTC) (envelope-from matt.xtaz@gmail.com) Received: by mail-wr0-x229.google.com with SMTP id d1so15711084wrj.13 for ; Mon, 02 Apr 2018 14:33:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:mail-followup-to:references :mime-version:content-disposition:in-reply-to:user-agent; bh=8caVuxrbMbx7tAcLKdXsANvOI7AfDbW9E4WqzC6/sHM=; b=WRudvRZ5tphBcnaL9m/gr8uoX2oIQ4sBjii5BinQaRY12RBplViajo/ZcV0ev/gQHM ibPmiWvnLXgVyCtZTK33dScA7S7Np+zh9yi5IDufyxtVzPzU77uj2u0G5B8+M23WOtvU mqVX3HAuBYa8aTgVWKXI7I+Jpj3Eu0FXVMpQtDBtZPJt1B6nQuH1wjulFMCbQm4/aFVs O3mYwaUcFiMrsdE38TWmxNCqNqumbsgEAyfbhO39qS5GC2c+QKytrEVV33DNibm+kiZV gpaR3AytR/JLZfqviMlLbd+OLfNw2RJhnxPNPVLc+aQYLckfaryxVIUxiYGsh+OG7fm2 HZcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id :mail-followup-to:references:mime-version:content-disposition :in-reply-to:user-agent; bh=8caVuxrbMbx7tAcLKdXsANvOI7AfDbW9E4WqzC6/sHM=; b=diCv3nXOyb3Jm8vdYHQVRQ/l9ICIaGEHupsX0+6zocMGw7jTgsLsC21CRI6ULoPRuw +2D+we4+1BLU9uZQTUEZqW+f04lWnYak3L1+8ZzZ8H8DZR1RlQ+dUD9aMH4/uNw8F3Kk CIExYBTOBkdipLC55pQQep4qsrM313TX83dsOqIqwShxdLcGSKOFUrlyb6g6pPy7Di4r ymvhSApkCuHwvDOpH1eEePWQpREdMZ3fywEM2ipLyV+t2h63OvZ19wpqdY0k2SdO7iCI Can4p3YRbBpBJTG0QnRARp/VvCX5GVETLoUa9JnDx/VRxPX1pMB8BodUoD0ApB9X+86r d2SA== X-Gm-Message-State: AElRT7HQu/DrLY6ykOpWMcfWgJmRtlWQRei+q1gh2w247tKZ/Kn6uz9d loOh5qHMXXdkgj165zOfajo= X-Google-Smtp-Source: AIpwx4+W6vPKGnjZoqSOioJmP5N04COFVGQ3PJKj2QJrY2LY9WyZO40P5G5GUwjGAwuExEtFKDpX4w== X-Received: by 10.223.161.135 with SMTP id u7mr7989558wru.184.1522704794131; Mon, 02 Apr 2018 14:33:14 -0700 (PDT) Received: from gmail.com (tao.xtaz.uk. [2001:8b0:fe33::10]) by smtp.gmail.com with ESMTPSA id l41sm2627540wrl.2.2018.04.02.14.33.13 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 02 Apr 2018 14:33:13 -0700 (PDT) Date: Mon, 2 Apr 2018 22:33:11 +0100 From: Matt Smith To: William Dudley Cc: freebsd-questions Subject: Re: I broke my Apache 2.4 install and I need help! Message-ID: <20180402213311.GB3145@gmail.com> Mail-Followup-To: Matt Smith , William Dudley , freebsd-questions References: <20180402204202.GA3145@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.4 (2018-02-28) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 21:33:15 -0000 On Apr 02 16:57, William Dudley wrote: >I did as you suggested (I made a backup prior.) (I also have good backups, >just not of the file >that FreeBSD/Apache said is "no longer needed"). > >I got this message: > >"You may need to manually remove /usr/local/etc/apache24/httpd.conf if it >is no longer needed." > >And the re-install didn't re-write that file from my attempt at getting >things running. >Apache is still totally hosed. > >I am confused as to why it says httpd.conf is no longer needed, but >everything is totally hosed >after I removed it. > It's because a pkg upgrade is actually doing a pkg delete and then a pkg install. You are seeing that message because it's telling you that if you no longer want to use apache after deleting it then you can remove that file. But then it's actually installing the upgraded version once again. Ok, next idea. Are there any files called httpd.conf.sample? If so you can probably copy that. Packages usually install a .sample file and then copy them to the proper file if it doesn't already exist. Failing that you may have to move the old apache directory out of the way so it doesn't exist at all and then force the reinstall, copy the file out of it into your original directory, and then move it back again. -- Matt From owner-freebsd-questions@freebsd.org Mon Apr 2 21:55:33 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D7272F87E21 for ; Mon, 2 Apr 2018 21:55:32 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: from mail-yw0-x22a.google.com (mail-yw0-x22a.google.com [IPv6:2607:f8b0:4002:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 70837744D8 for ; Mon, 2 Apr 2018 21:55:32 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: by mail-yw0-x22a.google.com with SMTP id y64so5471936ywa.3 for ; Mon, 02 Apr 2018 14:55:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=2/Gqo0/n5hDUwW/v7v7Z+moK7AA9/ZS95K9QPCh/z+k=; b=Qz9klIBDzg1UTa8oKZ71iz5YCSfPxpIDelLMJs0tuL0/f+/T5Sh4jS6MTW7J5Se02B acwHesydFPfBNyMBQd/7V0Ii6tITeSRakOO33owKybldhz1mnc+lmi+QQefouuhJq4ZZ r0t/RqGB7iO697lZ2S3KM+Gst8/RDQS9+DargHDhXY3x3ACds9O8eTnsOsV5UAD8472C Hrwf/yWdKTDGLFbeuMp26wyFphCMlXnBPNFnqA9JKRKq1Y1vYztKNwCq6btucOb4Kec8 N+bBkej2c9Cb+bKh2wSl5YTtdrRihvOVM4u4tsQcKoMFpL9iwFgHMkQ18HM4iW7Pi6DO pTig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=2/Gqo0/n5hDUwW/v7v7Z+moK7AA9/ZS95K9QPCh/z+k=; b=s80GBGdNE+Wf7Cx/T9S6si6wvwWFua+Jdn053CwYqfBnT1/WyM6cJX+yx0+sLaYdYh hsfbRpCXTBQB0HlYp+1Zh5+Ld6OyiE8khbm1gcpgSNu/dDZuELH/7uMFIKS9xZugc0qx +IElj19FnV6DrrFkbd4sa5S7ad5RuZSgKsmqCT9xC8ro2SdFgPGu/KyXUwwNYY96QhAg YhbwSeoRGehJ8iwAOsxXj22P3deFfd1YOMcSMVa24Bzju3S+4KLZezVUizxXYlW8uCrx r6IcH5MlPXvbllt1LIuWYIyaeGcd/mngJ3CYCicI/T1eny+oxHBq7vfUUfVeBEoTn48e l/EQ== X-Gm-Message-State: AElRT7E/EXt3IpdXYiEVRAHearpCK7upWB60IfhbiNHCzRd+00rqZtq4 ZBzx+nZy2eDf/kxgtiA4ec7uWV6CqdpwaA4w8YU= X-Google-Smtp-Source: AIpwx4+24r1ACwMNJX3yRice/uKl4Pdc67feZN6heRoiw0Y1pq0sRa7i6Zlb1NF9d0If9q7xNy0FrCsLwO7TC+dxMpE= X-Received: by 10.129.26.199 with SMTP id a190mr6524089ywa.207.1522706131783; Mon, 02 Apr 2018 14:55:31 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:2e48:0:0:0:0:0 with HTTP; Mon, 2 Apr 2018 14:55:31 -0700 (PDT) In-Reply-To: <20180402213311.GB3145@gmail.com> References: <20180402204202.GA3145@gmail.com> <20180402213311.GB3145@gmail.com> From: William Dudley Date: Mon, 2 Apr 2018 17:55:31 -0400 Message-ID: Subject: Re: I broke my Apache 2.4 install and I need help! To: Matt Smith , freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 21:55:33 -0000 When I blow away /usr/local/etc/apache24 (really, rename it to something else) and do "pkg upgrade -f apache24", I get the following messages: [1/1] Reinstalling apache24-2.4.33... ===> Creating groups. Using existing group 'www'. ===> Creating users Using existing user 'www'. [1/1] Extracting apache24-2.4.33: 100% You may need to manually remove /usr/local/etc/apache24/extra/httpd-autoindex.conf if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/extra/httpd-dav.conf if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/extra/httpd-default.conf if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/extra/httpd-info.conf if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/extra/httpd-languages.conf if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/extra/httpd-manual.conf if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/extra/httpd-mpm.conf if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/extra/httpd-multilang-errordoc.conf if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/extra/httpd-ssl.conf if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/extra/httpd-userdir.conf if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/extra/httpd-vhosts.conf if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/extra/proxy-html.conf if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/httpd.conf if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/magic if it is no longer needed. You may need to manually remove /usr/local/etc/apache24/mime.types if it is no longer needed. Why does it say this? It makes no sense. This is during the *install* phase, remember. The install creates an httpd.conf which is identical to http.conf.sample, of which I had a copy. Anyway, still hosed. Virtualhosts is totally broken, but apache will serve ONE web site. Bill Dudley This email is free of malware because I run Linux. On Mon, Apr 2, 2018 at 5:33 PM, Matt Smith wrote: > On Apr 02 16:57, William Dudley wrote: > >> I did as you suggested (I made a backup prior.) (I also have good backups, >> just not of the file >> that FreeBSD/Apache said is "no longer needed"). >> >> I got this message: >> >> "You may need to manually remove /usr/local/etc/apache24/httpd.conf if it >> is no longer needed." >> >> And the re-install didn't re-write that file from my attempt at getting >> things running. >> Apache is still totally hosed. >> >> I am confused as to why it says httpd.conf is no longer needed, but >> everything is totally hosed >> after I removed it. >> >> > It's because a pkg upgrade is actually doing a pkg delete and then a pkg > install. You are seeing that message because it's telling you that if you > no longer want to use apache after deleting it then you can remove that > file. But then it's actually installing the upgraded version once again. > > Ok, next idea. Are there any files called httpd.conf.sample? If so you can > probably copy that. Packages usually install a .sample file and then copy > them to the proper file if it doesn't already exist. > > Failing that you may have to move the old apache directory out of the way > so it doesn't exist at all and then force the reinstall, copy the file out > of it into your original directory, and then move it back again. > > -- > Matt > From owner-freebsd-questions@freebsd.org Mon Apr 2 22:01:55 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2D5F7F4F731 for ; Mon, 2 Apr 2018 22:01:55 +0000 (UTC) (envelope-from xxjack12xx@gmail.com) Received: from mail-wm0-x22d.google.com (mail-wm0-x22d.google.com [IPv6:2a00:1450:400c:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9C22D74A89 for ; Mon, 2 Apr 2018 22:01:54 +0000 (UTC) (envelope-from xxjack12xx@gmail.com) Received: by mail-wm0-x22d.google.com with SMTP id p9so28615694wmc.3 for ; Mon, 02 Apr 2018 15:01:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=0q4TKS0Y7ZdseT/rpL80NSsI+TZvpFdLD2FNEv76MLc=; b=q7gb0J3FIRMDpIy44/KOkF3OZY5T10xN/pIUe2CFMFaqrOCnWYGGa0xbxyU9iBEh/M UvV+zmv+WxfKRM4Rh9R4vygw0a0+Etg/lyvf9CRF6EEv/ZXL6Ojeo3jj6dlLn0t1g32g ad1W+moK+6jYEMXJacUIUcJQTmwE5gGEk0LsDBVGIGRZ7woZVqECCVbfEw05l8Op4boG ZYRouA7kxKTb5trFJqmDie4FNi7eDS4G//qM9OW9a4asSM36EDUnvWV8UI6ZM2cu6wex 26/RRmzDPDmhXSwbYrToOiCPabfnQd/RdvWztXN4dxr87elrP5J8gM099X76VTe7Up+x mdXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=0q4TKS0Y7ZdseT/rpL80NSsI+TZvpFdLD2FNEv76MLc=; b=ezFWibLBTaG0El0WdzKbQfVSaurfpgBPokRMIU1WlL5+WWNBFlOQtu/eRA5stXYo1O QNLuIIwIpUcw2xizi52bFRV0wZww/JB3j36AXJkAb30qQF6dn6ZxnapkmeegjyhRCuAH 7QS8rNVkl39C88AbEnJg4xP4vCoKc7QoK3nkMugEYBSlmSfU1ut6lxBZavOxr2AuPGd4 eEAGFvj5c+6WmsI+FXpXP8kt+f6sQmJpo/mMOo8y6WcPq2NkkuwuS3iSixOhR5J344zI C3MHwec45q6uMReO5s26PdnVqX2ZCDlRTY140FrJ2OpsegHtL6g/Ymu19kHpBD0ciVLV jKXA== X-Gm-Message-State: ALQs6tAeBMS7V7ZoYUYCpHS0pgOCbsNnyM3k0cQiriN04sWTR/WWh2w+ Zp2F8WQKNMrCSYBTwW9scy5hYreFOyN6FBwHQqI= X-Google-Smtp-Source: AIpwx4/ad7Rk/FlsJ5YUtBkHZSXvGglntpO1K3cf7bGnnDMc0bc8m8eWKOXvQa50iipy9Mk1JbUzxUW7TBKQvs7BPco= X-Received: by 10.28.112.11 with SMTP id l11mr1842993wmc.31.1522706512910; Mon, 02 Apr 2018 15:01:52 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.147.130 with HTTP; Mon, 2 Apr 2018 15:01:12 -0700 (PDT) In-Reply-To: References: <20180402204202.GA3145@gmail.com> <20180402213311.GB3145@gmail.com> From: "Jack L." Date: Mon, 2 Apr 2018 15:01:12 -0700 Message-ID: Subject: Re: I broke my Apache 2.4 install and I need help! To: William Dudley Cc: Matt Smith , freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 22:01:55 -0000 That's probably because when you reinstall something, it does a remove and then an install after. [1/1] Reinstalling apache24-2.4.33... On Mon, Apr 2, 2018 at 2:55 PM, William Dudley wrote: > When I blow away /usr/local/etc/apache24 (really, rename it to something > else) > and do "pkg upgrade -f apache24", I get the following messages: > > [1/1] Reinstalling apache24-2.4.33... > ===> Creating groups. > Using existing group 'www'. > ===> Creating users > Using existing user 'www'. > [1/1] Extracting apache24-2.4.33: 100% > You may need to manually remove > /usr/local/etc/apache24/extra/httpd-autoindex.conf if it is no longer > needed. > You may need to manually remove > /usr/local/etc/apache24/extra/httpd-dav.conf if it is no longer needed. > You may need to manually remove > /usr/local/etc/apache24/extra/httpd-default.conf if it is no longer > needed. > You may need to manually remove > /usr/local/etc/apache24/extra/httpd-info.conf if it is no longer needed. > You may need to manually remove > /usr/local/etc/apache24/extra/httpd-languages.conf if it is no longer > needed. > You may need to manually remove > /usr/local/etc/apache24/extra/httpd-manual.conf if it is no longer needed. > You may need to manually remove > /usr/local/etc/apache24/extra/httpd-mpm.conf if it is no longer needed. > You may need to manually remove > /usr/local/etc/apache24/extra/httpd-multilang-errordoc.conf if it is no > longer needed. > You may need to manually remove > /usr/local/etc/apache24/extra/httpd-ssl.conf if it is no longer needed. > You may need to manually remove > /usr/local/etc/apache24/extra/httpd-userdir.conf if it is no longer > needed. > You may need to manually remove > /usr/local/etc/apache24/extra/httpd-vhosts.conf if it is no longer needed. > You may need to manually remove > /usr/local/etc/apache24/extra/proxy-html.conf if it is no longer needed. > You may need to manually remove /usr/local/etc/apache24/httpd.conf if it > is > no longer needed. > You may need to manually remove /usr/local/etc/apache24/magic if it is no > longer needed. > You may need to manually remove /usr/local/etc/apache24/mime.types if it > is > no longer needed. > > Why does it say this? It makes no sense. This is during the *install* > phase, remember. > The install creates an httpd.conf which is identical to http.conf.sample, > of which I had a copy. > > Anyway, still hosed. Virtualhosts is totally broken, but apache will serve > ONE web site. > > Bill Dudley > > > This email is free of malware because I run Linux. > > On Mon, Apr 2, 2018 at 5:33 PM, Matt Smith wrote: > > > On Apr 02 16:57, William Dudley wrote: > > > >> I did as you suggested (I made a backup prior.) (I also have good > backups, > >> just not of the file > >> that FreeBSD/Apache said is "no longer needed"). > >> > >> I got this message: > >> > >> "You may need to manually remove /usr/local/etc/apache24/httpd.conf if > it > >> is no longer needed." > >> > >> And the re-install didn't re-write that file from my attempt at getting > >> things running. > >> Apache is still totally hosed. > >> > >> I am confused as to why it says httpd.conf is no longer needed, but > >> everything is totally hosed > >> after I removed it. > >> > >> > > It's because a pkg upgrade is actually doing a pkg delete and then a pkg > > install. You are seeing that message because it's telling you that if you > > no longer want to use apache after deleting it then you can remove that > > file. But then it's actually installing the upgraded version once again. > > > > Ok, next idea. Are there any files called httpd.conf.sample? If so you > can > > probably copy that. Packages usually install a .sample file and then copy > > them to the proper file if it doesn't already exist. > > > > Failing that you may have to move the old apache directory out of the way > > so it doesn't exist at all and then force the reinstall, copy the file > out > > of it into your original directory, and then move it back again. > > > > -- > > Matt > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" > From owner-freebsd-questions@freebsd.org Mon Apr 2 22:21:25 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3CAE3F5308F for ; Mon, 2 Apr 2018 22:21:25 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: from mail-yw0-x22f.google.com (mail-yw0-x22f.google.com [IPv6:2607:f8b0:4002:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C937E75B68 for ; Mon, 2 Apr 2018 22:21:24 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: by mail-yw0-x22f.google.com with SMTP id v130so5493084ywa.0 for ; Mon, 02 Apr 2018 15:21:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:cc; bh=mieARsMe5D4fFSvPdBVyDqVTekrXYx1Uj/laopjTB48=; b=ifKU/aPh+86lKamFOk5f/X6yaVHRJKLXrcnmWKqA/xugWGpLHQfIG2nswWXstX0w75 Zk/MMlw7AqLKmWUu4teZXKkMjlvxOPrv2knIsBuY5eHM6vFKSKi42ZlcfowmJgR9XYgw yB5cHlK9GxW0ZbOZ/oLcGzNMHDC+NijWsUjzoKiiIO7D74wJj6aEf4aN3OedDSBDToAR CCc8LXLQWXtH7KKrotYej9fJVDwyS2axxODlBrjE9kGMLsUzElNnwm8JwTsVXE+DAbA3 UFD/NkF/OdPx/VK75kOCE4cj29tbr6Pbt63zHJjWRZsRKhKRSswwaWrUciCY87pHv1J/ 9iLA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:cc; bh=mieARsMe5D4fFSvPdBVyDqVTekrXYx1Uj/laopjTB48=; b=cKN/jY0ikms5BHXpwQklARmYzbi/dH4wnnKYn5t+wKWVwUodkd6yB1xv3G7jlBEJHv TWx0k7f1hfDT7i2QiemYkAKBMzQBn3UBEHK+XYtCo8JHQ0/AtJlOJVhDrIh3hOaf4n0y ZLiRWH1h/PxlpexGoGNEz5oBE56VyRqu2IqriiXkhyg7A7BEja9Dj3MXaVhNK3fVwfEF nR93IS0jQ6/F5cQc3rxslZSE/vh80aT76rrzyGktNuX9qNE+oWu9ks0dA/CHuVqbrHow IhGuAj762BoBGiBlwc/NnUhhR0O0sEtJ2qCJYHtYiERxDhcA0L3dtLj/OD0Ojn1V90tn Uhhg== X-Gm-Message-State: AElRT7GsKQOaDureG3teUNN2RrTpeAlA8DbV3aqPnCoMmcuQ44ohJDRN pmyGTbs9UcoSTpQmkxzdU09N3SL3nrF/lwfAswk= X-Google-Smtp-Source: AIpwx4/eIsiuHgkQrFmGzVsvZ82eWsukTGTDF0lSrljwKChBf0oAwg7OWcAxUiM2k2QsxkvmIROvgg8r7BrEZW0QVAI= X-Received: by 10.129.26.199 with SMTP id a190mr6568016ywa.207.1522707683937; Mon, 02 Apr 2018 15:21:23 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:2e48:0:0:0:0:0 with HTTP; Mon, 2 Apr 2018 15:21:23 -0700 (PDT) In-Reply-To: References: <20180402204202.GA3145@gmail.com> <20180402213311.GB3145@gmail.com> From: William Dudley Date: Mon, 2 Apr 2018 18:21:23 -0400 Message-ID: Subject: Re: I broke my Apache 2.4 install and I need help! Cc: freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 22:21:25 -0000 I also installed the openssl package recently because of scary warnings when I upgraded apache24, saying that the base openssl was "not upgradeable". Is the openssl pkg a problem with apache ssl? That also seems broken. Bill Dudley This email is free of malware because I run Linux. On Mon, Apr 2, 2018 at 6:01 PM, Jack L. wrote: > That's probably because when you reinstall something, it does a remove and > then an install after. > > [1/1] Reinstalling apache24-2.4.33... > > On Mon, Apr 2, 2018 at 2:55 PM, William Dudley wrote: > >> When I blow away /usr/local/etc/apache24 (really, rename it to something >> else) >> and do "pkg upgrade -f apache24", I get the following messages: >> >> [1/1] Reinstalling apache24-2.4.33... >> ===> Creating groups. >> Using existing group 'www'. >> ===> Creating users >> Using existing user 'www'. >> [1/1] Extracting apache24-2.4.33: 100% >> You may need to manually remove >> /usr/local/etc/apache24/extra/httpd-autoindex.conf if it is no longer >> needed. >> You may need to manually remove >> /usr/local/etc/apache24/extra/httpd-dav.conf if it is no longer needed. >> You may need to manually remove >> /usr/local/etc/apache24/extra/httpd-default.conf if it is no longer >> needed. >> You may need to manually remove >> /usr/local/etc/apache24/extra/httpd-info.conf if it is no longer needed. >> You may need to manually remove >> /usr/local/etc/apache24/extra/httpd-languages.conf if it is no longer >> needed. >> You may need to manually remove >> /usr/local/etc/apache24/extra/httpd-manual.conf if it is no longer >> needed. >> You may need to manually remove >> /usr/local/etc/apache24/extra/httpd-mpm.conf if it is no longer needed. >> You may need to manually remove >> /usr/local/etc/apache24/extra/httpd-multilang-errordoc.conf if it is no >> longer needed. >> You may need to manually remove >> /usr/local/etc/apache24/extra/httpd-ssl.conf if it is no longer needed. >> You may need to manually remove >> /usr/local/etc/apache24/extra/httpd-userdir.conf if it is no longer >> needed. >> You may need to manually remove >> /usr/local/etc/apache24/extra/httpd-vhosts.conf if it is no longer >> needed. >> You may need to manually remove >> /usr/local/etc/apache24/extra/proxy-html.conf if it is no longer needed. >> You may need to manually remove /usr/local/etc/apache24/httpd.conf if it >> is >> no longer needed. >> You may need to manually remove /usr/local/etc/apache24/magic if it is no >> longer needed. >> You may need to manually remove /usr/local/etc/apache24/mime.types if it >> is >> no longer needed. >> >> Why does it say this? It makes no sense. This is during the *install* >> phase, remember. >> The install creates an httpd.conf which is identical to http.conf.sample, >> of which I had a copy. >> >> Anyway, still hosed. Virtualhosts is totally broken, but apache will >> serve >> ONE web site. >> >> Bill Dudley >> >> >> This email is free of malware because I run Linux. >> >> On Mon, Apr 2, 2018 at 5:33 PM, Matt Smith wrote: >> >> > On Apr 02 16:57, William Dudley wrote: >> > >> >> I did as you suggested (I made a backup prior.) (I also have good >> backups, >> >> just not of the file >> >> that FreeBSD/Apache said is "no longer needed"). >> >> >> >> I got this message: >> >> >> >> "You may need to manually remove /usr/local/etc/apache24/httpd.conf >> if it >> >> is no longer needed." >> >> >> >> And the re-install didn't re-write that file from my attempt at getting >> >> things running. >> >> Apache is still totally hosed. >> >> >> >> I am confused as to why it says httpd.conf is no longer needed, but >> >> everything is totally hosed >> >> after I removed it. >> >> >> >> >> > It's because a pkg upgrade is actually doing a pkg delete and then a pkg >> > install. You are seeing that message because it's telling you that if >> you >> > no longer want to use apache after deleting it then you can remove that >> > file. But then it's actually installing the upgraded version once again. >> > >> > Ok, next idea. Are there any files called httpd.conf.sample? If so you >> can >> > probably copy that. Packages usually install a .sample file and then >> copy >> > them to the proper file if it doesn't already exist. >> > >> > Failing that you may have to move the old apache directory out of the >> way >> > so it doesn't exist at all and then force the reinstall, copy the file >> out >> > of it into your original directory, and then move it back again. >> > >> > -- >> > Matt >> > >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe >> @freebsd.org" >> > > From owner-freebsd-questions@freebsd.org Mon Apr 2 22:26:36 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 00B03F53853 for ; Mon, 2 Apr 2018 22:26:36 +0000 (UTC) (envelope-from xxjack12xx@gmail.com) Received: from mail-wm0-x233.google.com (mail-wm0-x233.google.com [IPv6:2a00:1450:400c:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 659A475F56 for ; Mon, 2 Apr 2018 22:26:35 +0000 (UTC) (envelope-from xxjack12xx@gmail.com) Received: by mail-wm0-x233.google.com with SMTP id o23so13144212wmf.0 for ; Mon, 02 Apr 2018 15:26:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=HFSVTxSHN902kCO6m8kWgXBdSJ6+GNKzGLYxi4Q3qYM=; b=NNXlyVeuhKsN0X7CZQrycX4LbviM2q/7g9ck6pg0USwWDgI5HYCzF1hz8GW+QJ2z6D 6mk8IquHse3bj4Q6Souj0EY/OB6MLza4/Vloos2znFuWHOtdg4LTBpk3CEfj5KVEOrQe ciztZS0zNGfL6PoGRGFXh4+4JGHRvKukfQZUltegAkNCpZxPBsix7owy6U9CW92BDQpq GDhjWevro72agNT/z2JJ/Q9iiIiaRpGmyHI4AgWs0S3g4dW/5PME93nG6WJxmpk0q56N fJHThYNFWKRF42oM/Fr4oxhFnuoecTHsmiBdl2AHvtxAzdoWjJNCSMOWmZHDGHbORg46 kllg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=HFSVTxSHN902kCO6m8kWgXBdSJ6+GNKzGLYxi4Q3qYM=; b=ZZEki8x7tEAakS9p3ZTAupAHISBALwg3EJUTb55MIM+0a/fJUIlBpyKDYDr0wu6O/f taFBZo6uMYgb82Ij7kyoUaAEMixRQJpFzTS4xN50zHreXxrndWRVWwQriiyo51QPD7dX H7JjJTkHcNho+Q0Ih6NCyyEJTesGrtDWifBoBuUrj3M/pskNqy3gd12DsIjzxNOvCkAc AYTur8kKdPr9Z6Q2AKL0JGd8a3a3/E53kcgorJNoFtwq0fdYAPKwhpHVW1WHP3uyysTQ mLs0uNeFdYEkuKnE6DEHBda2usSel6/wjTMS0oPEkYaB52dmveRyvI20AAirn+gaI14m r/qg== X-Gm-Message-State: AElRT7Hqqc0VePUn3tlBweKNHqBRWCHmHmNemus2dUZPCExaaNWy7Nf6 gZo/oNHOs/nWWyDNsoBYXwaYW31QmLs25h5UCwY= X-Google-Smtp-Source: AIpwx49Buq0fzx4TSUay6VVYRyElOVJccFv27zqCJ/ajOpp334QarWODgsJIwYzTknK7lbon2yBPPRy6n+j6NMVFYlU= X-Received: by 10.28.103.10 with SMTP id b10mr1989976wmc.132.1522707994256; Mon, 02 Apr 2018 15:26:34 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.147.130 with HTTP; Mon, 2 Apr 2018 15:25:53 -0700 (PDT) In-Reply-To: References: <20180402204202.GA3145@gmail.com> <20180402213311.GB3145@gmail.com> From: "Jack L." Date: Mon, 2 Apr 2018 15:25:53 -0700 Message-ID: Subject: Re: I broke my Apache 2.4 install and I need help! To: William Dudley Cc: freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 22:26:36 -0000 what version of freebsd are you using? how did you try to upgrade openssl? what was the message? On Mon, Apr 2, 2018 at 3:21 PM, William Dudley wrote: > I also installed the openssl package recently because of scary warnings > when I upgraded apache24, > saying that the base openssl was "not upgradeable". > > Is the openssl pkg a problem with apache ssl? That also seems broken. > > Bill Dudley > > > This email is free of malware because I run Linux. > > On Mon, Apr 2, 2018 at 6:01 PM, Jack L. wrote: > > > That's probably because when you reinstall something, it does a remove > and > > then an install after. > > > > [1/1] Reinstalling apache24-2.4.33... > > > > On Mon, Apr 2, 2018 at 2:55 PM, William Dudley > wrote: > > > >> When I blow away /usr/local/etc/apache24 (really, rename it to something > >> else) > >> and do "pkg upgrade -f apache24", I get the following messages: > >> > >> [1/1] Reinstalling apache24-2.4.33... > >> ===> Creating groups. > >> Using existing group 'www'. > >> ===> Creating users > >> Using existing user 'www'. > >> [1/1] Extracting apache24-2.4.33: 100% > >> You may need to manually remove > >> /usr/local/etc/apache24/extra/httpd-autoindex.conf if it is no longer > >> needed. > >> You may need to manually remove > >> /usr/local/etc/apache24/extra/httpd-dav.conf if it is no longer needed. > >> You may need to manually remove > >> /usr/local/etc/apache24/extra/httpd-default.conf if it is no longer > >> needed. > >> You may need to manually remove > >> /usr/local/etc/apache24/extra/httpd-info.conf if it is no longer > needed. > >> You may need to manually remove > >> /usr/local/etc/apache24/extra/httpd-languages.conf if it is no longer > >> needed. > >> You may need to manually remove > >> /usr/local/etc/apache24/extra/httpd-manual.conf if it is no longer > >> needed. > >> You may need to manually remove > >> /usr/local/etc/apache24/extra/httpd-mpm.conf if it is no longer needed. > >> You may need to manually remove > >> /usr/local/etc/apache24/extra/httpd-multilang-errordoc.conf if it is no > >> longer needed. > >> You may need to manually remove > >> /usr/local/etc/apache24/extra/httpd-ssl.conf if it is no longer needed. > >> You may need to manually remove > >> /usr/local/etc/apache24/extra/httpd-userdir.conf if it is no longer > >> needed. > >> You may need to manually remove > >> /usr/local/etc/apache24/extra/httpd-vhosts.conf if it is no longer > >> needed. > >> You may need to manually remove > >> /usr/local/etc/apache24/extra/proxy-html.conf if it is no longer > needed. > >> You may need to manually remove /usr/local/etc/apache24/httpd.conf if > it > >> is > >> no longer needed. > >> You may need to manually remove /usr/local/etc/apache24/magic if it is > no > >> longer needed. > >> You may need to manually remove /usr/local/etc/apache24/mime.types if > it > >> is > >> no longer needed. > >> > >> Why does it say this? It makes no sense. This is during the *install* > >> phase, remember. > >> The install creates an httpd.conf which is identical to > http.conf.sample, > >> of which I had a copy. > >> > >> Anyway, still hosed. Virtualhosts is totally broken, but apache will > >> serve > >> ONE web site. > >> > >> Bill Dudley > >> > >> > >> This email is free of malware because I run Linux. > >> > >> On Mon, Apr 2, 2018 at 5:33 PM, Matt Smith wrote: > >> > >> > On Apr 02 16:57, William Dudley wrote: > >> > > >> >> I did as you suggested (I made a backup prior.) (I also have good > >> backups, > >> >> just not of the file > >> >> that FreeBSD/Apache said is "no longer needed"). > >> >> > >> >> I got this message: > >> >> > >> >> "You may need to manually remove /usr/local/etc/apache24/httpd.conf > >> if it > >> >> is no longer needed." > >> >> > >> >> And the re-install didn't re-write that file from my attempt at > getting > >> >> things running. > >> >> Apache is still totally hosed. > >> >> > >> >> I am confused as to why it says httpd.conf is no longer needed, but > >> >> everything is totally hosed > >> >> after I removed it. > >> >> > >> >> > >> > It's because a pkg upgrade is actually doing a pkg delete and then a > pkg > >> > install. You are seeing that message because it's telling you that if > >> you > >> > no longer want to use apache after deleting it then you can remove > that > >> > file. But then it's actually installing the upgraded version once > again. > >> > > >> > Ok, next idea. Are there any files called httpd.conf.sample? If so you > >> can > >> > probably copy that. Packages usually install a .sample file and then > >> copy > >> > them to the proper file if it doesn't already exist. > >> > > >> > Failing that you may have to move the old apache directory out of the > >> way > >> > so it doesn't exist at all and then force the reinstall, copy the file > >> out > >> > of it into your original directory, and then move it back again. > >> > > >> > -- > >> > Matt > >> > > >> _______________________________________________ > >> freebsd-questions@freebsd.org mailing list > >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions > >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe > >> @freebsd.org" > >> > > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" > From owner-freebsd-questions@freebsd.org Mon Apr 2 22:41:02 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D03DAF546DA for ; Mon, 2 Apr 2018 22:41:01 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: from mail-yw0-x231.google.com (mail-yw0-x231.google.com [IPv6:2607:f8b0:4002:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 611017677F for ; Mon, 2 Apr 2018 22:41:01 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: by mail-yw0-x231.google.com with SMTP id y64so5503222ywa.3 for ; Mon, 02 Apr 2018 15:41:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:cc; bh=9kJaeY0Cxqh80y8uEH+8IAjjXx3sy4uWgYe73pHtQLk=; b=HLC9BQ1H5e5LVbRpEvmwoyCZY8PfK63HLxz1bbC4F3YknBY0nxa4pU0V8FqKLrMYEO k9wptn4is81UhSyyRmiA/p2shLn12xsTyLt5CmVOv6BJk+L+/lnvNc78/JjMzOs049xH H1D+XL3vtNSWN947gFvQKl/C7f4VZ1USRAx01rFnuJL3l5UdNC3Cm6ph4h8H2Z3Z3+fk C+MKDJ4W+UqEln0cVNYxTWoc4VGT4vgjfimKizks53JkvTGMeePGRTPxgwtO9308wiYt NXtX3cWsr4WOjHA20FQUclllCkW+I/vu8+P+wyMOgTA7NQB7IUt4Mm/Nb4O9f2u0wDkM cP+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:cc; bh=9kJaeY0Cxqh80y8uEH+8IAjjXx3sy4uWgYe73pHtQLk=; b=R/VykVgDfDV1cdmSGyrPGEVzY1iQ/yolPBF1lJUe5tTjtk87sVP28X1+wxWbiQkrCd q/TXey0ccGxOkLrZHPDZqSUt188TVsToeKCr3achY82i3dHSVL3RvG09PlKceItpf2Se nXPIbRHgH6ZopcKvnY8LPWeidcIbjwrS8ppNCLvNOZlkGXYbvNq3FXcJMTW5N1x4EH6F 6uMml3Apic0FHqmh/hGLioT90FuDFnVOrTdpowaszRzsl1KrnOCL5hv4Ym/4iZzOIxHe JxxySCtQ2GI12jUXgI/CSw9JRV7E/uzd0AwxgxuWUXzW3d90VV1uW+zJ7K9Mv8H/sWrJ bygw== X-Gm-Message-State: AElRT7EgrzmcdfsgMq5nN8ft2vHxG/oWgn0y6dVyQotiBdnBgTEvDp48 2GyMe+1das/fk/U4KYd4fq3fx8kt2pxEiW/fuMp4OQ== X-Google-Smtp-Source: AIpwx4+JJK913zt1/IL2/5n4jqdXZmMJSvbrjAas76XlJKMo+nwjv0Cb95p26A1Y8QShrpwDfFEitBJEV3tE0LCwLPw= X-Received: by 10.13.235.204 with SMTP id u195mr6796622ywe.302.1522708860488; Mon, 02 Apr 2018 15:41:00 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:2e48:0:0:0:0:0 with HTTP; Mon, 2 Apr 2018 15:40:59 -0700 (PDT) In-Reply-To: References: <20180402204202.GA3145@gmail.com> <20180402213311.GB3145@gmail.com> From: William Dudley Date: Mon, 2 Apr 2018 18:40:59 -0400 Message-ID: Subject: Re: I broke my Apache 2.4 install and I need help! Cc: freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 22:41:02 -0000 As stated at the top of the thread, this is FreeBSD 10.3 Here's the scary message that you get when you install apache24 from a package: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !! mod_http2 on FreeBSD with OpenSSL from base results in a mostly !! !! functionally unusable module due to lack of "Upgrade" !! !! capability in OpenSSL 1.0.1. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! I installed openssl by doing "pkg install openssl" I've managed to get my apache install working without any SSL stuff running. That's progress. Bill Dudley This email is free of malware because I run Linux. On Mon, Apr 2, 2018 at 6:25 PM, Jack L. wrote: > what version of freebsd are you using? how did you try to upgrade openssl? > what was the message? > > On Mon, Apr 2, 2018 at 3:21 PM, William Dudley wrote: > >> I also installed the openssl package recently because of scary warnings >> when I upgraded apache24, >> saying that the base openssl was "not upgradeable". >> >> Is the openssl pkg a problem with apache ssl? That also seems broken. >> >> Bill Dudley >> >> >> This email is free of malware because I run Linux. >> >> On Mon, Apr 2, 2018 at 6:01 PM, Jack L. wrote: >> >> > That's probably because when you reinstall something, it does a remove >> and >> > then an install after. >> > >> > [1/1] Reinstalling apache24-2.4.33... >> > >> > On Mon, Apr 2, 2018 at 2:55 PM, William Dudley >> wrote: >> > >> >> When I blow away /usr/local/etc/apache24 (really, rename it to >> something >> >> else) >> >> and do "pkg upgrade -f apache24", I get the following messages: >> >> >> >> [1/1] Reinstalling apache24-2.4.33... >> >> ===> Creating groups. >> >> Using existing group 'www'. >> >> ===> Creating users >> >> Using existing user 'www'. >> >> [1/1] Extracting apache24-2.4.33: 100% >> >> You may need to manually remove >> >> /usr/local/etc/apache24/extra/httpd-autoindex.conf if it is no longer >> >> needed. >> >> You may need to manually remove >> >> /usr/local/etc/apache24/extra/httpd-dav.conf if it is no longer >> needed. >> >> You may need to manually remove >> >> /usr/local/etc/apache24/extra/httpd-default.conf if it is no longer >> >> needed. >> >> You may need to manually remove >> >> /usr/local/etc/apache24/extra/httpd-info.conf if it is no longer >> needed. >> >> You may need to manually remove >> >> /usr/local/etc/apache24/extra/httpd-languages.conf if it is no longer >> >> needed. >> >> You may need to manually remove >> >> /usr/local/etc/apache24/extra/httpd-manual.conf if it is no longer >> >> needed. >> >> You may need to manually remove >> >> /usr/local/etc/apache24/extra/httpd-mpm.conf if it is no longer >> needed. >> >> You may need to manually remove >> >> /usr/local/etc/apache24/extra/httpd-multilang-errordoc.conf if it is >> no >> >> longer needed. >> >> You may need to manually remove >> >> /usr/local/etc/apache24/extra/httpd-ssl.conf if it is no longer >> needed. >> >> You may need to manually remove >> >> /usr/local/etc/apache24/extra/httpd-userdir.conf if it is no longer >> >> needed. >> >> You may need to manually remove >> >> /usr/local/etc/apache24/extra/httpd-vhosts.conf if it is no longer >> >> needed. >> >> You may need to manually remove >> >> /usr/local/etc/apache24/extra/proxy-html.conf if it is no longer >> needed. >> >> You may need to manually remove /usr/local/etc/apache24/httpd.conf if >> it >> >> is >> >> no longer needed. >> >> You may need to manually remove /usr/local/etc/apache24/magic if it is >> no >> >> longer needed. >> >> You may need to manually remove /usr/local/etc/apache24/mime.types if >> it >> >> is >> >> no longer needed. >> >> >> >> Why does it say this? It makes no sense. This is during the *install* >> >> phase, remember. >> >> The install creates an httpd.conf which is identical to >> http.conf.sample, >> >> of which I had a copy. >> >> >> >> Anyway, still hosed. Virtualhosts is totally broken, but apache will >> >> serve >> >> ONE web site. >> >> >> >> Bill Dudley >> >> >> >> >> >> This email is free of malware because I run Linux. >> >> >> >> On Mon, Apr 2, 2018 at 5:33 PM, Matt Smith >> wrote: >> >> >> >> > On Apr 02 16:57, William Dudley wrote: >> >> > >> >> >> I did as you suggested (I made a backup prior.) (I also have good >> >> backups, >> >> >> just not of the file >> >> >> that FreeBSD/Apache said is "no longer needed"). >> >> >> >> >> >> I got this message: >> >> >> >> >> >> "You may need to manually remove /usr/local/etc/apache24/httpd.conf >> >> if it >> >> >> is no longer needed." >> >> >> >> >> >> And the re-install didn't re-write that file from my attempt at >> getting >> >> >> things running. >> >> >> Apache is still totally hosed. >> >> >> >> >> >> I am confused as to why it says httpd.conf is no longer needed, but >> >> >> everything is totally hosed >> >> >> after I removed it. >> >> >> >> >> >> >> >> > It's because a pkg upgrade is actually doing a pkg delete and then a >> pkg >> >> > install. You are seeing that message because it's telling you that if >> >> you >> >> > no longer want to use apache after deleting it then you can remove >> that >> >> > file. But then it's actually installing the upgraded version once >> again. >> >> > >> >> > Ok, next idea. Are there any files called httpd.conf.sample? If so >> you >> >> can >> >> > probably copy that. Packages usually install a .sample file and then >> >> copy >> >> > them to the proper file if it doesn't already exist. >> >> > >> >> > Failing that you may have to move the old apache directory out of the >> >> way >> >> > so it doesn't exist at all and then force the reinstall, copy the >> file >> >> out >> >> > of it into your original directory, and then move it back again. >> >> > >> >> > -- >> >> > Matt >> >> > >> >> _______________________________________________ >> >> freebsd-questions@freebsd.org mailing list >> >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >> >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe >> >> @freebsd.org" >> >> >> > >> > >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe >> @freebsd.org" >> > > From owner-freebsd-questions@freebsd.org Mon Apr 2 22:46:42 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CAEC2F54DB6 for ; Mon, 2 Apr 2018 22:46:41 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: from mail-yw0-x22f.google.com (mail-yw0-x22f.google.com [IPv6:2607:f8b0:4002:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4757076ACE for ; Mon, 2 Apr 2018 22:46:41 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: by mail-yw0-x22f.google.com with SMTP id y23so5504567ywy.4 for ; Mon, 02 Apr 2018 15:46:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:cc; bh=NQxEYru0Q2iLfxgiWHgziJSVGHxVLspzOpNXJT9vtNc=; b=BJM7Z4TPZKmDBOXgXyLZr+21azVEShWp8LjRKu9nh6YgYAoGDZVSDCWPGO1sEzXhVv XsKa+Z8Z2ok3/8ZOnS6uj3vNHh9rm+88dUlM3+tYBeD5S6Xc2JBgziG2VMNwLuNXBOAz SpXGzpwveKrTzW7bfQpNbc793TZh0qEGhzHnRAy9SpU3VY+FeDu4RMJ0MKmvQtPXIjLK Y7WkwTyzVSSc5hBgsda3Rh7Y36ZumTuD9SqUGgKl7DqO7YKJTp2BVOKAHMjrQefYUw8q b8rXCLN6G+Gop15lEBP97zA9Q5r6GWA1c+2OINiQ/6B688NH7dt57XhhG3p1Z2qe3f3z mL8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:cc; bh=NQxEYru0Q2iLfxgiWHgziJSVGHxVLspzOpNXJT9vtNc=; b=jPxsC+nRDg28MO8RkzyCvIh133HTyPuMre94MVzsgg7t/35FzHS9/PgLJY5yEVcIPL 4XXCRkIhEYHZ6N9ALL+j+++T+v7PybfpS9uxeSOZGZbpA902DVhoq8DOIc80LBNiYStj UlVy/5PZ3UyR1OjyCAZwqoe+LVpyY8ztEfW5FYHyhjlrAr8VFuqTei1QSCWguU3HCnfS WTKVVL9YGCIpTrV4dP0NT/CjZafWYJbUgts09G4syvJ6lnTk20BbmUOr1gSVRAlhIHyO BLr+0PDoUOdGIoRsLDcs0JIgNA6+S45qjxeEYU8Pn9r/IVbzAMtK+qPqhOY+O3bye34k SrTQ== X-Gm-Message-State: AElRT7GzYVDvt033JPCt57Z/aAx3dY+uyuwDcJ/eljufG+xJzbjQeM06 Olb+2Z181TIaARA5chBrjbMCnyF05mop7uxYRLU= X-Google-Smtp-Source: AIpwx49Mnwf3Ax5FCUESy/o9dQ77WmQ7lVxn6bInW3Zxu9ostgA0GRLRtQWnUBfr0DBFDH1SUarJRXqqwAXDFdpdGCE= X-Received: by 10.129.109.86 with SMTP id i83mr6355303ywc.347.1522709200478; Mon, 02 Apr 2018 15:46:40 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:2e48:0:0:0:0:0 with HTTP; Mon, 2 Apr 2018 15:46:39 -0700 (PDT) From: William Dudley Date: Mon, 2 Apr 2018 18:46:39 -0400 Message-ID: Subject: Re: I broke my Apache 2.4 install -- sort of solved Cc: freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 22:46:42 -0000 Apache 2.4 working now with all the SSL disabled. If I try to use a formerly working virtual host on 443, apache dies. New thread to follow. Thanks, Bill Dudley This email is free of malware because I run Linux. On Mon, Apr 2, 2018 at 6:40 PM, William Dudley wrote: > As stated at the top of the thread, this is FreeBSD 10.3 > > Here's the scary message that you get when you install apache24 from a > package: > > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! > !! mod_http2 on FreeBSD with OpenSSL from base results in a mostly !! > !! functionally unusable module due to lack of "Upgrade" !! > !! capability in OpenSSL 1.0.1. !! > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! > > I installed openssl by doing "pkg install openssl" > > I've managed to get my apache install working without any SSL stuff > running. That's progress. > > Bill Dudley > > > This email is free of malware because I run Linux. > > On Mon, Apr 2, 2018 at 6:25 PM, Jack L. wrote: > >> what version of freebsd are you using? how did you try to upgrade >> openssl? what was the message? >> >> On Mon, Apr 2, 2018 at 3:21 PM, William Dudley >> wrote: >> >>> I also installed the openssl package recently because of scary warnings >>> when I upgraded apache24, >>> saying that the base openssl was "not upgradeable". >>> >>> Is the openssl pkg a problem with apache ssl? That also seems broken. >>> >>> Bill Dudley >>> >>> >>> This email is free of malware because I run Linux. >>> >>> On Mon, Apr 2, 2018 at 6:01 PM, Jack L. wrote: >>> >>> > That's probably because when you reinstall something, it does a remove >>> and >>> > then an install after. >>> > >>> > [1/1] Reinstalling apache24-2.4.33... >>> > >>> > On Mon, Apr 2, 2018 at 2:55 PM, William Dudley >>> wrote: >>> > >>> >> When I blow away /usr/local/etc/apache24 (really, rename it to >>> something >>> >> else) >>> >> and do "pkg upgrade -f apache24", I get the following messages: >>> >> >>> >> [1/1] Reinstalling apache24-2.4.33... >>> >> ===> Creating groups. >>> >> Using existing group 'www'. >>> >> ===> Creating users >>> >> Using existing user 'www'. >>> >> [1/1] Extracting apache24-2.4.33: 100% >>> >> You may need to manually remove >>> >> /usr/local/etc/apache24/extra/httpd-autoindex.conf if it is no longer >>> >> needed. >>> >> You may need to manually remove >>> >> /usr/local/etc/apache24/extra/httpd-dav.conf if it is no longer >>> needed. >>> >> You may need to manually remove >>> >> /usr/local/etc/apache24/extra/httpd-default.conf if it is no longer >>> >> needed. >>> >> You may need to manually remove >>> >> /usr/local/etc/apache24/extra/httpd-info.conf if it is no longer >>> needed. >>> >> You may need to manually remove >>> >> /usr/local/etc/apache24/extra/httpd-languages.conf if it is no longer >>> >> needed. >>> >> You may need to manually remove >>> >> /usr/local/etc/apache24/extra/httpd-manual.conf if it is no longer >>> >> needed. >>> >> You may need to manually remove >>> >> /usr/local/etc/apache24/extra/httpd-mpm.conf if it is no longer >>> needed. >>> >> You may need to manually remove >>> >> /usr/local/etc/apache24/extra/httpd-multilang-errordoc.conf if it is >>> no >>> >> longer needed. >>> >> You may need to manually remove >>> >> /usr/local/etc/apache24/extra/httpd-ssl.conf if it is no longer >>> needed. >>> >> You may need to manually remove >>> >> /usr/local/etc/apache24/extra/httpd-userdir.conf if it is no longer >>> >> needed. >>> >> You may need to manually remove >>> >> /usr/local/etc/apache24/extra/httpd-vhosts.conf if it is no longer >>> >> needed. >>> >> You may need to manually remove >>> >> /usr/local/etc/apache24/extra/proxy-html.conf if it is no longer >>> needed. >>> >> You may need to manually remove /usr/local/etc/apache24/httpd.conf >>> if it >>> >> is >>> >> no longer needed. >>> >> You may need to manually remove /usr/local/etc/apache24/magic if it >>> is no >>> >> longer needed. >>> >> You may need to manually remove /usr/local/etc/apache24/mime.types >>> if it >>> >> is >>> >> no longer needed. >>> >> >>> >> Why does it say this? It makes no sense. This is during the >>> *install* >>> >> phase, remember. >>> >> The install creates an httpd.conf which is identical to >>> http.conf.sample, >>> >> of which I had a copy. >>> >> >>> >> Anyway, still hosed. Virtualhosts is totally broken, but apache will >>> >> serve >>> >> ONE web site. >>> >> >>> >> Bill Dudley >>> >> >>> >> >>> >> This email is free of malware because I run Linux. >>> >> >>> >> On Mon, Apr 2, 2018 at 5:33 PM, Matt Smith >>> wrote: >>> >> >>> >> > On Apr 02 16:57, William Dudley wrote: >>> >> > >>> >> >> I did as you suggested (I made a backup prior.) (I also have good >>> >> backups, >>> >> >> just not of the file >>> >> >> that FreeBSD/Apache said is "no longer needed"). >>> >> >> >>> >> >> I got this message: >>> >> >> >>> >> >> "You may need to manually remove /usr/local/etc/apache24/httpd. >>> conf >>> >> if it >>> >> >> is no longer needed." >>> >> >> >>> >> >> And the re-install didn't re-write that file from my attempt at >>> getting >>> >> >> things running. >>> >> >> Apache is still totally hosed. >>> >> >> >>> >> >> I am confused as to why it says httpd.conf is no longer needed, but >>> >> >> everything is totally hosed >>> >> >> after I removed it. >>> >> >> >>> >> >> >>> >> > It's because a pkg upgrade is actually doing a pkg delete and then >>> a pkg >>> >> > install. You are seeing that message because it's telling you that >>> if >>> >> you >>> >> > no longer want to use apache after deleting it then you can remove >>> that >>> >> > file. But then it's actually installing the upgraded version once >>> again. >>> >> > >>> >> > Ok, next idea. Are there any files called httpd.conf.sample? If so >>> you >>> >> can >>> >> > probably copy that. Packages usually install a .sample file and then >>> >> copy >>> >> > them to the proper file if it doesn't already exist. >>> >> > >>> >> > Failing that you may have to move the old apache directory out of >>> the >>> >> way >>> >> > so it doesn't exist at all and then force the reinstall, copy the >>> file >>> >> out >>> >> > of it into your original directory, and then move it back again. >>> >> > >>> >> > -- >>> >> > Matt >>> >> > >>> >> _______________________________________________ >>> >> freebsd-questions@freebsd.org mailing list >>> >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >>> >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe >>> >> @freebsd.org" >>> >> >>> > >>> > >>> _______________________________________________ >>> freebsd-questions@freebsd.org mailing list >>> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >>> To unsubscribe, send any mail to "freebsd-questions-unsubscribe >>> @freebsd.org" >>> >> >> > From owner-freebsd-questions@freebsd.org Mon Apr 2 23:03:46 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 19D76F6B1EF for ; Mon, 2 Apr 2018 23:03:46 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: from mail-yb0-x22a.google.com (mail-yb0-x22a.google.com [IPv6:2607:f8b0:4002:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A701577878 for ; Mon, 2 Apr 2018 23:03:45 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: by mail-yb0-x22a.google.com with SMTP id k199-v6so5539899ybk.12 for ; Mon, 02 Apr 2018 16:03:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=VZJCHDpzC7/Qmo8loq0PhDykC2OdwX3La4bXX1eKbDY=; b=BHQmG9oGCvhDiU+djjpyqkmoUuocfBUbE6TiTZTF0fqwKKwbGzyZFbceq8NqzOfX8R E67PP+A9DVXfyZt+rfBC0AiIVOBh5QKzgKAQEvF8FCgu190quN5BIyu7eQlMwJmCpPab aSfRkvKwfe2xGFU1x/lH5dMC4i+31jz/5fB8IGmfwwwLiTNY1i9tpxKVosMEshtrE91E 1JQZlBh6ljBKp3crOdTNzLsl2XvXDfsLM0TM2vhGEBNuopwO/TrBW0Phfh9DsBunivcF x7owGt+NTcCY8jaO9L6pMEpcPO1TF2MhYVRnI3qL5xpgWnRrIxeZYJnQVhKLgi71PBW0 qcWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=VZJCHDpzC7/Qmo8loq0PhDykC2OdwX3La4bXX1eKbDY=; b=ZUlcRJ8LwTdiLlYqNkMjYzsm3iMEchhKHQo8VOXS18EBwz/R12vD66ANYjZ0phKsjX a7HGza+meXToK/mkDMvKRDz4mdxrxFFfa3pA8R5J+kl2qde+UBip195Z6wz0gtkAXX0J Fp/a/kd4y2tvjh/uC2CxR5HV9LEaCyyAeCcPKierVMlvvroHSzyXXDMoZ0gXRyymxONN 7ypdeTqUkxxHK2FYvCiAidTLJ1dhT7L23MqC515O4xEEPhqj0lWKMwPFICZi2z7CaFNr sEeDhivljwPMxc+EatmChw5ijkWMn1GtjBqRNLn8PXb6MxYVzUr7jzIk9rbsUGQzRqw0 8xeQ== X-Gm-Message-State: AElRT7GcvJ23GIHLCFXUsJKmb2Gbr3ZfUUdz+q8bpss3xfrAmg+EIQre qysGfyTU2+vleEBRyU6apI7r+5Z0cFvwSjSYjYC+WQ== X-Google-Smtp-Source: AIpwx49h1+twz/hml4ezMl41lffek1xMSZUP9VkEgptqhhnwFMelgqKFi49LHV9Ody6JG3z+wDdree8D4/RXey5LIbs= X-Received: by 2002:a5b:a89:: with SMTP id h9-v6mr5300008ybq.230.1522710224780; Mon, 02 Apr 2018 16:03:44 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:2e48:0:0:0:0:0 with HTTP; Mon, 2 Apr 2018 16:03:44 -0700 (PDT) From: William Dudley Date: Mon, 2 Apr 2018 19:03:44 -0400 Message-ID: Subject: MY Apache 2.4 SSL broken (FreeBSD 10.3) - help! To: freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 23:03:46 -0000 I'm running FreeBSD 10.3, all patched up using freebsd-update fetch freebsd-update install Because I got this scary warning when upgrading Apache 2.4 (pkg upgrade apache24) Message from apache24-2.4.33: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !! mod_http2 on FreeBSD with OpenSSL from base results in a mostly !! !! functionally unusable module due to lack of "Upgrade" !! !! capability in OpenSSL 1.0.1. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! I installed openssl pkg install openssl Now, apache dies if I start it with any of these: . . . I get this in httpd-error.log: [Mon Apr 02 18:44:00.204869 2018] [ssl:emerg] [pid 82318] AH02572: Failed to configure at least one certificate and key for njsbmwr.org:80 [Mon Apr 02 18:44:00.205017 2018] [ssl:emerg] [pid 82318] SSL Library Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned [Mon Apr 02 18:44:00.205027 2018] [ssl:emerg] [pid 82318] AH02312: Fatal error initialising mod_ssl, exiting. This was a formerly working installation with a handful of letsencrypt certificates. Did the openssl from pkg break this? How do I fix this? Thanks, Bill Dudley This email is free of malware because I run Linux. From owner-freebsd-questions@freebsd.org Mon Apr 2 23:06:22 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CB25DF6B560 for ; Mon, 2 Apr 2018 23:06:22 +0000 (UTC) (envelope-from kremels@kreme.com) Received: from mail.covisp.net (www.covisp.net [65.121.55.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 697E0779C5 for ; Mon, 2 Apr 2018 23:06:21 +0000 (UTC) (envelope-from kremels@kreme.com) From: "@lbutlr" Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Subject: Re: I broke my Apache 2.4 install and I need help! Date: Mon, 2 Apr 2018 16:56:40 -0600 References: <20180402204202.GA3145@gmail.com> <20180402213311.GB3145@gmail.com> To: freebsd-questions@freebsd.org In-Reply-To: Message-Id: <22AED507-651D-4FF5-9D3F-73F41F57AC24@kreme.com> X-Mailer: Apple Mail (2.3445.6.18) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2018 23:06:23 -0000 On 2018-04-02 (16:40 MDT), William Dudley wrote: >=20 > I've managed to get my apache install working without any SSL stuff > running. That's progress. This is what a virtual host looks like for me in apache24. I never put = any hosts into http.conf other than a base name that is actually unused = for web access. Everything is in user/name.conf or = extras/httpd-vhosts.conf ServerName oursite.example.net DocumentRoot /usr/local/www/oursite SSLEngine on SSLCertificateFile = /usr/local/etc/dehydrated/certs/covisp.net/cert.pem SSLCertificateKeyFile = /usr/local/etc/dehydrated/certs/covisp.net/privkey.pem SSLCertificateChainFile = /usr/local/etc/dehydrated/certs/covisp.net/chain.pem SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder on # I am not sure this is needed or best for TLSv1.2, but it works for = us SSLCipherSuite = ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:D= H+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS Header always set Strict-Transport-Security "max-age=3D15638400; = includeSubdomains;" =20 --=20 Well I've seen the Heart of Darkness/Read the writing on the wall/and = the voice out in the desert/Was the voice out in the hall From owner-freebsd-questions@freebsd.org Tue Apr 3 04:14:12 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C508AF7F98B for ; Tue, 3 Apr 2018 04:14:11 +0000 (UTC) (envelope-from jmvandette@securenet.net) Received: from ms.securenet.net (ms.securenet.net [205.236.147.20]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7241E846CE for ; Tue, 3 Apr 2018 04:14:11 +0000 (UTC) (envelope-from jmvandette@securenet.net) Received: from ms.securenet.net (localhost [127.0.0.1]) by ms.securenet.net (Postfix) with ESMTP id 124E811E1F; Tue, 3 Apr 2018 00:14:05 -0400 (EDT) X-Virus-Scanned: by f-prot anti-virus, and clamav anti-virus at SecureNet Inc. Received: from ms.securenet.net ([127.0.0.1]) by ms.securenet.net (ms.securenet.net [127.0.0.1]) (amavisd-new, port 10001) with ESMTP id 6PLPVHfVwH2K; Tue, 3 Apr 2018 00:14:03 -0400 (EDT) Received: from office.securenet.net (office.securenet.net [205.236.147.3]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ms.securenet.net (Postfix) with ESMTPS id F3BF311DE4; Tue, 3 Apr 2018 00:14:02 -0400 (EDT) Received: from office.securenet.net (172.16.0.194) by office.securenet.net (172.16.0.194) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1034.26; Tue, 3 Apr 2018 00:14:02 -0400 Received: from office.securenet.net ([fe80::fc2a:207d:850e:3424]) by office.securenet.net ([fe80::fc2a:207d:850e:3424%9]) with mapi id 15.01.1034.033; Tue, 3 Apr 2018 00:14:02 -0400 From: "Jean M. Vandette" To: Erich Dollansky CC: "freebsd-questions@freebsd.org" Subject: RE: gpart recovery FreeBSD 7.4 Thread-Topic: gpart recovery FreeBSD 7.4 Thread-Index: AdPH67s6+2Xno425Q4Gw3Y3ODMy5+wAZ1aOAAAgLB7AAClZQAAAIULXwABRMGwAAAW9JQABQpD8AACqFakA= Date: Tue, 3 Apr 2018 04:14:01 +0000 Message-ID: References: <6b89534c97b14e51b67581e34efac71c@securenet.net> <20180330221523.0b5f8fdd.freebsd.ed.lists@sumeritec.com> <20180331070140.00a1b6fa.freebsd.ed.lists@sumeritec.com> <20180331204056.619965d1.freebsd.ed.lists@sumeritec.com> <3856200b233947ca939e1c5ffa152661@securenet.net> <20180402115102.08679f26.freebsd.ed.lists@sumeritec.com> In-Reply-To: <20180402115102.08679f26.freebsd.ed.lists@sumeritec.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.10.15.157] x-avg-scannedformalware-engineversion: 16.0.8039 4793/15535 437833 x-avg-scannedformalware-signature: 0E1E540C6849CF51B9BEC1FBA0EFC9D21DB1A88FD2ACDAE42BA175899D79F2B0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2018 04:14:12 -0000 Erich Found an old post on partition repair https://forums.freebsd.org/threads/partition-repair.5869/ Got the scan_ffs an here are the results: root@central:~ # scan_ffs -l /dev/mfid0 X: 2097152 9786530 4.2BSD 2048 16384 0 # / X: 2097152 9787042 4.2BSD 2048 16384 0 # / X: 4194304 12232866 4.2BSD 2048 16384 0 # /tmp X: 41943040 17126306 4.2BSD 2048 16384 0 # /usr X: 42068388 17126818 4.2BSD 2048 13350 0 # /usr X: 62914560 66061474 4.2BSD 2048 16384 0 # /usr/local X: 83886080 139462050 4.2BSD 2048 16384 0 # /var X: 1258291200 237328290 4.2BSD 2048 16384 0 # /usr/local/system X: 21973958460 1705333922 4.2BSD 2048 16384 0 # /usr/local/storage X: 21973958460 1705334434 4.2BSD 2048 16384 0 # /usr/local/storage The gpart show is =3D> 40 27341619120 mfid0 GPT (13T) 40 128 1 freebsd-boot (64K) 168 8388602 2 freebsd-swap (4.0G) 8388770 2097152 3 freebsd-ufs (1.0G) 10485922 4194304 4 freebsd-ufs (2.0G) 14680226 41943040 5 freebsd-ufs (20G) 56623266 62914560 6 freebsd-ufs (30G) 119537826 83886080 7 freebsd-ufs (40G) 203423906 1258291200 8 freebsd-ufs (600G) 1461715106 25879904054 9 freebsd-ufs (12T) It seems to differ from the scan of the file system Your thoughts? Regards Jean M. Vandette SecureNet Information Services Net-Vu Television Distribution Divisions 159272 Canada Inc. 283-100 Alexis Nihon Blvd St Laurent, Quebec H4M 2N7 514-744-4242 800-469-7774 514-744-1552 Fax IMPORTANT: Les informations contenues au pr=E9sent courriel ainsi que dans tout docume= nt annex=E9 sont de nature privil=E9gi=E9e et confidentielle et ne peuvent = =EAtre utilis=E9es que par la ou les personnes ou entit=E9s dont le nom par= a=EEt ci-dessus. Si le lecteur du pr=E9sent message n'est pas le destinatai= re pr=E9vu ou n'a pas =E9t=E9 mis en copie, il est par les pr=E9sentes pri= =E9 de noter qu'il est strictement interdit de divulguer, de distribuer de = copier ou d'utiliser de quelconque fa=E7on ce message ou ses annexes. Si ce= ux-ci vous ont =E9t=E9 transmis par m=E9garde, veuillez les effacer et nous= en aviser imm=E9diatement. This E-mail along with its attachments, if any, contain privileged and conf= idential information intended only for the use of the individuals or entiti= es named above. Any dissemination, distribution, copying or use of the same= by anyone other than the intended recipients is strictly prohibited. If yo= u have received this communication in error, please delete both E-mail and = attachments and notify us immediately. -----Original Message----- From: Erich Dollansky [mailto:freebsd.ed.lists@sumeritec.com] Sent: Sunday, April 01, 2018 11:51 PM To: Jean M. Vandette Cc: freebsd-questions@freebsd.org Subject: Re: gpart recovery FreeBSD 7.4 Hi, On Sat, 31 Mar 2018 18:43:06 +0000 "Jean M. Vandette" wrote: > I used the recoverdisk > root@central:/ # recoverdisk /dev/gpt/root /mnt2/root.img I never used this program. > I did newfs on the boot then it mounted seems it does not recognize That was dangerous. When I have had the problem I really went down to read = the partition information from the disk into a file and tried to understand= it. This method helped recently when a disk has had developed so many bad secto= rs that it shrank its size during a boot. So, I did the same with its GPT i= nformation, mounted it, made a backup of the last hours of work and returne= d it to the manufacturer. > I don't have other mount points ie disks to make copy. This is a real problem at this stage. > the recoverydisk with state 0 says it encountered no errors so it is > seeing the data (I presume) just it is a binary file it seems. Now is > the data usable is another question. Using more or less I see a lot > of binary gibberish so far. Yes, the data is all binary. The key to any disk is its first sector. > > I don't know if there is a way to write the superblock information > without losing all the data if you or anyone knows I would appreciate > the procedure. Did it once before or should say my mentor did it back > on 3.1 and then was able to fsck and mount the data. This is all not a problem but it come much, much later. There is something = wrong with your partitioning tables. I would try to find this out. Get a hex editor of your choice. dd the first sector of the disk, open it i= n the editor. I used Wikipedia to provide me with the structure information= of the disk. This all depends how it was partitioned and later formatted. = MBR, GPT ... I know that this is hard work and will take time. Erich ? ------------------------------- Checked by AVG. Version: 16.0.8039 / Virus Database: 4793/15535 - Release D= ate: Mon Apr 02 09:04:00 2018. The message does not contain any threats. ------------------------------- From owner-freebsd-questions@freebsd.org Tue Apr 3 07:28:50 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0001CF898BA for ; Tue, 3 Apr 2018 07:28:49 +0000 (UTC) (envelope-from xxjack12xx@gmail.com) Received: from mail-wr0-x233.google.com (mail-wr0-x233.google.com [IPv6:2a00:1450:400c:c0c::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6CA076B232 for ; Tue, 3 Apr 2018 07:28:49 +0000 (UTC) (envelope-from xxjack12xx@gmail.com) Received: by mail-wr0-x233.google.com with SMTP id c24so17295983wrc.6 for ; Tue, 03 Apr 2018 00:28:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=MQEPCg8xFErYnlmVUxUJzutYRwdk6CxUzb98oH0ck/E=; b=EgaTGrhWMVt9vfJOXPBONZDkC77p0SgHdm7jMYu9V3estVV4nXlyUgmg5bHD2RzPI9 qPZKaxVr1dl3JTlrMi8BYVdkI4eujcigg4PuJie54LKGXb3Al3Ab7WvFqR/DvfobsAMR Ua0TMUawJ6PELWZWl8+K/k8ywTk4l6hyzmvkrjwrN5XNSz1icLlnP+i3MHv1m0qz06ir z4o67mSdq2PbxS05vv564dmDEDAQoyT4bHetzPNnRkN+G2o9CTz2EuT/+qD9Canhga91 5Uygropr0r0VaiN3AZcnvk60u0nh9nRC8oBNmkWYr+mtQBGiK9CpoIjb0Q/t4CcfHvn0 AU9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=MQEPCg8xFErYnlmVUxUJzutYRwdk6CxUzb98oH0ck/E=; b=Vo21fRjEq5fxTXs1yzlXrqJzOK5Pq4sbPGSwdhEY4dVfvLwWqfKV6zYZlmVWPg7UPw HAtb3y4uBjRXNdpYlvhNbtojLwuvha1Uu30MMoIUMFaYlTt5AI5HEsELidAYG+xefxzi o+Vthiodzdl+FPm8tLAurLDyGWe5QtjLyB8At7gTeybWq2qH64gUl3ImmUT+Iw6+5wJg pAdKPbNv83nh6No1hpsU+W9hiBpXla7enQpRQWC9vryeDXzYln2Givfz3T+FyH1AUU4Q wCIrwThV3EvV9/dfoQtPB2BbmoEwRHMU5o4SR2Ewj+yY3lT3saReB2U1/G0qc0lZ8kBu LtIA== X-Gm-Message-State: AElRT7Ha5tmA4KZIay3bYsziA053A1GrCwccIr47aK/b1N4h2SlWC+3Z +3yVQZ85IgOvrX/TnEzaa6QxEK/n8x9Jtya6A8LJMA== X-Google-Smtp-Source: AIpwx48bgBapB7lOcuxDXAca0VO4U+rA+JDMOlbj8kxwvkFt6k+zdLJU17ZjkKN8/oztBUypoSgkPDSv5zFaf6F/RWo= X-Received: by 10.223.154.100 with SMTP id z91mr8931632wrb.120.1522740528294; Tue, 03 Apr 2018 00:28:48 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.147.130 with HTTP; Tue, 3 Apr 2018 00:28:07 -0700 (PDT) In-Reply-To: References: From: "Jack L." Date: Tue, 3 Apr 2018 00:28:07 -0700 Message-ID: Subject: Re: MY Apache 2.4 SSL broken (FreeBSD 10.3) - help! To: William Dudley Cc: freebsd-questions Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2018 07:28:50 -0000 installing the openssl package sounds unrelated, are you sure you've defined SSLCertificateFile and SSLCertificateKeyFile properly and apache can read those paths? The error Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned means it can't locate your cert On Mon, Apr 2, 2018 at 4:03 PM, William Dudley wrote: > I'm running FreeBSD 10.3, all patched up using > freebsd-update fetch > freebsd-update install > > Because I got this scary warning when upgrading Apache 2.4 (pkg upgrade > apache24) > > Message from apache24-2.4.33: > > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! > !! mod_http2 on FreeBSD with OpenSSL from base results in a mostly !! > !! functionally unusable module due to lack of "Upgrade" !! > !! capability in OpenSSL 1.0.1. !! > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! > > I installed openssl > > pkg install openssl > > Now, apache dies if I start it with any of these: > > > . . . > > > I get this in httpd-error.log: > > [Mon Apr 02 18:44:00.204869 2018] [ssl:emerg] [pid 82318] AH02572: Failed > to configure at least one certificate and key for njsbmwr.org:80 > [Mon Apr 02 18:44:00.205017 2018] [ssl:emerg] [pid 82318] SSL Library > Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate > assigned > [Mon Apr 02 18:44:00.205027 2018] [ssl:emerg] [pid 82318] AH02312: Fatal > error initialising mod_ssl, exiting. > > This was a formerly working installation with a handful of letsencrypt > certificates. > > Did the openssl from pkg break this? > > How do I fix this? > > Thanks, > Bill Dudley > > > > This email is free of malware because I run Linux. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" From owner-freebsd-questions@freebsd.org Tue Apr 3 08:06:26 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5A721F5484A for ; Tue, 3 Apr 2018 08:06:25 +0000 (UTC) (envelope-from mailing-2382630-150459050-546549a063@mailpv.net) Received: from eur-kvi158.lnmailer.net (eur-kvi158.lnmailer.net [213.139.173.158]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 89F526CEBB for ; Tue, 3 Apr 2018 08:06:24 +0000 (UTC) (envelope-from mailing-2382630-150459050-546549a063@mailpv.net) Received: from eur-kvi158.vdk.fi (localhost [127.0.0.1]) by eur-kvi158.lnmailer.net (Postfix) with ESMTP id E02AB62276 for ; Tue, 3 Apr 2018 11:03:26 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=mailpv.net; h= list-unsubscribe:mime-version:reply-to:to:subject:from:date; s= a.mailpv; bh=Pb3/WFOoxCMYPIoEEaYgxgu72Os=; b=I2f3a76Hfgfj+pMtlCd nQBh9H0eakogOkLaKDC/OFkds9TaoL1bCPk39VNFyZOwvUzqZqou3KWvXs204Qwc 2bv46xNKyFnCd+rdJmwv+dRmu767Z56Wi5v5u/cQqCWBXfEZdUV0r4c3hlM5BU2k qQzWTv1lPgLgrPpaCAxy9teI= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=mailpv.net; h= list-unsubscribe:mime-version:reply-to:to:subject:from:date; s= newsletter; bh=Pb3/WFOoxCMYPIoEEaYgxgu72Os=; b=R6xdX2z11hB9R7SAQ bovYnJSDdZY2oDYMKDUzC5/NDKnruboiv6LK0I7K4OrQvsfMsIBxAJblqJwVqRO5 VT9iE8hLJ9ea7IF940nJlfdxkyLxmIZ4kZ/0/dcT71NmXOAO8xWF3cKW0uGnBpRf HGRKVxUeZWFza8ay+0FwctyGT8= MIME-Version: 1.0 Reply-To: info@alruwadoffplan.com To: freebsd-questions@freebsd.org Subject: =?UTF-8?Q?What=20is=20Dubai=20South=20a?= =?UTF-8?Q?nd=20Where=20should=20you=20i?= =?UTF-8?Q?nvest=3F?= From: "Dubai Real Estate Opportunity - Al Ruwad Real Estate" Message-Id: <0000005ac3354e-4-c5-jyyqoq-2382630-150459050@mailpv.net> Date: Tue, 03 Apr 2018 11:50:31 +0400 (+04) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2018 08:06:26 -0000 Click here to open in your browser http://al-ruwad-new.mailpv.net/a/s/15045= 9050-59bcf6c91556505cc0b030b602a7bfe0/2426944 Dubai Property Investment Opportunity http://al-ruwad-new.mailpv.net/go/14480873-151238-150459050 What is Dubai South and Where should you invest? ++++++++++++++++++++++++++++++++++++++++++++++++ Ismail Al Hammadi Managing Director - Al Ruwad Real Estate (Dubai UAE) Branded =E2=80=9CThe City of You=E2=80=9D, Dubai South is an ambitious proj= ect started under the vision of His Highness Sheikh Mohammed bin Rashid Al Maktoum, Vice President and Prime Minister of the UAE and Ruler of Dubai. Emerging as one of Dubai=E2=80=99s flagships project, Dubai South has quick= ly become a central hub for major investments, both privately owned and governmental. Launched in 2006, Dubai South will be able to host 1 million population, plus every conceivable kind of business and industry and create 500,000 jobs, thus becoming Dubai=E2=80=99s most important economic platform. Where to invest? Saffron by Emaar: A stunning collection of townhouses with beautiful private gardens. Choose between 3 and 4-bedroom townhouses designed with flair and within arm=E2=80=99s reach of nature. Al Haseen Residences by City Properties: Attractive, affordable with the highest quality. Golf Links and Golf Views by Emaar: Surrounding the lush green landscape of a world class golf course, Golf Links and Golf Views are an idyllic community comprising of modern villas, state-of-art facilities and retail options within close vicinity. Read Complete Article Here http://al-ruwad-new.mailpv.net/go/14480875-1026= 189-150459050 =E2=86=92=20 About Al Ruwad Real Estate Al Ruwad is inspired by the vision of Dubai, to pursue relentlessly a culture of innovation, enterprise and excellence. We are a young UAE National company, and we draw on the positivity of our nation, and its ambition to be among the best in the world. As a company guided by a clear vision, mission and values, Al Ruwad aims to add value to the property investments of the people. To know more about Dubai Real Estate Opportunities: Call or Whatsapp Us +971508747474 http://al-ruwad-new.mailpv.net/go/14480874-1438504-150459050 If you are not willing to receive our newsletter, click here http://al-ruwad-new.mailpv.net/account/150459050-0ea5354ff164c3b793a30a9385= 579790-1062523/2382630 Office No. 106, Oud Metha Offices Bldg, Umm Hurair 2, Dubai, U.A.E. info@alruwad.ae mailto:info@alruwad.ae | +9714 343 0111 tel:+9714 343 0111 http://al-ruwad-new.mailpv.net/go/14480877-510097-150459050 http://al-ruwad= -new.mailpv.net/go/14480879-1548122-150459050 http://al-ruwad-new.mailpv.ne= t/go/14480878-2047231-150459050 http://al-ruwad-new.mailpv.net/go/14480880-= 925459-150459050 http://al-ruwad-new.mailpv.net/go/14480876-2309556-1504590= 50 From owner-freebsd-questions@freebsd.org Tue Apr 3 10:12:20 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 32AD3F73852 for ; Tue, 3 Apr 2018 10:12:20 +0000 (UTC) (envelope-from damirusowens12@gmail.com) Received: from mail-ot0-x243.google.com (mail-ot0-x243.google.com [IPv6:2607:f8b0:4003:c0f::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C77D67514A for ; Tue, 3 Apr 2018 10:12:19 +0000 (UTC) (envelope-from damirusowens12@gmail.com) Received: by mail-ot0-x243.google.com with SMTP id m22-v6so18729802otf.10 for ; Tue, 03 Apr 2018 03:12:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=5nEMWt0agnqdxJ3ZQ5eIETP1SoFGYTxdK3G1ITSp9h0=; b=GdOMsmfwwxUbe3sDH5lEc1PScxD2fptVI0Uujv0jL9WyD2FYF7nn4/vyq/H3bheqCo UddBd2Sz0RLz4OqYsDrX33CymOi5mM0uGRWc2ms8ZiNAI6QzooqqA7TtGGA5P1I8Ka02 7rMAan4ngYcEAhKa22Gu3GdsmaHzp7PxEEcvdiAhxpO9RRX4t+4FvTNBasrISQKIuVCv 8LhAlwnI520GjIEDFgLkTi8BbU9n8abDMBkcEGdMdGjNtuU4KmwPHE6FqhoqTmvmQyoL gX8EGbPtW5iaKLYCxLWzpMp2whaotCZ0bPYEqaxZ5N13pS0JpOgRRVjkBQvLpUHtJpY6 yarQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=5nEMWt0agnqdxJ3ZQ5eIETP1SoFGYTxdK3G1ITSp9h0=; b=Dm3yOc/sqGfGiOhv3a3O9Q+L2F1bNA5VsTga2DL0f2EDyAttr5J0D14tNASa3gJajg 6pGeV86P1dAStgY65AKswbFtRA+AvcBZbvJAVZydJHp4lRPEvQ98rgqnUqBDeussgddj e2ZwlwAJiVsRnGYM0KBNmRFDX53HGjAOpGPmlrF62xE84t10uDjQBiv1h3/V2A3jKjgb colZ9KchRtBxZqGnmlCeU0okbLwddxhcKjXb4hqiAIuNPp6DEJ20xAvTzPMaBKkMf3i2 6GDxJtHYeWmf75GObA+DlWG2gO9Kcr+elbgvI7SrWdxXxr55FBOYiGhjWybMdyp/J3j7 NreQ== X-Gm-Message-State: AElRT7H+PlFh+v4X+iKMGGxist4KF6rBKWK4kPv8zzOepeVDxaUthHF0 IPNXNXEhfPpwcdP/lxZWi87gk2dM+C/XMYrHidQPwg== X-Google-Smtp-Source: AIpwx4/bkNaJ7Gj0GZ7hH/A3fr6RBMLM4yKy9TepgvDKg/oh4Kl54Sf5CzumghyF2C6xjCT7qji2w3rn8J7t6tNfAb0= X-Received: by 2002:a9d:6043:: with SMTP id v3-v6mr8195409otj.388.1522750338769; Tue, 03 Apr 2018 03:12:18 -0700 (PDT) MIME-Version: 1.0 From: Damirus Owens Date: Tue, 03 Apr 2018 10:12:08 +0000 Message-ID: Subject: To: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2018 10:12:20 -0000 Micro From owner-freebsd-questions@freebsd.org Tue Apr 3 12:36:48 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D0476F7D4CB for ; Tue, 3 Apr 2018 12:36:47 +0000 (UTC) (envelope-from hansperryck@yahoo.com) Received: from sonic305-3.consmr.mail.bf2.yahoo.com (sonic305-3.consmr.mail.bf2.yahoo.com [74.6.133.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 75E447ADC1 for ; Tue, 3 Apr 2018 12:36:47 +0000 (UTC) (envelope-from hansperryck@yahoo.com) X-YMail-OSG: lnurVcQVM1mwWAv6yBZMBLNoFnYcheYE_KL6c5hdocXswJ3MflMiffrDJAfhbKI qEdSsBJ2w1rg4Pjt468O9xt8m5ZAJXnnIgVDhjBUfjdKl4Bt9T.vBeXkjJY_R4r72fYyVHHwVNYj k973HbY8WEJDh3DzXW7X0jM531aAfcYgZUpsQRj6lxaRydgGT_j5jqx_KfljU_a49sbHMMTUcsVD IyoAui6cZWlCfzdDBzBhBZuKfmwF6Ac2bc4Ey4j5IpkNJwv5qeff8TFa.41U5_J7LWP82LNSH.Qe 7kSZw25.AJjz28j2TeVdNKRxIxv2douh8oRXUzirOqI3PJ99T48gsA4YdDrn4rtWLGxEsq_gmVpo NQRA.NQE9yFpBntKRXe_232YvXn4mvZ9plESLnui8ZABWbcMY5ru0xfbU6d6iexC5GduxL7nba66 84SoZz3aqkbi2JBpUROosCerQS4GDpq9eIH0g2Mcm0acYxdJxx2fgrSYaMfTjKYbPlafj9h3JDMu BR3N3lhkFDtmEjGS4hzr.GVZgeG5fh6JoAskK0w-- Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.bf2.yahoo.com with HTTP; Tue, 3 Apr 2018 12:36:41 +0000 Date: Tue, 3 Apr 2018 12:36:34 +0000 (UTC) From: hans perryck Reply-To: "hansperryck@yahoo.com" To: "FreeBSD-questions@FreeBSD.org" Message-ID: <1674790533.1041889.1522758994593@mail.yahoo.com> Subject: cultural value based BPM MIME-Version: 1.0 References: <1674790533.1041889.1522758994593.ref@mail.yahoo.com> X-Mailer: WebService/1.1.11701 YahooMailAndroidMobile YMobile/1.0 (com.yahoo.mobile.client.android.mail/5.20.6; Android/7.1.1; NMF26X; gt510wifi; samsung; SM-T550; 9.71; 1024x768; ) Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2018 12:36:48 -0000 Hi, I am a newby on the FreeBSD platform but already taken just by its orig= inal =C2=A0intention and reviews. Wish I had heard from it earlier. Busy to= line up a smallbusiness and wanting to know if there are applications like= business processes modelling, entreprise architecture running on the platf= orm. For me it is vital if these can be made cultural value based, =C2=A0su= stainibility, transparency, accountable, etc. I will have a look into BPM's= myself as well, =C2=A0but want to bave ghis running parallel.=C2=A0Thank y= ou for your timeHans Perryck Hans Brinckers LtDInflatable Flooding BarriersAustralia Sent from Yahoo Mail on Android From owner-freebsd-questions@freebsd.org Tue Apr 3 13:48:18 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A228DF81D7E for ; Tue, 3 Apr 2018 13:48:18 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: from mail-yw0-x230.google.com (mail-yw0-x230.google.com [IPv6:2607:f8b0:4002:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 277157DFC9 for ; Tue, 3 Apr 2018 13:48:18 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: by mail-yw0-x230.google.com with SMTP id u15so6142328ywg.8 for ; Tue, 03 Apr 2018 06:48:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=Voz++NJF46NwD1H/x3UI0dc13RwWkCqBdzc1PW2NN4k=; b=cneUPf4zZ0gw+kXe9AwqnnxiQRCjVuJ5YtOq/5F4NNRmUcc+Xa2Tpx+ky8vrrbCspG 4F8M7FvZMxfBLuiZXyFMlLyDum6/w/IDrYkNATT+9GlHHYZoALM1jJgs3FMTouLCwPix NdUQF0vxXRrVlTwvrCIlBqQupcZtIun4SdC8mdKlXA5vqEnoY5uGWHocrMRNXUJgd73G jLp+52seaoP/uE+Lv6/6e7S1Dsj0VF97sDgWfjX9OGmMd+QxeSxr5kx8xJem+PHq9Fok FcsYEnjUate6U1lVTTEpMmmpHioGa56xBq28MsA64zOTWtTICeHwarfF3EbhCPoX93H+ hadg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=Voz++NJF46NwD1H/x3UI0dc13RwWkCqBdzc1PW2NN4k=; b=oiNuz8tpdcEmfuAzY3hgYXBNxE/KYH5f+Pz57yxp1O+42wmJ0ROMIGMLH/ELStKo2B FtAXNMyuWeNerdRwoYtw0F8vLYVRUeKp7m1taXy+E7nEgKOkpC95D67ZCa3KB3fXVpc1 jvt75iUMdZYRiC0rWpJ4BSWU+I5NDY2pPI2IoDXZ5hSqbRZYg/SAQhi7Sf+k9plnenxS qhwKYSwKtzfA4jprNwPD/qKp2IDI3EUAO6PQ4N/RyigbLPR4ugWaEq5Q2YYr/IkjcElJ 6zro5Dl1wYMQeo74DpZhhvI6pae6EfyOFpbk3Vop04NI3HHKST/WNVMoBfXAoieNwm/N v7yw== X-Gm-Message-State: AElRT7HD2FtFXW4Rouo01rcGj0bFfXkbX6lY2InsRitn2AED80Px64su vaQAAGwvKwMcLqRvj711kCpjbSDvaUK1WmZVFM7gLA== X-Google-Smtp-Source: AIpwx4+2nvrxUspfza8S2p/Tucw9iBMBSpo6EJIL/EpLAihBEwvpXRt7HLEHIfOAvV9qIDchlKPUxY2ztkFO2+gBK7M= X-Received: by 10.129.109.86 with SMTP id i83mr7608192ywc.347.1522763297273; Tue, 03 Apr 2018 06:48:17 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:2e48:0:0:0:0:0 with HTTP; Tue, 3 Apr 2018 06:48:16 -0700 (PDT) From: William Dudley Date: Tue, 3 Apr 2018 09:48:16 -0400 Message-ID: Subject: my Let's Encrypt certs "broken" overnight! To: freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2018 13:48:19 -0000 FreeBSD 10.3 I run a hobby web server, with a couple of small clubs that pay me for hosting. I had letsencrypt certs for most of the sites I host, and they were working fine until a recent upgrade -- either apache 2.4 or openssl changed and now things are hosed. An example: I host www.njsbmwr.org. I have a "test" URL for development, njsbmwr.dudley.nu. Both share the same certificates, or at least, they used to. Now, if I uncomment the section for www.njsbmwr.org, apache throws an error and won't start. If I comment the section out, apache is happy but www.njsbmwr.org doesn't serve https pages. njsbmwr.dudley.nu has almost the identical section, and it works fine as https://njsbmwr.dudley.nu The apache error I get when I enable the section for www.njsbmwr.org is: [Tue Apr 03 09:13:29.141783 2018] [ssl:emerg] [pid 49861] AH02572: Failed to configure at least one certificate and key for njsbmwr.org:80 [Tue Apr 03 09:13:29.141947 2018] [ssl:emerg] [pid 49861] SSL Library Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned [Tue Apr 03 09:13:29.141982 2018] [ssl:emerg] [pid 49861] AH02312: Fatal error initialising mod_ssl, exiting. AH00016: Configuration Failed Here's the section that causes failure: ServerAdmin webmaster@dudley.nu ServerName www.njsbmwr.org DocumentRoot /usr/local/www/njsbmwr.dudley.nu Alias /.well-known/ /usr/local/www/.well-known/ ScriptAlias /cgi-bin/ "/usr/local/www/njsbmwr.dudley.nu/cgi-bin/" SSLEngine on SSLCertificateFile \ "/usr/local/etc/letsencrypt/live/njsbmwr.dudley.nu/cert.pem" SSLCertificateKeyFile \ "/usr/local/etc/letsencrypt/live/njsbmwr.dudley.nu/privkey.pem" SSLCertificateChainFile \ "/usr/local/etc/letsencrypt/live/njsbmwr.dudley.nu/fullchain.pem" SSLOptions +StdEnvVars BrowserMatch "MSIE [2-5]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog "/var/log/njsbmwr.dudley.nu-httpd-ssl_request.log" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'u nsafe-inline' pagead2.googlesyndication.com www.google-analytics.com *.cloudflar e.com www.paypal.com; img-src 'self' *.crystalbrook.com www.paypalobjects.com" Header set X-Frame-Options SAMEORIGIN Header set X-XSS-Protection "1; mode=block" Header set X-Content-Type-Options nosniff ErrorDocument 404 /errormessages/oatmeal_404.html ErrorDocument 500 /errormessages/oatmeal_500.html ErrorDocument 503 /errormessages/oatmeal_503.html ErrorLog /var/log/njsbmwr.dudley.nu-error_log CustomLog /var/log/njsbmwr.dudley.nu-access_log combined Options +ExecCGI +FollowSymLinks +Includes +Indexes -SymLinksIfOwnerMatc h AllowOverride All Order allow,deny Allow from all The ONLY difference between this section, that doesn't work, and the section that DOES work is the ServerName line: < ServerName njsbmwr.dudley.nu --- > ServerName www.njsbmwr.org More info: pkg info | grep apache apache24-2.4.33 Version 2.4.x of Apache web server pkg info | grep openssl openssl-1.0.2o,1 SSL and crypto library I am mystified, and running out of ideas on what to try. I suspect the openssl I installed from a package, because of this scary warning that the apache upgrade gave me: Message from apache24-2.4.33: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !! mod_http2 on FreeBSD with OpenSSL from base results in a mostly !! !! functionally unusable module due to lack of "Upgrade" !! !! capability in OpenSSL 1.0.1. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! How can I re-install the openssl from base? I want to revert to that and see if it fixes my problems. Thanks, Bill Dudley This email is free of malware because I run Linux. From owner-freebsd-questions@freebsd.org Tue Apr 3 13:54:22 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 667EFF82420 for ; Tue, 3 Apr 2018 13:54:22 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: from mail-yw0-x235.google.com (mail-yw0-x235.google.com [IPv6:2607:f8b0:4002:c05::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id ED51D7E592 for ; Tue, 3 Apr 2018 13:54:21 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: by mail-yw0-x235.google.com with SMTP id h14so693967ywm.1 for ; Tue, 03 Apr 2018 06:54:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:cc; bh=OT1eUzgJ7dtAAYC6zRnEgE4d2tOZC0wCwUvDsbLpx7M=; b=Rb9O5n8yquRtubsSKVwFJfwftFKvHVvcmZOWzAbcaxBvvJQkHyENQZZ8A7ZNE6wu0i r39OOzK8p9HwuYWHaGKf3CwAfEgnNe4U1PwIDB2v9ipsvYQLkuG9R9CxVLYfpY5DBVlf KF/7IDqAzbg5C90lom9eygV5otU8SiHMTrYdk8HG65rgs7HBSGOQSBV++zO3H6x2t/zp qp5v+JU6fhF/+1fMGtk6C0w/20xWjIusCjSuCLocIVtTRmuFGMnNxtoibjoZjWBsCtE1 0zZDVTtGXYfO943gKM42+/toNo4Tw5iniiC9Z+nowSSdXxiMycFUOuDFmqKSoF5F2KYM rDWg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:cc; bh=OT1eUzgJ7dtAAYC6zRnEgE4d2tOZC0wCwUvDsbLpx7M=; b=NOQpdBsXmi3a96vQ++SJmgT5Yq1YdKeJpk8l8nMYP4qUpBEFRJPtK/7Mg2GCEzm+J1 12QLXRY0XKY+sHg8lshBA7jxnySHXTOfY2foAfIW+dsPJ38VEDvSe/dn7hkHGeuij8oL hVFgrHlOSFLNTDBnyt7zCMQZl8dF/72JUikljuuXfhL+atKg6rUGZori1vzjui9/Y6Gr 1BKOinqhqwtRGebmv+fMd5t3mpTW5Sy6Roc6EUMSDnBJ8YxUN7JFapxqGTpM8SDdl/ZT WzoQkIV7Kwe2PWJTu4GOmyv3+B4ABfd8wxcdUHOXePsnzc5r2o8Yt/6n5PHjREfsph2S 5QRA== X-Gm-Message-State: AElRT7F3fIt3ZtSkqS14kWW3iQ/aj5priY8HP9e0DxCu/RPOtuZ0rjuc UIgGfZ/1GBE/HgZGZRDXKFhTD8r57e5W5F5GCR1BJA== X-Google-Smtp-Source: AIpwx4+YjO6vqvmWec5vRiAi1Ig98qmBuN8gjX12GksknIDkdLiMGi/pmr6G8e3FiB1vsNZS3MPXvK/sd71deGG/a+o= X-Received: by 10.129.33.133 with SMTP id h127mr7797379ywh.299.1522763661186; Tue, 03 Apr 2018 06:54:21 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:2e48:0:0:0:0:0 with HTTP; Tue, 3 Apr 2018 06:54:20 -0700 (PDT) In-Reply-To: References: From: William Dudley Date: Tue, 3 Apr 2018 09:54:20 -0400 Message-ID: Subject: Re: MY Apache 2.4 SSL broken (FreeBSD 10.3) - help! Cc: freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2018 13:54:22 -0000 The EXACT SAME SSLCertificateFile and SSLCertificateKeyFile are specified in the njsbmwr.dudley.nu.conf file, and that works just fine. I'm afraid that the package openssl doesn't like certs that are for multiple domains. If I can revert to base openssl, I can test this theory trivially. Bill Dudley This email is free of malware because I run Linux. On Tue, Apr 3, 2018 at 3:28 AM, Jack L. wrote: > installing the openssl package sounds unrelated, are you sure you've > defined > > SSLCertificateFile > and > SSLCertificateKeyFile > > properly and apache can read those paths? The error > Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no > certificate > assigned > > means it can't locate your cert > > On Mon, Apr 2, 2018 at 4:03 PM, William Dudley wrote: > > I'm running FreeBSD 10.3, all patched up using > > freebsd-update fetch > > freebsd-update install > > > > Because I got this scary warning when upgrading Apache 2.4 (pkg upgrade > > apache24) > > > > Message from apache24-2.4.33: > > > > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! > > !! mod_http2 on FreeBSD with OpenSSL from base results in a mostly !! > > !! functionally unusable module due to lack of "Upgrade" !! > > !! capability in OpenSSL 1.0.1. !! > > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! > > > > I installed openssl > > > > pkg install openssl > > > > Now, apache dies if I start it with any of these: > > > > > > . . . > > > > > > I get this in httpd-error.log: > > > > [Mon Apr 02 18:44:00.204869 2018] [ssl:emerg] [pid 82318] AH02572: Failed > > to configure at least one certificate and key for njsbmwr.org:80 > > [Mon Apr 02 18:44:00.205017 2018] [ssl:emerg] [pid 82318] SSL Library > > Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no > certificate > > assigned > > [Mon Apr 02 18:44:00.205027 2018] [ssl:emerg] [pid 82318] AH02312: Fatal > > error initialising mod_ssl, exiting. > > > > This was a formerly working installation with a handful of letsencrypt > > certificates. > > > > Did the openssl from pkg break this? > > > > How do I fix this? > > > > Thanks, > > Bill Dudley > > > > > > > > This email is free of malware because I run Linux. > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" > From owner-freebsd-questions@freebsd.org Tue Apr 3 17:19:55 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 63B81F70064 for ; Tue, 3 Apr 2018 17:19:55 +0000 (UTC) (envelope-from charles.morris@talgov.com) Received: from GCC01-CY1-obe.outbound.protection.outlook.com (mail-cy1gcc01hn0315.outbound.protection.outlook.com [IPv6:2a01:111:f400:fd00::315]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "Microsoft IT TLS CA 4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C5AA568235 for ; Tue, 3 Apr 2018 17:19:54 +0000 (UTC) (envelope-from charles.morris@talgov.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=talgov.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=8zvPHYgxA+xxblJPLnpQ8qvnQJUP/M9bTgOITr4UTDc=; b=RilCdveFs9NOM0vTCGhNmNOmYtrpGyIRXALsktzpo9is/sv8p0Yl73ahKXmlY/z/PFkt4QgLBohbo8U8L9rDD/8mzeJpCZu6JH68CigeyacHwOgQyVqLhb6bSJCQw1HI0Y/Zt8V1kx6ueSKtkqM+DWjSuQJee24+8tD7tBalYVg= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=charles.morris@talgov.com; Received: from RHWIN7x86-PC (172.81.132.139) by BL0PR0901MB2338.namprd09.prod.outlook.com (2603:10b6:207:1c::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.653.12; Tue, 3 Apr 2018 17:19:44 +0000 From: "Help Desk" Subject: Notice To: freebsd-questions@freebsd.org MIME-Version: 1.0 Date: Tue, 3 Apr 2018 10:19:45 -0700 X-Antivirus: avast! (VPS 180401-0, 04/01/2018), Outbound message X-Antivirus-Status: Clean X-Originating-IP: [172.81.132.139] X-ClientProxiedBy: DM5PR15CA0069.namprd15.prod.outlook.com (2603:10b6:3:ae::31) To BL0PR0901MB2338.namprd09.prod.outlook.com (2603:10b6:207:1c::28) Message-ID: X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 53d94a2e-859e-4c72-825e-08d599871806 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:BL0PR0901MB2338; X-Microsoft-Exchange-Diagnostics: 1; BL0PR0901MB2338; 3:u1PqYNEI8nMO4vremnf9PNjqqmmt/eNIuTciakVu34M1WsIqzaiiARc1lKbX9SSrCi0MHjpHGdA6meZlGJonazHtuuOgRTBQVY2ei12s3XPM341opfXK0ASTnb2nGiwPKtkmnz2104sndNXtHiiQXJATarQBzGfCD2vX/hFxultzCe4JHjw9gG5kNFarBVh0gIVLVgLf7dHKDe1pFxhvMwwok+CSd4fsyZHszH9io8agGiHuJQUB/fcBmzaYEqge; 25:CdkBHtCXl0HQnXtSriOd7ByG3+ZOqSNsThE+0rq8iP03VWNN4E6uzr1usDJHiBg9dAbseP7Uk4CWkLlfShrO9frULlEulFdU9uRe9GIGfdOquN7lORziyXsWPizkdJFjLeSF8fHUKSj5LUXethK+eoK5JUiAS90JdRU995uthndXXpX7Rzx7h+9VD336/cdC4OJfY+kLJ8axQi3lVJ1BtnvXSskb2S1mweKV1drYXlXMYj87mjZW/BlDmQksWo8iCfFkd0AGmkvCHN32Cg8egqtHtuqEWh9AGJ3pbORdd3dJTDg3OmV91hTRnNhBvzAzCmtoyS7q+St6HT8C4Rs3BQ==; 31:M7qHMYpX8c0Mshs0l3861BySFXEzw6VF1eoWsb4wEihDW3qwcqGkVShuml4NedUno7wkI50zERWnU/NWGyjYYO1VXnfcUNMKr2ttFT/6/vFL9UAqmdW/yPBBv6Gb/mQNUPr4vua8Xj2aXc4Q2nd1sGZrOfcbAyweUwxIDCLr50A2rsq1Rqi2jEmW7cyi6f33JstyN7toyEysi/N9twDUtaN7psjktolLYQbIm1PC0Eg= X-MS-TrafficTypeDiagnostic: BL0PR0901MB2338:|BL0PR0901MB2338: X-Microsoft-Exchange-Diagnostics: 1; BL0PR0901MB2338; 20:TXdkgfb9g3EXKDGdFQnLGDdYeT2wRyChJ26WHZrJriZdqJ4qhu3NL4XT3NV4yFNm8MNWhSHSUa5kLq8eHvwBnlpjk138EonZmD5xYt2bqjrr3CfPYDcKneQYW4f3ph8Cj4tvb8O7k/mXF5DEHQr/gV+ate2qo4ri8J4SOPnK+d5Yqwp6mFBiAXt3wmd/gOhuKvFzmMMrVH1yCSDhgex4cxbPPV1Hgj9rnHTIbqmvVLt2Tvven2wWZKcJPQDPNtBIwZwcCvvk0tYlh7z64Kdv9KD2Do0tfSJdiHwXc8lGkk3bZ0D5a8WcCMi002z9w7zUWYFL1+KStVDp0MroIbAanSKLHlAbIYMDNwC0Wp7Z2XZLPCaZUHkpuF0NU/yEmpfTG0+aCh60SPzjTqVZYUQ2xQ0Uls4F8/S60aqqh3GQziMa4RXjNU9egAHC6oPnPksqbH9ASKKpQD0mzqh+SbWxiGerlL5ZnafFWDZLl2cO8vTgjBru2HWLLnUn3PWlgqHV; 4:dxI0/CCU0T1vwpD9ONwdhKYUHPvvr//u/+RWXKyYBqls7oKg0r1TaSdVnIoYmKy5c09LIbgZ4GztUnXwtL26ZdAOkgJsa2Lh3gBrKVAPDK+dSAa37Z0aRBrlnDo3kpliBm9ieB00rt8fspjhTBEaQf/JUzcFbx355A3IRzJN7/qUypeYIcuTwqX6C/wsq5jzXS4yqFe0pwxONKcR+k9yrJOul1uoUywAbiImR4YEZbDF12dCZK2KzXHz624M5muHWjsZ/VjxLGr32tMBtdmdpGAq18HkwEZPAVB7cUx6DMNXbBXiL0vpw/Yy0tzYym1v4pMgx1gTIp19p4leRxsTrJRb1t9seUKYJGddINEuF/s= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(165176249663242)(131327999870524); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(2017080701011)(5005006)(8121501046)(10201501046)(93006095)(93001095)(3002001)(3231221)(944501327)(52105095)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(20161123558120)(20161123562045)(6072148)(201708071742011); SRVR:BL0PR0901MB2338; BCL:0; PCL:0; RULEID:; SRVR:BL0PR0901MB2338; X-Forefront-PRVS: 0631F0BC3D X-Forefront-Antispam-Report: SFV:SPM; SFS:(10009020)(396003)(376002)(366004)(39860400002)(39380400002)(346002)(189003)(199004)(33896004)(53936002)(8676002)(2351001)(81166006)(59450400001)(606006)(33656002)(564344004)(81156014)(2361001)(45080400002)(105586002)(2906002)(9686003)(52116002)(236005)(6306002)(3480700004)(8936002)(25786009)(6496006)(316002)(478600001)(106356001)(6916009)(221733001)(97736004)(16586007)(3846002)(66066001)(6116002)(10126004)(6486002)(7736002)(74316002)(7116003)(5660300001)(26005)(57250400003)(68736007)(573324001)(386003)(486005)(186003)(84326002)(476003)(16526019)(5000100001)(486005)(956004)(86362001)(557214004); DIR:OUT; SFP:1501; SCL:5; SRVR:BL0PR0901MB2338; H:RHWIN7x86-PC; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; Received-SPF: None (protection.outlook.com: talgov.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BL0PR0901MB2338; 23:7boLeSr5GT3KR6ls+pHrwRPlO7aMBO3oPYDzw8A?= =?us-ascii?Q?AunVDjO4HTWE3pgONmVf7/lBB9cSDwtglZNdFusxvae+o0ux5Muv3l99ZKOS?= =?us-ascii?Q?+Qs4e3EhHredcJx5laHdYnz1CTliYFb8W1Bi10FLqWVlF+crvsOLAl+NJKTy?= =?us-ascii?Q?nHFXd9NlY3gD0GDWoqn85ZEXVJKr3jwUXaoXt4fhCzldFBMkfer4vcjL7lEg?= =?us-ascii?Q?TCNbyYL9mk0vJvofNHobtj3QML6QFutZsxu5KFkdPT38SAmd0pjjNY7adbNP?= =?us-ascii?Q?opE8SdwnYFMcn2HqHlRQmL3FLTBn0kVGdwnU+sRnwQKqF6sgBZeS/RAiktyW?= =?us-ascii?Q?MYHTzn3Dm8CprH0G/Dk1YZBx8jjYllfu/qn6pZcNT+IATeWON8G7nzIN5s08?= =?us-ascii?Q?RjKK4MY2Ap59/VNsXE7Tx2eHC4E0JTTFypmw1xnEzIpPdCFiTUd7QrQr9LMj?= =?us-ascii?Q?BFCDD/nUaCjib4Dagyk7c7G3U0DtKRvaP7a48rCYeHevx2LHz623SPMlAyvs?= =?us-ascii?Q?ojE1WRDSMOwYHfSH2Z/oW+6XUwRX4eA8o3N4qbfjlWbDqAJ9DnzI8BT8hloR?= =?us-ascii?Q?vtIHRz8L+BI7GkPHK6SfnUdYPWaPwEheP9OquL0xXRE5lBf+VwexlUYlmbpq?= =?us-ascii?Q?rI6XOOUr40PvRzGz7/wZ2wIcbt0/Txmsko+MtFrWV2HucOYQPvNpjC56TJPQ?= =?us-ascii?Q?WZpIkOJxFPBcDK/0t5Hk4FSr8kg27gkcrYAzwkvyQY5e/1nb709LdyEdMbjk?= =?us-ascii?Q?yeAt+whWYjAWea6gTJfO7C+Hi8KagC1DLqh+ImI2ciGY+Uoz+gun+uwGnBx1?= =?us-ascii?Q?oUrtjbfXYyHZHAPWEwwEHDm3+3lt8WnLoQKh9tqMmjcfiDsyAK44iKHZEMIn?= =?us-ascii?Q?NPnqNyVBtevxi2nPSALxAwOrEWLxzu0fZ3ihKaBLwJ3IPVNckfFGZWC+Ag2q?= =?us-ascii?Q?yJtWO6HjanDfpJUGAqTAQ/CpJ5ELGibvE8KZ9fMnwSJ46od3OjwgM6mkp9ok?= =?us-ascii?Q?EE3VObpbOBL/leVjm4b87I+8mtvUWRQm3IwZk5PBtMSDYY2T4ExMNPosYgEH?= =?us-ascii?Q?BMyg0Qf7KtxB6gzkkkeXC3mMskAm8X9BbFJbKZYAFwxojuHR2MVBexqqjymL?= =?us-ascii?Q?AAmxccGeKGq4DUsbIQTfvGeNxH5r2j+L6k3htdHxTEfXADBEkiJ4JeyZUjZ1?= =?us-ascii?Q?Zyc9Y27QtX2iGUqOCC/LyEQccIZfJrXSIqtHRdW4sVkC9IsT1Hu0ljG9i3Ex?= =?us-ascii?Q?qot+gtpuDBQye0CJucbWx1cvbQvjpsF13+v7D6QoTZ9DthzXUBYf/maPzSz8?= =?us-ascii?Q?++5RLkPxVNqHu8zIiv6OmvkIw2sLlR7NcfU/UVOzvatU0eP+va/DhNvoc6s6?= =?us-ascii?Q?Y20O3i/tJHA5bT3vR/M4G1O0aVs6Qs+mH+YRB15AnQ7Z1Vehx?= X-Microsoft-Exchange-Diagnostics: 1; BL0PR0901MB2338; 23:u9ck0xN/tqjvrfMqMqmy0ZiX/RuXnhbBu5QBvD+hoiaiHFnce26JNcxR0eqIWYU/BV6P4nCLl4MzVMb5m6W5qGgIkMmE0JUhE1+k3M0qFa7W57A+sggeC9Y4SGld0llr5D0MVehy/wYiAft1dh7IVw==; 6:TLYXxgewcpKAg49cQ59qqmyTYoQjmgw6cwk9Gl9VCvi6CsRDsAteu2DZlrULujsGasOsshHRatBtRepTVrnJOigCs6bIBVHSNw3l/Kw2exiqw0q39gbeGHVJJgpklxXi/GISwQqCwtWl5nm4TbmaycIjedx+tuAi1mFv8yAf80EHRN9R9vzOikFKgAobEY5fV0elJHxZCdZMfik/nZZkieDTvDtn0K/O4aHWd0jbbKj5AY/CQSuex+K+NZiKnQPc09S66BVW1mYBwIjwFhJKY5wUuUi81sAqHcOQGWx+SW3KOYtpuG1DfwvRWGktuw9YODZ2NMTOzPyb/a6yZdR+F0xkpEyEzhIsyuYpzwIuKwUP6UiDOF7lpp23RBzdrDxbvoHjDQF435+ShmskZJ8Xo0SbR5+3fDUnzJf2y2x1g9mT1cnz45Ye1ttc529q3634ucb1e6CARUZLxTIfJYlahsPyf7expV4JWYJVXiEXRZ4/HKaUVYr7CYEAQBCrw1f1; 5:u0btXfgnGwKqR+Azzb1dLRPXbI3Smi8Wk62OEIKw6MGWbQXSeM/CK/yXqTne3q9STNMnq9GtBXzyiy6B3pRGzxeFm0oN6awkt4+aRwKncPehaGRzHUfJrPoKd1MqC9PtlkPdZhNt67hvKsPYsoYRJ7BppwVH3u1cqa6cnctF7Xw= X-Microsoft-Antispam-Message-Info: +T8p8CZKplA4yU6AbLRXLrLEZfgxsUbAhw45gXbXmEsFOkV88hOEQUucQc8ZpjzCC0StxraiLEbAIQbX5aEcTXfNIPFmsp3wtQO/0hHX/zn3dg9Jg/TNooFILY1oTZvlk23JhuOt63vbdbtVBNjzgsqcXbW+D6zZYQP3JB2cQfdvfzi/nu21r3IITP744mXpZbW++cwgMW3o9ffc7G6N8ZutKmo/CkOoYOetO/wXpGReAZC8f/Ka+ezCn/5he+aB174pIY+ZHT8UFPdfljOqzoGORM4i7N7r3f3Cp9aZ54rqcGJJ2goXcCZ2Ual6bH/DNqg9oEhZ5OdLp/1PotfCSm65jDQexTPVunTUD2Ec+Nrx+0GJ1HID9Si7qUeU5Yv4 SpamDiagnosticOutput: 1:22 X-Microsoft-Exchange-Diagnostics: 1; BL0PR0901MB2338; 7:wc/OvlRCtqZG8TL9iWJnzGITC5l3glRMV/vFkItPWKrKibD+KoLay+IiQevWbBvfOEdTgykcusiU8UnaRUDeIOyJILM2jE54Do8lUbRXXkxb2zXXvgR0mt9e+8tP8RSjTlNuGnSWn6fdsL7i7iKWhjKUqVtVrIkc92S9JBPgJpbALUyfPJvIeKenYVYzjVV5SdEZ5vuQLD4NJL09JflT5Krda3KnjyMPwrNUhH/W+0FQMRdEXZaJhDmjOs+imd5l; 20:3Oa04gQgtJr+LBGUJCshXh2OWwocOLBIcur+GqudBfBVZlaBhnlafNRLVeg40WfiH6x5nrY/c9kmk8jGGZcMvpA6yVyj9DYP79uSq+tWwH3NHYZRXOPnmJXgJ/WVMCIlOpPHCqogWaVzItBTdqnrex5ogrnCr45/ubUd5qobHH4= X-OriginatorOrg: talgov.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Apr 2018 17:19:44.3163 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 53d94a2e-859e-4c72-825e-08d599871806 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: b83d23e4-3e8a-4e54-9426-be16e2ce2693 X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR0901MB2338 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2018 17:19:55 -0000 - This mail is in HTML. Some elements may be ommited in plain text. - your drop box is needed for review please click the link below to avoi= d close down click here thanks office 365 From owner-freebsd-questions@freebsd.org Tue Apr 3 18:32:35 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E5C7FF759F4 for ; Tue, 3 Apr 2018 18:32:34 +0000 (UTC) (envelope-from joh.hendriks@gmail.com) Received: from mail-wm0-x22d.google.com (mail-wm0-x22d.google.com [IPv6:2a00:1450:400c:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 614176BA83 for ; Tue, 3 Apr 2018 18:32:34 +0000 (UTC) (envelope-from joh.hendriks@gmail.com) Received: by mail-wm0-x22d.google.com with SMTP id x4so36976762wmh.5 for ; Tue, 03 Apr 2018 11:32:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=cTL+I7BnvMRrHrZPPmryX7OE0UGOuBTnwF0sE9brh48=; b=r4XYcZbDN3JBB6MjxceARDipJa9ZxsJdVJwfNA+V71zaZgQLIsoMZW29a3f4txNwY1 ufS/LtdjW5klBvBOJa2cJcIZ0WdFnpO55A4WrqoEWnnL4oIvBbZ8lQGA3fTFikfGL4Ib WFDlxW4HGsSNJa4H6mMlMPQp2wvvAcbh/xVepTTsmpCTC35CwhxCHQu0c8iljKgwrJNz dXLsVhzg/VOx2sKbOArKeWZBnvuS8oqyN9G977C3s5YbxM4EYRpGQzpYo72+CDY3HgCb k2gayXTGLu3e2/byPLL5Mz95Gaz3+WJ6l+7wMxvlahcySIaZQNkXeuS8h4PmntLe23o8 pQhg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=cTL+I7BnvMRrHrZPPmryX7OE0UGOuBTnwF0sE9brh48=; b=RWIUDTWTRFJUz7uyOI2R3PwS72MxXKBbYLYoJXZVjv7aEnstTFhjaw+Ivk3I/yfDW8 VYVUhnANRJF5SMl4ax+ty/CEu9VzRz0DAjJdFFoyDz50BY2AYLbEX3KExygPqLZ8Mblz ngCEK0CTNf9RfB1Cch6ejI5XiD0n8ysqTFK+bCHgly65Tzi1D7hW7cUJCpEx52Bt9QDc Ml1RUYlfS3kYTaYniOyqL2gnMaKBaUXzSScvhmPDrcCnny/TlyoXuyLWeHQ918Uq/Mz3 3m53EkMuJwieKNdpLPZyGOBxgfCu3XjDhQ/PqPfypxySVH1aHqrzkM8cZqj7VhdigW4F YGJQ== X-Gm-Message-State: AElRT7FOqnG53EejqL1MwKqipyNxwIQxgD6trf4C4a303vB0IDX617m3 4+QquK7kBcfEMLTk9XM7LakSCg== X-Google-Smtp-Source: AIpwx49FfagXQFZEhe3WBtpCK7YEJQQvVr6Z63FCF53V9BscWWiLEtDPgb60L8iAJEXIhgc+mTPk5Q== X-Received: by 10.80.130.67 with SMTP id 61mr17542190edf.184.1522780353162; Tue, 03 Apr 2018 11:32:33 -0700 (PDT) Received: from Johans-MacBook-Air-2.local (92-111-79-242.static.v4.ziggozakelijk.nl. [92.111.79.242]) by smtp.googlemail.com with ESMTPSA id r48sm2164616edd.74.2018.04.03.11.32.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 03 Apr 2018 11:32:32 -0700 (PDT) Subject: Re: I broke my Apache 2.4 install and I need help! To: "@lbutlr" References: <20180402204202.GA3145@gmail.com> <20180402213311.GB3145@gmail.com> <22AED507-651D-4FF5-9D3F-73F41F57AC24@kreme.com> Cc: freebsd-questions@freebsd.org From: Johan Hendriks Message-ID: <458eb0bf-dbd8-01c2-4eac-96546e61dec1@gmail.com> Date: Tue, 3 Apr 2018 20:32:31 +0200 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: <22AED507-651D-4FF5-9D3F-73F41F57AC24@kreme.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Content-Language: nl X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2018 18:32:35 -0000 Op 03/04/2018 om 00:56 schreef @lbutlr: > On 2018-04-02 (16:40 MDT), William Dudley wrote: >> I've managed to get my apache install working without any SSL stuff >> running. That's progress. > This is what a virtual host looks like for me in apache24. I never put any hosts into http.conf other than a base name that is actually unused for web access. Everything is in user/name.conf or extras/httpd-vhosts.conf > > > ServerName oursite.example.net > DocumentRoot /usr/local/www/oursite > SSLEngine on > SSLCertificateFile /usr/local/etc/dehydrated/certs/covisp.net/cert.pem > SSLCertificateKeyFile /usr/local/etc/dehydrated/certs/covisp.net/privkey.pem > SSLCertificateChainFile /usr/local/etc/dehydrated/certs/covisp.net/chain.pem > SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 > SSLHonorCipherOrder on > # I am not sure this is needed or best for TLSv1.2, but it works for us > SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS > Header always set Strict-Transport-Security "max-age=15638400; includeSubdomains;" > > The documentation of apache states that SSLCertificateChainFile is deprecated and SSLCertificateFile will handle your cert and chain in one file. See apache docs http://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatechainfile I do not think this helps with your problem but it is cleaner to not use deprecated configs. regards Johan Hendriks From owner-freebsd-questions@freebsd.org Tue Apr 3 22:42:54 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 86682F868B0 for ; Tue, 3 Apr 2018 22:42:54 +0000 (UTC) (envelope-from markmoellering@psyberation.com) Received: from mail-qk0-x230.google.com (mail-qk0-x230.google.com [IPv6:2607:f8b0:400d:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 200567982B for ; Tue, 3 Apr 2018 22:42:54 +0000 (UTC) (envelope-from markmoellering@psyberation.com) Received: by mail-qk0-x230.google.com with SMTP id b198so20495055qkg.9 for ; Tue, 03 Apr 2018 15:42:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=psyberation-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=VqAro+/yarYZpycyL9fENA6eG5gzcJBkyOTl0s5ugzs=; b=1yDERb+Y8g4GEgjO/gc6zqtxwPQHHRVuJs9nFiCrHifx3NKBpBsIiq3N+55sPsKrQR Uuom8uJx6WMbCS5OCnrhwNFvvjXpBlmj00X35yY+P53S/AlQ1V4A4dqrCSOz2ywOXaLZ 0mt4wcLWQQKE5XJJthoxhRWtafmobHiRHhe0TP5DW0KRCNvHIa0js6fZ3sTqsN5Vsxct L6UmStO0mQ8M2ohygEiSm1Ro5tsOn31XSu0FHy9SUIuR8LDrAHfvALt50cuqj4ZT229/ nUdofA+AW3btCPMr81bjfdBahv2B2pON24iCJt6LIfRxwZhkvSt4SQeFZp8ms2uuaJZs 0mBw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=VqAro+/yarYZpycyL9fENA6eG5gzcJBkyOTl0s5ugzs=; b=CBwAkCzYhkpNK9q3clxxwoz/JaLl2juyqSBogNJBElE4DqcByVvPW4G3OWonDS0bzw iHNjS6cnUBPzr1SaSEpY/6zjDZUkYbQz8Yje8fzHUayM9nTp95NO5zSZ2lBA4S7O3npL vxozGaJx2X1DPXBTYXWzXNxhUjeGca2TRvEHlP5CoJxInjWTG19PoIeywkVqbIhTEnIG vbygLYb5SquzyI+oF3+Ni94/h5M3hSxQisXZSKQhNHZhKsG3FnIDenIAGoIp39lF38vv vqM3DUyT/oz9SvWT/8ZvE+aba7e4FwPCytRz4fFDTREaSaZ2s9LH5nS7cl97Wek+uKOu sEVQ== X-Gm-Message-State: ALQs6tA7hQcaxqED6cx0Na0YyN5lv13JYu8l2Q2IEUGZpnydf2Lg/CLp b6gWOM8GV1QUykWMwo6q7sA8VzjKiYHbrFgcWBmH05aR X-Google-Smtp-Source: AIpwx48Isj62DiqkmIAqfHNqWXB1456+eeJb52DZoWrsQR7NgOw+ZyDvn0BZecEF3nRBbZYLtI+ihV/pm6z4Jf2HwrM= X-Received: by 10.55.123.197 with SMTP id w188mr21773465qkc.70.1522795373303; Tue, 03 Apr 2018 15:42:53 -0700 (PDT) MIME-Version: 1.0 Received: by 10.200.68.25 with HTTP; Tue, 3 Apr 2018 15:42:52 -0700 (PDT) From: Mark Moellering Date: Tue, 3 Apr 2018 18:42:52 -0400 Message-ID: Subject: Mouse & Keyboard lock-up on FreeBSD 11.1 & Lumina To: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2018 22:42:54 -0000 Everyone, Between 1/3 and 1/4 the time, when I boot up, if I do not log in right away and do something on the desktop (i.e., boot-up and then work on household-chores before logging-in, or log-in and then work on chores) , the mouse and keyboard, both USB, are completely unresponsive. Unplugging and replugging-in does nothing. I had the occasional problem on a FreeBSD 10.? install and kde4, so I deleted everything and then upgraded the OS and did a fresh install of QT/Lumina, etc. I am running older hardware, a core-2 quad-core. Full release is listed as: FreeBSD 11.1-RELEASE-p4 #0: Tue Nov 14 06:12:40 UTC 2017 Lumina build 1.41 I use slim as my login manager. Any help is greatly appreciated Thanks Mark Moellering From owner-freebsd-questions@freebsd.org Tue Apr 3 23:17:42 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 74ADAF88BF9 for ; Tue, 3 Apr 2018 23:17:42 +0000 (UTC) (envelope-from 010001628dc6bcdb-6062b373-1078-4ffb-afae-9739dca3e0c6-000000@amazonses.com) Received: from a9-114.smtp-out.amazonses.com (a9-114.smtp-out.amazonses.com [54.240.9.114]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 207F37B138 for ; Tue, 3 Apr 2018 23:17:41 +0000 (UTC) (envelope-from 010001628dc6bcdb-6062b373-1078-4ffb-afae-9739dca3e0c6-000000@amazonses.com) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=xi2fcwkatebqdkoe6uuutt53jubnl2jy; d=degustatoriacque.com; t=1522797034; h=Subject:Date:From:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; bh=lywQHo+z7PgTZ0nZymwKTWU10RCr0ZYe8SpocUm/MFU=; b=Sg81HcC/Fn1josM37BOnZn5WfKWGxO20PCwFvL0QV7du2zZA3Wd8seRq8CRcVh78 4hDX1yNLp8SnPLyPRyxhfuImAMm7QlnWY8WpVcGcCUtzylunz2px8W2VUAJIjACdt41 n4qd9vAZDTXig8ZX7AFMng07ZUC0DL4zR4uh68QY= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1522797034; h=Subject:Date:From:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID:Feedback-ID; bh=lywQHo+z7PgTZ0nZymwKTWU10RCr0ZYe8SpocUm/MFU=; b=Uh1o3hZS5SEeKCrXyJ8K0ytkDSVm0TcXxo3iXU/tFLRgf6oo3eZRjZgmPsD/TSrK +pa6MVUv14EzQsas0+7zfJusjRKB4p3KhCdJfKPBZio292Z886Q3nl+mJ5SqgENZm4K 0PtoaOyRVva3M7pukBaLV51VRddzXU5YeKwuh5dY= Subject: =?UTF-8?B?Q29yc2kgcGVyIGxhIGZvcm1hemlvbmUgZGkgSWRyb3NvbW1lbGllciBhIFBlcnVnaWEu?= Date: Tue, 3 Apr 2018 23:10:34 +0000 From: "=?UTF-8?B?QXNzb2NpYXppb25lIERlZ3VzdGF0b3JpIEFjcXVlIE1pbmVyYWxp?=" To: "=?UTF-8?B?ZnJlZWJzZC1xdWVzdGlvbnNAZnJlZWJzZC5vcmc=?=" Message-ID: <010001628dc6bcdb-6062b373-1078-4ffb-afae-9739dca3e0c6-000000@email.amazonses.com> X-SES-Outgoing: 2018.04.03-54.240.9.114 Feedback-ID: 1.us-east-1.e5k5YvmJu4J2s7EAnCS8JTDvRfkODfY+JU94VVps3Tc=:AmazonSES MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2018 23:17:42 -0000 From owner-freebsd-questions@freebsd.org Wed Apr 4 03:57:43 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2E80CF8BE03 for ; Wed, 4 Apr 2018 03:57:43 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from nightmare.dreamchaser.org (ns.dreamchaser.org [66.109.141.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "nightmare.dreamchaser.org", Issuer "nightmare.dreamchaser.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id A464A862E6 for ; Wed, 4 Apr 2018 03:57:42 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from breakaway.dreamchaser.org (breakaway [192.168.151.122]) by nightmare.dreamchaser.org (8.15.2/8.15.2) with ESMTP id w343vYXa061293; Tue, 3 Apr 2018 21:57:35 -0600 (MDT) (envelope-from freebsd@dreamchaser.org) Subject: Re: my Let's Encrypt certs "broken" overnight! To: William Dudley , freebsd-questions References: From: Gary Aitken Reply-To: freebsd@dreamchaser.org Message-ID: <36f18609-b418-ff3e-8a02-7129b889c08c@dreamchaser.org> Date: Tue, 3 Apr 2018 21:56:53 -0600 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Apr 2018 03:57:43 -0000 On 04/03/18 07:48, William Dudley wrote: > I had letsencrypt certs for most of the sites I host, and they were > working fine until a recent upgrade -- either apache 2.4 or openssl > changed and now things are hosed. > > An example: > > I host www.njsbmwr.org. I have a "test" URL for development, > njsbmwr.dudley.nu. Both share the same certificates, or at least, > they used to. > > Now, if I uncomment the section for > www.njsbmwr.org, apache throws an error and won't start. If I > comment the section out, apache is happy but www.njsbmwr.org doesn't > serve https pages. > > njsbmwr.dudley.nu has almost the identical > section, and it works fine as https://njsbmwr.dudley.nu > > The apache error I get when I enable the section > for www.njsbmwr.org is: > > [Tue Apr 03 09:13:29.141783 2018] [ssl:emerg] [pid 49861] AH02572: > Failed to configure at least one certificate and key for > njsbmwr.org:80 [Tue Apr 03 09:13:29.141947 2018] [ssl:emerg] [pid > 49861] SSL Library Error: error:140A80B1:SSL > routines:SSL_CTX_check_private_key:no certificate assigned [Tue Apr > 03 09:13:29.141982 2018] [ssl:emerg] [pid 49861] AH02312: Fatal error > initialising mod_ssl, exiting. AH00016: Configuration Failed > > Here's the section that causes failure: > > ServerAdmin webmaster@dudley.nu ServerName > www.njsbmwr.org DocumentRoot /usr/local/www/njsbmwr.dudley.nu Alias > /.well-known/ /usr/local/www/.well-known/ ScriptAlias /cgi-bin/ > "/usr/local/www/njsbmwr.dudley.nu/cgi-bin/" SSLEngine on > SSLCertificateFile \ > "/usr/local/etc/letsencrypt/live/njsbmwr.dudley.nu/cert.pem" > SSLCertificateKeyFile \ > "/usr/local/etc/letsencrypt/live/njsbmwr.dudley.nu/privkey.pem" > SSLCertificateChainFile \ > "/usr/local/etc/letsencrypt/live/njsbmwr.dudley.nu/fullchain.pem" > SSLOptions +StdEnvVars BrowserMatch "MSIE [2-5]" \ nokeepalive > ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog > "/var/log/njsbmwr.dudley.nu-httpd-ssl_request.log" \ "%t %h > %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" Header set > Content-Security-Policy "default-src 'self'; script-src 'self' 'u > nsafe-inline' pagead2.googlesyndication.com www.google-analytics.com > *.cloudflar e.com www.paypal.com; img-src 'self' *.crystalbrook.com > www.paypalobjects.com" Header set X-Frame-Options SAMEORIGIN Header > set X-XSS-Protection "1; mode=block" Header set > X-Content-Type-Options nosniff ErrorDocument 404 > /errormessages/oatmeal_404.html ErrorDocument 500 > /errormessages/oatmeal_500.html ErrorDocument 503 > /errormessages/oatmeal_503.html ErrorLog > /var/log/njsbmwr.dudley.nu-error_log CustomLog > /var/log/njsbmwr.dudley.nu-access_log combined "/usr/local/www/njsbmwr.dudley.nu"> Options +ExecCGI +FollowSymLinks > +Includes +Indexes -SymLinksIfOwnerMatc h AllowOverride All > Order allow,deny Allow from all > > > The ONLY difference between this section, that doesn't work, and the > section that DOES work is the ServerName line: > > < ServerName njsbmwr.dudley.nu --- >> ServerName www.njsbmwr.org Not sure this will help, but it might be worth trying. I had a somewhat similar but not exactly the same issue and resolved it by being more explicit in the VirtualHost assignments. You might try doing each separately and pointing to the same certs: ... and repeat for njsbmwr.dudley.nu:443 Apache 2.4 (not sure about earlier releases) uses the first match it finds for the . So *:443 will match both, and the server name won't match for one of them. Gary From owner-freebsd-questions@freebsd.org Wed Apr 4 04:04:05 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1D16CF8C65D for ; Wed, 4 Apr 2018 04:04:05 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from nightmare.dreamchaser.org (ns.dreamchaser.org [66.109.141.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "nightmare.dreamchaser.org", Issuer "nightmare.dreamchaser.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 90F7A86A51 for ; Wed, 4 Apr 2018 04:04:04 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from breakaway.dreamchaser.org (breakaway [192.168.151.122]) by nightmare.dreamchaser.org (8.15.2/8.15.2) with ESMTP id w34442jU061317; Tue, 3 Apr 2018 22:04:02 -0600 (MDT) (envelope-from freebsd@dreamchaser.org) Subject: Re: Mouse & Keyboard lock-up on FreeBSD 11.1 & Lumina To: Mark Moellering , freebsd-questions@freebsd.org References: Reply-To: freebsd@dreamchaser.org From: Gary Aitken Message-ID: <5c12cb9e-a7a0-4690-c9e3-3d4806395932@dreamchaser.org> Date: Tue, 3 Apr 2018 22:03:21 -0600 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Apr 2018 04:04:05 -0000 On 04/03/18 16:42, Mark Moellering wrote: > Between 1/3 and 1/4 the time, when I boot up, if I do not log in right away > and do something on the desktop (i.e., boot-up and then work on > household-chores before logging-in, or log-in and then work on chores) , > the mouse and keyboard, both USB, are completely unresponsive. Unplugging > and replugging-in does nothing. > > I had the occasional problem on a FreeBSD 10.? install and kde4, so I > deleted everything and then upgraded the OS and did a fresh install of > QT/Lumina, etc. > > > I am running older hardware, a core-2 quad-core. > > Full release is listed as: > FreeBSD 11.1-RELEASE-p4 #0: Tue Nov 14 06:12:40 UTC 2017 > > Lumina build 1.41 > > I use slim as my login manager. I had / have a similar problem, but it was / is related to plugging in a usb device. It appears to be a static electricity issue, although I never get a spark. However, it completely goes away if I remember to ground the end of the usb cable I'm about to plug in (touch to my finger) and ground the port on the computer (touch my finger) before plugging the one into the other. Try consciously touching a metal ground point on the box before you do anything else. Drove me crazy, still does when I forget and the whole thing freezes up. And yeah, it should all be well grounded, but apparently something isn't. Gary From owner-freebsd-questions@freebsd.org Wed Apr 4 06:23:55 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 01974F939BE for ; Wed, 4 Apr 2018 06:23:55 +0000 (UTC) (envelope-from yegonkips7@gmail.com) Received: from mail-qt0-x244.google.com (mail-qt0-x244.google.com [IPv6:2607:f8b0:400d:c0d::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 874E48C42C for ; Wed, 4 Apr 2018 06:23:54 +0000 (UTC) (envelope-from yegonkips7@gmail.com) Received: by mail-qt0-x244.google.com with SMTP id j26so21965870qtl.11 for ; Tue, 03 Apr 2018 23:23:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=CM+gubPym0J+U4GN0g3S4r0i8CMishKryzH2785RYJw=; b=pawtGTifMjuHr0bZ1DQRzQkzrFHiSCdiEd+paNX0GkPGvLl+QOZSX9GTy9KunQJhNN Rm6kT4IUpdjijwvi8PAnBDYcj85mwvGmnGZwSw2sIrmAzJicI3Ph1y9Tz9okMwJTndw+ gzVntP9oM8bbWNktoO33p9H4G71AlFwgOaw+FOTgTN1wn+oQuSWT2JOJ31INC2vHqiIA ou7fmZeNLmAR/fbY3h0v+LBO+o5cXaL/JWqGhJQnKqpY6b8D93Y1c9zr5jGXtZHcAnOd scpEGinCzYaKd0QqN4I+CTN3845v6Ld+OedFdTyKBaTRONZ5HJStUsLI2SbJQBDN7bKL kWFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=CM+gubPym0J+U4GN0g3S4r0i8CMishKryzH2785RYJw=; b=OL6+gUiqlGqNsW/zsFR44n0Iplv1GcaR5PoLI2I6uZVKyv3dCr8wlvl/c6yT+QPbKG ygqxYZDJ87ywyBnoFTChy6gR1P3HvL36U3V3/n8NKavDy192JOrk6FZYFTmUd5O/4oZr 8mSSljRnD3joPSLJjkjZfEM8rrfAMZOW74rYpM5SAU3ptHDKqy9Qn/4lunyCvUzAmCtV 1lP0g7Cuwz1EXZzBinafEHWwaCzqHRyNb3UQIbLRumvAJsqbup3BeBrr0K3z2HIAqMh+ g1gPuDzfV/7pw5S+MUBYBRDR71ibtxzAq1BBzs6LZZjQvz+9ubbrHhY8XO4E/MWtjvD4 4pOA== X-Gm-Message-State: ALQs6tBgOy2gG4xt7cX6l5I4JJo/nBXob2pCU8zeE7y3MUFeMCfElAJq 8jSNzt0XeZziD91MN4PlotYLDVrXX8TlH9D8T5c= X-Google-Smtp-Source: AIpwx4/XTIlbP7GIgqlulJvTklCOJ73WtfGxA+Ab/+w0aWgQY7jlJ1HUT43s3tObXuP5Eh30BDwWN6sFFkIv9DEMifo= X-Received: by 10.237.59.99 with SMTP id q32mr24351059qte.222.1522823033990; Tue, 03 Apr 2018 23:23:53 -0700 (PDT) MIME-Version: 1.0 Received: by 10.12.180.87 with HTTP; Tue, 3 Apr 2018 23:23:53 -0700 (PDT) Received: by 10.12.180.87 with HTTP; Tue, 3 Apr 2018 23:23:53 -0700 (PDT) From: Kenneth Yegojn Date: Wed, 4 Apr 2018 09:23:53 +0300 Message-ID: Subject: To: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Apr 2018 06:23:55 -0000 how to understand programming From owner-freebsd-questions@freebsd.org Wed Apr 4 13:18:18 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DE5F8F8E129 for ; Wed, 4 Apr 2018 13:18:17 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: from mail-yb0-x244.google.com (mail-yb0-x244.google.com [IPv6:2607:f8b0:4002:c09::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 742967A849 for ; Wed, 4 Apr 2018 13:18:17 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: by mail-yb0-x244.google.com with SMTP id k199-v6so8266930ybk.12 for ; Wed, 04 Apr 2018 06:18:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=npgRJ3l/IQcxMUhzCxqqcZWxjm6KzTnU6aQtCLcXtq0=; b=U7FL+ufesKzbu8dUzMRk3ov9qJ+Bqa0zgbGgFIM0IIwyVC9QK9mRSucwXWyt/ZreWU ntanLnbhs7GerUxSZowJIoUfeNZsRWkDmfDDTpaCBskYZuRupVpYtbysgoYgMoHHzCxB cfezE6rFvD+59ws7cOqaqux6aGvEKUo9d+fTa48MCe3AfGtymtsG7sbNqIfFCPLe/eyv AzkjQNF4qHZHpD4b8RYEWN0WSBOB3wwIdm/W6eSdhUnFaJlC9pFIgtQMj4/wDN3qfir/ ixXMia7Jedlwn9xUMgp5roXqAnhZ3TV2CUKL1oTnrqgw16BhLL1lms5eKux2zDJ68rd8 VYaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=npgRJ3l/IQcxMUhzCxqqcZWxjm6KzTnU6aQtCLcXtq0=; b=Wt16jn7Ca1vEaDKlCSGZlxZqPkdvXDBY21baYKydK58ofSOCSzHGmwET4Xs+JUywaQ MyA+sWbPNbW9m2g7K1FpBH7gH92xm8/69MCFv5eYgkA0h3z7kZUj3MvHItz7lvcQIkW0 uWuomtuO7GAFRxUV5qzZbWQ0Grw9o7NPEZc52s9Y5/uZbHTLvsoopbG1sWGmIeiqp1Pf /35Tk34Y7mkI3mvU1WlD1h6RdcAgNYzUkvNQdOXA2uWJ4lvlnZodPiVzX9TEePiDJKvY HQ6tbs+jrg+C/vEYRdi5MaUVuhsjF8eMVnp4aitAykyqIx83oZoilab7vjzyi1OOfgjC RF7A== X-Gm-Message-State: ALQs6tD+5odmnM6YEO51hhrQUbnMiah7uMwwXg25IlxoTxNMzECHIlm4 P9x0mI+tG7rw5iYr7+t2fNSLOQlI2cmIKo6ATQc= X-Google-Smtp-Source: AIpwx49CXra47ru2wYkKM/8FY8Jo+klBfcGafdpDWZQwZgKie+dH6GCVkueiX3DpjxLwV3+1b9dZ2vwCpIJGVkAqtn8= X-Received: by 10.13.235.204 with SMTP id u195mr1987835ywe.302.1522847896885; Wed, 04 Apr 2018 06:18:16 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:2e48:0:0:0:0:0 with HTTP; Wed, 4 Apr 2018 06:18:16 -0700 (PDT) From: William Dudley Date: Wed, 4 Apr 2018 09:18:16 -0400 Message-ID: Subject: Re: my Let's Encrypt certs "broken" overnight! - SOLVED To: freebsd@dreamchaser.org, Olivier Nicole , joh.hendriks@gmail.com Cc: freebsd-questions , Robert Vangel Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Apr 2018 13:18:18 -0000 All, The problem is "fixed", for now. Mr Vangel had the right answer: my cert is for njsbmwr.dudley.nu and www.njsbmwr.org but NOT for just plain njsbmwr.org, and when I included a stanza to redirect https://njsbmwr.org to https://www.njsbmwr.org, Apache/mod_ssl had a hissy fit and threw all of it's toys out of the pram. This was "working" before, so apparently mod_ssl has changed and now disallows this (invalid) configuration. I had to comment out this stanza to get things running again: ServerName njsbmwr.org Redirect permanent / https://www.njsbmwr.org/ So I'll amend my cert to add njsbmwr.org and then I can re-enable that stanza again. Thank you all for your help. Bill Dudley hobby sysadmin This email is free of malware because I run Linux. On Tue, Apr 3, 2018 at 11:56 PM, Gary Aitken wrote: > On 04/03/18 07:48, William Dudley wrote: > > I had letsencrypt certs for most of the sites I host, and they were >> working fine until a recent upgrade -- either apache 2.4 or openssl >> changed and now things are hosed. >> >> An example: >> >> I host www.njsbmwr.org. I have a "test" URL for development, >> njsbmwr.dudley.nu. Both share the same certificates, or at least, >> they used to. >> >> Now, if I uncomment the section for >> www.njsbmwr.org, apache throws an error and won't start. If I >> comment the section out, apache is happy but www.njsbmwr.org doesn't >> serve https pages. >> >> njsbmwr.dudley.nu has almost the identical >> section, and it works fine as https://njsbmwr.dudley.nu >> >> The apache error I get when I enable the section >> for www.njsbmwr.org is: >> >> [Tue Apr 03 09:13:29.141783 2018] [ssl:emerg] [pid 49861] AH02572: >> Failed to configure at least one certificate and key for >> njsbmwr.org:80 [Tue Apr 03 09:13:29.141947 2018] [ssl:emerg] [pid >> 49861] SSL Library Error: error:140A80B1:SSL >> routines:SSL_CTX_check_private_key:no certificate assigned [Tue Apr >> 03 09:13:29.141982 2018] [ssl:emerg] [pid 49861] AH02312: Fatal error >> initialising mod_ssl, exiting. AH00016: Configuration Failed >> >> Here's the section that causes failure: >> >> ServerAdmin webmaster@dudley.nu ServerName >> www.njsbmwr.org DocumentRoot /usr/local/www/njsbmwr.dudley.nu Alias >> /.well-known/ /usr/local/www/.well-known/ ScriptAlias /cgi-bin/ >> "/usr/local/www/njsbmwr.dudley.nu/cgi-bin/" SSLEngine on >> SSLCertificateFile \ "/usr/local/etc/letsencrypt/live/ >> njsbmwr.dudley.nu/cert.pem" SSLCertificateKeyFile \ >> "/usr/local/etc/letsencrypt/live/njsbmwr.dudley.nu/privkey.pem" >> SSLCertificateChainFile \ "/usr/local/etc/letsencrypt/live/ >> njsbmwr.dudley.nu/fullchain.pem" SSLOptions +StdEnvVars BrowserMatch >> "MSIE [2-5]" \ nokeepalive >> ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog >> "/var/log/njsbmwr.dudley.nu-httpd-ssl_request.log" \ "%t %h >> %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" Header set >> Content-Security-Policy "default-src 'self'; script-src 'self' 'u >> nsafe-inline' pagead2.googlesyndication.com www.google-analytics.com >> *.cloudflar e.com www.paypal.com; img-src 'self' *.crystalbrook.com >> www.paypalobjects.com" Header set X-Frame-Options SAMEORIGIN Header >> set X-XSS-Protection "1; mode=block" Header set >> X-Content-Type-Options nosniff ErrorDocument 404 >> /errormessages/oatmeal_404.html ErrorDocument 500 >> /errormessages/oatmeal_500.html ErrorDocument 503 >> /errormessages/oatmeal_503.html ErrorLog >> /var/log/njsbmwr.dudley.nu-error_log CustomLog >> /var/log/njsbmwr.dudley.nu-access_log combined > "/usr/local/www/njsbmwr.dudley.nu"> Options +ExecCGI +FollowSymLinks >> +Includes +Indexes -SymLinksIfOwnerMatc h AllowOverride All >> Order allow,deny Allow from all >> >> The ONLY difference between this section, that doesn't work, and the >> section that DOES work is the ServerName line: >> >> < ServerName njsbmwr.dudley.nu --- >> >>> ServerName www.njsbmwr.org >>> >> > Not sure this will help, but it might be worth trying. > I had a somewhat similar but not exactly the same issue and resolved > it by being more explicit in the VirtualHost assignments. You might > try doing each separately and pointing to the same certs: > > ... > > and repeat for njsbmwr.dudley.nu:443 > Apache 2.4 (not sure about earlier releases) uses the first match it > finds for the . So *:443 will match both, and the server > name won't match for one of them. > > Gary > > From owner-freebsd-questions@freebsd.org Wed Apr 4 15:37:24 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C736EF97AE3 for ; Wed, 4 Apr 2018 15:37:23 +0000 (UTC) (envelope-from web@3dresearch.com) Received: from smtpe.telissant.net (colgada.3dresearch.com [104.225.1.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 65FB781B03 for ; Wed, 4 Apr 2018 15:37:22 +0000 (UTC) (envelope-from web@3dresearch.com) Received: from smtpe.telissant.net (localhost [127.0.0.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtpe.telissant.net (Postfix) with ESMTPS id 3666E3ACC8 for ; Wed, 4 Apr 2018 11:26:00 -0400 (EDT) Received: from elettra.3dresearch.com (unknown [71.112.242.72]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: elettra@colgada.3dresearch.com) by smtpe.telissant.net (Postfix) with ESMTPSA id 17F273AC91 for ; Wed, 4 Apr 2018 11:26:00 -0400 (EDT) Received: from elettra.3dresearch.com (localhost [127.0.0.1]) by elettra.3dresearch.com (Postfix) with SMTP id 6CC853258EF for ; Wed, 4 Apr 2018 11:25:59 -0400 (EDT) Date: Wed, 4 Apr 2018 11:25:52 -0400 From: Janos Dohanics To: FreeBSD Questions Subject: smartctl -a new(?) hard drive Message-Id: <20180404112552.bad38df28d283d590b69104d@3dresearch.com> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.31; amd64-portbld-freebsd10.4) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Apr 2018 15:37:24 -0000 Hello, bought what I was told a new hard drive, after installation I ran a long test, and smartctl -a shows something curious: # smartctl -a /dev/ada0 smartctl 6.6 2017-11-05 r4594 [FreeBSD 11.1-STABLE amd64] (local build) Copyright (C) 2002-17, Bruce Allen, Christian Franke, www.smartmontools.org === START OF INFORMATION SECTION === Model Family: Hitachi Ultrastar 7K3000 Device Model: Hitachi HUA723020ALA641 Serial Number: YGGPGNMA LU WWN Device Id: 5 000cca 224c9c2d8 Firmware Version: MK7OA840 User Capacity: 2,000,398,934,016 bytes [2.00 TB] Sector Size: 512 bytes logical/physical Rotation Rate: 7200 rpm Form Factor: 3.5 inches Device is: In smartctl database [for details use: -P show] ATA Version is: ATA8-ACS T13/1699-D revision 4 SATA Version is: SATA 2.6, 6.0 Gb/s (current: 6.0 Gb/s) Local Time is: Tue Apr 3 15:03:47 2018 EDT SMART support is: Available - device has SMART capability. SMART support is: Enabled [...] ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE 1 Raw_Read_Error_Rate 0x000b 100 100 016 Pre-fail Always - 0 2 Throughput_Performance 0x0005 100 100 054 Pre-fail Offline - 0 3 Spin_Up_Time 0x0007 100 100 024 Pre-fail Always - 0 4 Start_Stop_Count 0x0012 100 100 000 Old_age Always - 1 5 Reallocated_Sector_Ct 0x0033 100 100 005 Pre-fail Always - 0 7 Seek_Error_Rate 0x000b 100 100 067 Pre-fail Always - 0 8 Seek_Time_Performance 0x0005 100 100 020 Pre-fail Offline - 0 9 Power_On_Hours 0x0012 100 100 000 Old_age Always - 12 10 Spin_Retry_Count 0x0013 100 100 060 Pre-fail Always - 0 12 Power_Cycle_Count 0x0032 100 100 000 Old_age Always - 1 192 Power-Off_Retract_Count 0x0032 100 100 000 Old_age Always - 1 193 Load_Cycle_Count 0x0012 100 100 000 Old_age Always - 1 194 Temperature_Celsius 0x0002 181 181 000 Old_age Always - 33 (Min/Max 18/39) 196 Reallocated_Event_Count 0x0032 100 100 000 Old_age Always - 0 197 Current_Pending_Sector 0x0022 100 100 000 Old_age Always - 0 198 Offline_Uncorrectable 0x0008 100 100 000 Old_age Offline - 0 199 UDMA_CRC_Error_Count 0x000a 200 200 000 Old_age Always - 0 SMART Error Log Version: 1 No Errors Logged SMART Self-test log structure revision number 1 Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error # 1 Extended offline Completed without error 00% 7 - # 2 Short offline Completed without error 00% 47066 - If Power_On_Hours is 12, how could there have been a Short offline test done at LifeTime hour 47066 (which I certainly didn't do)? -- Janos Dohanics From owner-freebsd-questions@freebsd.org Wed Apr 4 14:12:36 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7A7E8F920E6 for ; Wed, 4 Apr 2018 14:12:36 +0000 (UTC) (envelope-from gary@hayers.org) Received: from mailout.easydns.com (mailout.easydns.com [64.68.203.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 20A507DD70 for ; Wed, 4 Apr 2018 14:12:35 +0000 (UTC) (envelope-from gary@hayers.org) Received: from localhost (localhost [127.0.0.1]) by mailout.easydns.com (Postfix) with ESMTP id 0B6EAE75AB; Wed, 4 Apr 2018 14:07:23 +0000 (UTC) Received: from mailout.easydns.com ([127.0.0.1]) by localhost (emo11-pco.easydns.vpn [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7T52WKfK4ESX; Wed, 4 Apr 2018 14:07:23 +0000 (UTC) Received: from mx1.hayers.org (cpc115704-tilb12-2-0-cust806.20-1.cable.virginm.net [82.14.143.39]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout.easydns.com (Postfix) with ESMTPSA id 6A38DE6B84; Wed, 4 Apr 2018 14:07:13 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mx1.hayers.org (Postfix) with ESMTP id 66BD1222DCA; Wed, 4 Apr 2018 15:07:12 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hayers.org; s=hayers; t=1522850832; bh=OJztZyCHGYaMVLAeQulek616hqucKjdOZm2cU6aWtCs=; h=Date:Subject:In-Reply-To:From:To:Cc; b=bV1tfD6V+4RPGyIe+m2WbuHNKIl0EJ4ys0JbXK2FXDYIaOj5gJikwt67ZACLGkiUE KYqglHmYdj/IXkgKbmSaZDzGOmKRMYwaRtjmfPeEk43uI2XrJou0Q3uel1G5fsMF+E kusIm3QyGL4m8g85is3ysQx+m5wDUfKZ/ifciGZI= Received: from mx1.hayers.org ([127.0.0.1]) by localhost (mx1.hayers.org [127.0.0.1]) (maiad, port 10024) with ESMTP id 85236-10; Wed, 4 Apr 2018 15:07:11 +0100 (BST) Received: from [IPv6:2a01:4c8:102c:c116:c148:4edd:2831:2edf] (unknown [213.205.240.239]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: gary@hayers.org) by mx1.hayers.org (Postfix) with ESMTPSA id AA622222DC5; Wed, 4 Apr 2018 15:07:10 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hayers.org; s=hayers; t=1522850831; bh=OJztZyCHGYaMVLAeQulek616hqucKjdOZm2cU6aWtCs=; h=Date:Subject:In-Reply-To:From:To:Cc; b=Z1DebAcpHvc2z+BasaAwMl2KLUsFpbV62AwpqTCE9j8KuwKkBQtmPicV9iSBhMnVb gGvGZ5MMrfT+4ucTpA5HCa8VUAEiEW0H5COoTjNKsIKaFyzEDHyex2tM/Jgn0fV0mT KxxAIYARilcZhVeEqjI3VxxObp+xMGltBxfZaLdA= Date: Wed, 04 Apr 2018 15:07:08 +0100 Subject: Re: my Let's Encrypt certs "broken" overnight! - SOLVED Message-ID: <4ae17171-0b29-4970-9f59-7164b79ec6d2@email.android.com> X-Android-Message-ID: <4ae17171-0b29-4970-9f59-7164b79ec6d2@email.android.com> In-Reply-To: From: "Gary J. Hayers" To: William Dudley Cc: freebsd@dreamchaser.org, Olivier Nicole , joh.hendriks@gmail.com, Robert Vangel , freebsd-questions Importance: Normal X-Priority: 3 X-MSMail-Priority: Normal X-Virus-Scanned: ClamAV-SpamAssassin (Unix/FreeBSD) X-Mailman-Approved-At: Wed, 04 Apr 2018 15:40:16 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Apr 2018 14:12:36 -0000 From owner-freebsd-questions@freebsd.org Wed Apr 4 19:16:06 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4F0CEF6EC81 for ; Wed, 4 Apr 2018 19:16:06 +0000 (UTC) (envelope-from michael.anderson@aptalleads.com) Received: from sg2nlshrout01.shr.prod.sin2.secureserver.net (sg2nlshrout01.shr.prod.sin2.secureserver.net [182.50.132.193]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3BB536ED2E for ; Wed, 4 Apr 2018 19:16:04 +0000 (UTC) (envelope-from michael.anderson@aptalleads.com) Received: from sg2plcpnl0088.prod.sin2.secureserver.net ([182.50.151.65]) by : HOSTING RELAY : with SMTP id 3nl3fKDZNkRjr3nl3fC63M; Wed, 04 Apr 2018 12:07:45 -0700 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=aptalleads.com; s=default; h=Content-Type:MIME-Version:Message-ID:Date: Subject:To:From:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=rFb6r5TgfflpSUWLNz0gx9gJhceU2QZmmVKJ43q+Yt4=; b=iZb+4DV2hFNPH2MOSrjZeG4GUs xjxROUkHp0mrPAb5KrcqypT8f3isP3DquWVU7wBKFNasm0Ghx6QzlXKUZwnz6KEC9pkzEHD7XBcp+ eITO5OqlsmGTXT1XW/JWP/UskV6VLwQ/WLecTbRDN3cj8EocIhPdgvJ0W7tVjo3m7tmJVylzClHBQ w+tUq7NZcYv8dwnZZhopnjrsUC55idwsdm4ksT+J2u4lOm3weT3vRS2ajAt8Pfw0F2cqfeBHv3ZG4 jXyQGb+OhSabbufq0qv2HeYuPR4xtLstezbO3i9ejiiWNn4hzq6zuRd796xUebQWR1pjoTJZkoCVg AaXRD0xA==; Received: from [106.51.16.89] (port=14788 helo=AdminPC) by sg2plcpnl0088.prod.sin2.secureserver.net with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.89_1) (envelope-from ) id 1f3nkf-001bS8-NE for freebsd-questions@freebsd.org; Wed, 04 Apr 2018 12:07:21 -0700 From: "Michael Anderson" To: Subject: =?us-ascii?Q?Internet_Retailer_Conference_&_Exhibition_-_IRCE_2018?= Date: Wed, 4 Apr 2018 15:07:11 -0400 Message-ID: MIME-Version: 1.0 X-Mailer: Microsoft Outlook 14.0 Thread-Index: AdPMSCFzcbZeNLpBT0G+ZbLWxSu8yA== Content-Language: en-us X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - sg2plcpnl0088.prod.sin2.secureserver.net X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - aptalleads.com X-Get-Message-Sender-Via: sg2plcpnl0088.prod.sin2.secureserver.net: authenticated_id: michael.anderson@aptalleads.com X-Authenticated-Sender: sg2plcpnl0088.prod.sin2.secureserver.net: michael.anderson@aptalleads.com X-Source: X-Source-Args: X-Source-Dir: X-CMAE-Envelope: MS4wfE6CLqY/ivfCoAqafPIgFJCL1VJsIUjA0zDi2Ir9GgpZMz84DyEHS7J2Khtb1oTHN9K0bZVunJQA8WF/s0r6d6nLFK3JQHMrHixQVUuZWRG3gvneI03Z J6/6AMGwfQpjKQHLXP4zVoc9FTyKCSReWxlH7WXGG+i9aalO+94xSWo1bLAMSYBqGQJ6G02ZvPO9fBXGgyjq1Eu3+Dd7HkgzYrPggXZg0Wehmy15RyzsbU95 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Apr 2018 19:16:06 -0000 Hello, Would be interested in the "Attendees Mailing List of Internet Retailer Conference & Exhibition - IRCE 2018?" Data Consists: First Name, Last Name, Company Name, Web Address, Job Title, Phone Number, Address, SIC Code and Most Importantly verified email address. Let me know your interest to send you the number of attendees and cost. Awaiting your reply Regards, Michael Anderson, Marketing Executive. If you do not wish to receive future emails from us, reply as 'leave out' From owner-freebsd-questions@freebsd.org Thu Apr 5 02:02:33 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BF2C3F89D35 for ; Thu, 5 Apr 2018 02:02:33 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) Received: from relay2.tomsk.ru (mail.sibptus.tomsk.ru [212.73.124.5]) by mx1.freebsd.org (Postfix) with ESMTP id 0D36F802A7 for ; Thu, 5 Apr 2018 02:02:32 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) X-Virus-Scanned: by clamd daemon 0.98.5_1 for FreeBSD at relay2.tomsk.ru Received: from [212.73.125.240] (HELO admin.sibptus.transneft.ru) by relay2.tomsk.ru (CommuniGate Pro SMTP 5.1.16) with ESMTPS id 39980081 for freebsd-questions@freebsd.org; Thu, 05 Apr 2018 09:02:30 +0700 Received: from admin.sibptus.transneft.ru (sudakov@localhost [127.0.0.1]) by admin.sibptus.transneft.ru (8.15.2/8.15.2) with ESMTP id w3522Smj066295 for ; Thu, 5 Apr 2018 09:02:30 +0700 (+07) (envelope-from vas@mpeks.tomsk.su) Received: (from sudakov@localhost) by admin.sibptus.transneft.ru (8.15.2/8.15.2/Submit) id w3522OfB066286 for freebsd-questions@freebsd.org; Thu, 5 Apr 2018 09:02:24 +0700 (+07) (envelope-from vas@mpeks.tomsk.su) X-Authentication-Warning: admin.sibptus.transneft.ru: sudakov set sender to vas@mpeks.tomsk.su using -f Date: Thu, 5 Apr 2018 09:02:24 +0700 From: Victor Sudakov To: freebsd-questions@freebsd.org Subject: Re: Solved. Re: Dualboot and ZFS Message-ID: <20180405020224.GA66003@admin.sibptus.transneft.ru> References: <20180319171027.GA84127@admin.sibptus.transneft.ru> <20180320094625.GA24463@admin.sibptus.transneft.ru> <20180321061231.GA73086@admin.sibptus.transneft.ru> <20180322015043.GA16501@admin.sibptus.transneft.ru> <20180326051938.GA15473@admin.sibptus.transneft.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Organization: AO "Svyaztransneft", SibPTUS X-PGP-Key: http://www.dreamwidth.org/pubkey?user=victor_sudakov X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 User-Agent: Mutt/1.9.3 (2018-01-21) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Apr 2018 02:02:33 -0000 I think both the articles https://wiki.freebsd.org/RootOnZFS/ZFSBootPartition and https://wiki.freebsd.org/RootOnZFS/ZFSBootSlice are incomplete and excessive. I suggest merging and rewriting them. Below is my attepmt of a rewrite: https://bitbucket.org/victor_sudakov/faq/src/tip/FreeBSD/Installing_FreeBSD_Root_on_ZFS_using_FreeBSD-ZFS_partition_in_a_FreeBSD_MBR_Slice.txt If anybody cares please have a look at it. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859 From owner-freebsd-questions@freebsd.org Thu Apr 5 02:27:31 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2FFC0F8BB42 for ; Thu, 5 Apr 2018 02:27:31 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from nightmare.dreamchaser.org (ns.dreamchaser.org [66.109.141.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "nightmare.dreamchaser.org", Issuer "nightmare.dreamchaser.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 85CAF81284 for ; Thu, 5 Apr 2018 02:27:30 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from breakaway.dreamchaser.org (breakaway [192.168.151.122]) by nightmare.dreamchaser.org (8.15.2/8.15.2) with ESMTP id w352RSP9064707 for ; Wed, 4 Apr 2018 20:27:28 -0600 (MDT) (envelope-from freebsd@dreamchaser.org) To: FreeBSD Mailing List Reply-To: freebsd@dreamchaser.org From: Gary Aitken Subject: sendmail certs -- which letsencrypt cert to use for ca Message-ID: <655c9be3-ece7-eeab-300f-56be88c3267f@dreamchaser.org> Date: Wed, 4 Apr 2018 20:26:47 -0600 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Apr 2018 02:27:31 -0000 I'm wanting to switch the self-certified certs generated by sendmail when it first starts over to ones certified via letsencrypt. Letsencrypt generates four files: cert.pem, privkey,pem, chain.pem and fullchain.pem As I understand it, chain.pem contains intermediates, and fullchain contains the main cert + intermediates. Sendmail's generated certs consist of a cert, a privkey, and a CA. Which of chain.pem or fullchain.pem should be used for the CA, or will either work? Thanks, Gary From owner-freebsd-questions@freebsd.org Thu Apr 5 02:48:47 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1BAC3F80290 for ; Thu, 5 Apr 2018 02:48:47 +0000 (UTC) (envelope-from Olivier.Nicole@cs.ait.ac.th) Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7D636822A1 for ; Thu, 5 Apr 2018 02:48:44 +0000 (UTC) (envelope-from Olivier.Nicole@cs.ait.ac.th) Received: from mail.cs.ait.ac.th (localhost [127.0.0.1]) by mail.cs.ait.ac.th (Postfix) with ESMTP id 94F2161F84; Thu, 5 Apr 2018 09:40:44 +0700 (+07) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.ait.ac.th; h= content-type:content-type:mime-version:message-id:date:date :in-reply-to:subject:subject:from:from:received:received :received; s=selector1; t=1522896044; x=1524710445; bh=4IKkBAjSH c2txhf0KI33Fbqx+Qj0MZpp8huykrf//lk=; b=Sf+DhAxevqoyutOLBCAPugLZw FdJxLCWCT4YaQZFWMWSp5XPg+TnK1SBCw4biYgBZEFLOO9ZS1kDx/5f2EFlQ7/LH oNihwk0sXO/wkZ6QUzTEAd3yqnY7WP9bxZcmHIdx1iava+iCJ+ayV2D8ZsE3jBF5 gxVej/G5NB3mM0cLL8= X-Virus-Scanned: amavisd-new at cs.ait.ac.th Received: from mail.cs.ait.ac.th ([127.0.0.1]) by mail.cs.ait.ac.th (mail.cs.ait.ac.th [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id L2X7fCx3iZM3; Thu, 5 Apr 2018 09:40:44 +0700 (+07) Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.cs.ait.ac.th (Postfix) with ESMTPS id EBC2A61F83; Thu, 5 Apr 2018 09:40:43 +0700 (+07) Received: (from on@localhost) by banyan.cs.ait.ac.th (8.15.2/8.15.2/Submit) id w352eh9L089335; Thu, 5 Apr 2018 09:40:43 +0700 (ICT) (envelope-from on@banyan.cs.ait.ac.th) From: Olivier To: freebsd@dreamchaser.org Cc: freebsd-questions@freebsd.org Subject: Re: sendmail certs -- which letsencrypt cert to use for ca In-Reply-To: <655c9be3-ece7-eeab-300f-56be88c3267f@dreamchaser.org> (message from Gary Aitken on Wed, 4 Apr 2018 20:26:47 -0600) Date: Thu, 05 Apr 2018 09:40:42 +0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Apr 2018 02:48:47 -0000 Gary Aitken writes: > I'm wanting to switch the self-certified certs generated by sendmail > when it first starts over to ones certified via letsencrypt. > Letsencrypt generates four files: > cert.pem, privkey,pem, chain.pem and fullchain.pem > As I understand it, chain.pem contains intermediates, and fullchain > contains the main cert + intermediates. > Sendmail's generated certs consist of a cert, a privkey, and a CA. > Which of chain.pem or fullchain.pem should be used for the CA, or > will either work? You should use the shortest of the two files. I never tested with sendmail, but that's what I do with postfix, Courrier Imap, LDAp, Apache, FreeRadius... Depending on the tool you use to create your Let's Encrypt certificate, the name of the files may vary, but the size difference should be consistent. As you have been using self signed certificates in the past, you know how to create a private key and a certificate request, so I would suggest that you apply to a certificate by using your own certificate request, that way, you are sure that let's Encrypt will never see your private key. At leat acme.sh (on GitHub) allows you to submit your own CSR. Best regards, Olivier From owner-freebsd-questions@freebsd.org Thu Apr 5 08:50:15 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 50281F963BA for ; Thu, 5 Apr 2018 08:50:15 +0000 (UTC) (envelope-from freebsd.ed.lists@sumeritec.com) Received: from mx12-out4.antispamcloud.com (mx12-out4.antispamcloud.com [46.165.232.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 64A7D707F6 for ; Thu, 5 Apr 2018 08:50:13 +0000 (UTC) (envelope-from freebsd.ed.lists@sumeritec.com) Received: from [153.92.8.106] (helo=srv31.niagahoster.com) by mx18.antispamcloud.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1f40Lc-000868-5o; Thu, 05 Apr 2018 10:34:29 +0200 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sumeritec.com; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:References:In-Reply-To:Message-ID:Subject:Cc:To:From:Date:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=f/gzB/4AIJsBo/J3b2a5B1+tpSNKkI8kGQMjaxwLIUQ=; b=BBtryF88C5AbIzNWUSeyc5uvRT r++HXrTKUbLWTKK6n0WjM5SUMCP/uYPQXVA1VA6K7KyXcGjEAV/fUc4X5YzWeamUe0D+D8qy/1b6P +hSt3V30n4o/djiEZrxi5tUMdFd+7S2knheCQifwA5rN9h763k0lJMZejpQVXr+PhyT0ugmM+mZzN IN1//b8sStJEddqZUAwMpx5fFtCfoBfEuHWZkvmN6PwmC+8SKr4wOJRLRHZ6axKzE06MdBlFLEWDt GytwXZGw2fN7EDFQ0gVuRQuGyMg3lGboyNeAW5S7gr3tbrLwO1uxR61XighEmkwdyN1igc/DKy126 mGyps2uA==; Received: from [114.125.118.83] (port=14555 helo=X220.sumeritec.com) by srv31.niagahoster.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89_1) (envelope-from ) id 1f40Kk-0003MI-8F; Thu, 05 Apr 2018 15:33:30 +0700 Date: Thu, 5 Apr 2018 16:33:23 +0800 From: Erich Dollansky To: "Jean M. Vandette" Cc: "freebsd-questions@freebsd.org" Subject: Re: gpart recovery FreeBSD 7.4 Message-ID: <20180405163323.6d609aac.freebsd.ed.lists@sumeritec.com> In-Reply-To: References: <6b89534c97b14e51b67581e34efac71c@securenet.net> <20180330221523.0b5f8fdd.freebsd.ed.lists@sumeritec.com> <20180331070140.00a1b6fa.freebsd.ed.lists@sumeritec.com> <20180331204056.619965d1.freebsd.ed.lists@sumeritec.com> <3856200b233947ca939e1c5ffa152661@securenet.net> <20180402115102.08679f26.freebsd.ed.lists@sumeritec.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-OutGoing-Spam-Status: No, score=-0.5 X-AuthUser: freebsd.ed.lists@sumeritec.com X-Originating-IP: 153.92.8.106 X-AntiSpamCloud-Domain: out.niagahoster.com X-AntiSpamCloud-Username: niaga Authentication-Results: antispamcloud.com; auth=pass (login) smtp.auth=niaga@out.niagahoster.com X-AntiSpamCloud-Outgoing-Class: ham X-AntiSpamCloud-Outgoing-Evidence: SB/global_tokens (0.00245779783294) X-Recommended-Action: accept X-Filter-ID: EX5BVjFpneJeBchSMxfU5mkkE8wL1godjyi/SpqURRF602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx q3u0UDjvO4WVEjIK39e0l3PJA6vYUNi1gthAiUJtF1GFtCwOi7APvyegFAN3MVG+8Mu8M+ESLE+f zSH/OCabdgYrKxSFlmxprZdPWqTAoPoTgl30IzxbRViOeu+3Pcv7FIFtzbGKRol9wd8Cdu9P7nDm 4wCNFvoS2TIc5KWIJ11Cs3TsJMjT3sbskoLsCzHbimU89cr33UxgANYCyD585IGoHNHA90K+ebhG qw0UC+6i7tkVEyBKGYJwT+HFpsvK90gWDRA4t76lEaoB788kk1VRHzrv8x5evune9FPWQSxbftJN ZtX4PAOCjUgciZoe1nbnonHdmEwzxPv6OleYcjgzAbIebFgNNF1hrtK2exjyNIotpcZL3SchrURu qdL96VaxtgWgO3W2G/SF32BkaVUv9IQODMJsRr9zM+HGRWbAGONHhwApjBuk5bXsCnGNY+5RPg8h 429iyhVZ8lAxY+DLBUMUojVpwWXpE+sdjNmnXWjiNaLzIK/1NH5THMtlYvyHAYGOGhqwwOt5mnSi S8T1QVRmdeOv06YXCtvBxtUdj+Ic9zxyMEMlKi6835ZiHPghZPt/9Rplmyj/66eQ+NKl2Jhr5SIJ voAFnhsF/0cUCsPjix1TadA/EvtJPWPoku1pwT3+hUbB4zKVFRi9orf1aSqb0J+btx4/Z8xxRAix FfBDgof7KlTqEM8Kwl2Y3kwGRmIDcAFOQ2VJ1kf0ZSoTHDWqYPQSCRLGpIBdVBqbQHXH2A4hPAlb DjazCbhs7qBpykynMtXsg+yXEIpWCtNkmJkoldbnJdtctk8JjMSc/oFNcCm/gQZBDUGLo6ipfKxY +dLa0kAPDwuTQXrMTv4HNiPj/Knr+fsTS1+yfNEq1BOL1ujFmdHRKsGOJXpaG9BK7baKKbcBEWV0 kg2S+3kuHgGwV8vIUHTtNqUb/52yv3F1/uo0a/fzJ+u9K4BM0a7D+GEanceNbZ/9CTrbPVJarWw7 w9w= X-Report-Abuse-To: spam@quarantine1.antispamcloud.com X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Apr 2018 08:50:15 -0000 Hi, On Tue, 3 Apr 2018 04:14:01 +0000 "Jean M. Vandette" wrote: > Erich > > Found an old post on partition repair > > https://forums.freebsd.org/threads/partition-repair.5869/ > > Got the scan_ffs an here are the results: > > root@central:~ # scan_ffs -l /dev/mfid0 > X: 2097152 9786530 4.2BSD 2048 16384 0 # / > X: 2097152 9787042 4.2BSD 2048 16384 0 # / > X: 4194304 12232866 4.2BSD 2048 16384 0 # /tmp > X: 41943040 17126306 4.2BSD 2048 16384 0 # /usr > X: 42068388 17126818 4.2BSD 2048 13350 0 # /usr > X: 62914560 66061474 4.2BSD 2048 16384 0 # /usr/local > X: 83886080 139462050 4.2BSD 2048 16384 0 # /var > X: 1258291200 237328290 4.2BSD 2048 16384 0 # /usr/local/system > X: 21973958460 1705333922 4.2BSD 2048 16384 0 # /usr/local/storage > X: 21973958460 1705334434 4.2BSD 2048 16384 0 # /usr/local/storage > > The gpart show is > > => 40 27341619120 mfid0 GPT (13T) > 40 128 1 freebsd-boot (64K) > 168 8388602 2 freebsd-swap (4.0G) > 8388770 2097152 3 freebsd-ufs (1.0G) > 10485922 4194304 4 freebsd-ufs (2.0G) > 14680226 41943040 5 freebsd-ufs (20G) > 56623266 62914560 6 freebsd-ufs (30G) > 119537826 83886080 7 freebsd-ufs (40G) > 203423906 1258291200 8 freebsd-ufs (600G) > 1461715106 25879904054 9 freebsd-ufs (12T) > > It seems to differ from the scan of the file system > > Your thoughts? it is more your thoughts. Does this sound reasonable for you? This program did actually what I suggested to be done manually. It all is a dangerous thing if you are not able to save at least the crucial sectors via dd. Gpart actually shows you at the least the starting sectors (blocks) of each partition. If you would save at least always some MB starting there, you will have a chance later to fix things in case of. Erich From owner-freebsd-questions@freebsd.org Thu Apr 5 14:05:58 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DB5B1F87F42 for ; Thu, 5 Apr 2018 14:05:57 +0000 (UTC) (envelope-from mailing-2387742-150459050-77c00c095a@newsletters.alruwad.ae) Received: from eur-kvi200.lnmailer.net (eur-kvi200.lnmailer.net [85.131.41.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 61E487D830 for ; Thu, 5 Apr 2018 14:05:57 +0000 (UTC) (envelope-from mailing-2387742-150459050-77c00c095a@newsletters.alruwad.ae) Received: from eur-kvi200.vdk.fi (localhost [127.0.0.1]) by eur-kvi200.lnmailer.net (Postfix) with ESMTP id BA871249C0 for ; Thu, 5 Apr 2018 17:03:23 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=alruwad.ae; h= list-unsubscribe:mime-version:reply-to:to:subject:from:date; s= a.mailpv; bh=dRYQurIUQ+4b9+a2zDHAfwc10Kc=; b=TeJnuahSaBUDRO6duPi tMKuCQsZfK9VUVM902R47ELGTqFjyfJdxFXp9kQ/WKnZMNs9/Ypt8iITrRqd/71e HNvfHM5i0LkJ+wQo57pTNym6k8sAZ7/QYDlHK1rDiNw5DyWeOGH+OOlembdY36RA 8eR1q+r60h0idcSCzTxkIE8g= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=mailpv.net; h= list-unsubscribe:mime-version:reply-to:to:subject:from:date; s= newsletter; bh=dRYQurIUQ+4b9+a2zDHAfwc10Kc=; b=KZjtPoe0fxw9itNMJ DB6KhV77lY2esAulj73Ry06HW2MLh05TZAvq6NwQ2kJ3wJMnLSMPjyGHn0eaPBhf xeIf1UUh6s/9+fOdX9/4hILIzMM78LNe5tX1xFC6/60/NmKVejPr8vxUEx2rpc6N 7ImWGpFn1unj3/E72FUzGZgu88= MIME-Version: 1.0 Reply-To: info@alruwadoffplan.com To: freebsd-questions@freebsd.org Subject: Your Investment Opportunity - Sunrise Bay Tower 2 Launching Soon From: "Sunrise Bay at Emaar Beachfront" Message-Id: <0000005ac62cab-4-cc-s2ppn6-2387742-150459050@newsletters.alruwad.ae> Date: Thu, 05 Apr 2018 16:15:51 +0300 (EEST) Content-Type: text/plain; charset=ascii Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Apr 2018 14:05:58 -0000 View in Your Browser http://newsletters.alruwad.ae/a/s/150459050-7604229403= d54ef5c3c29b3397d0a42b/2432056 We are pleased to announce the release of SUNRISE BAY Tower 2 AT EMAAR BEACHFRONT on Sunday 8th April 2018 A premium twin tower of 26 storeys, Sunrise Bay is set only a few steps away from the vibrant marina. The beautifully crafted building blends artfully with its beachfront setting and offers gorgeous views of Dubai Marina and the open sea. Choose between 1,2, 3 and 4-bedroom premium apartments, nothing say luxury beachfront living like a home in Sunrise Bay. **Handover in 2021 5% to Book | 50% on Handover Get the best unit at Sunrise Bay Tower 2, Today [ Are you Interested? http://newsletters.alruwad.ae/go/14533563-559804-150459= 050 ] Why Invest in Sunrise Bay? ++++++++++++++++++++++++++ 1. Prime Location 2. Incredible Views from Apartments 3. Reputable Developer with Proven Track Record 4. Direct Beach Access 5. Tourism-driven Community 6. Flexible Payment Plan No Comission | Direct Sale | Local Mortgage Assistance Call/Whatsapp US TO SECURE YOUR UNIT NOW +971508747474 http://newsletters.alruwad.ae/go/14533562-1946929-150459050=20 Let's Talk =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Tel: +9714 343 0111 tel:+97143430111 Mob: +971 50874 7474 tel:+9718747474 info@alruwad.ae mailto:info@alruwad.ae Quick Link =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D About Alruwad Real Estate http://newsletters.alruwad.ae/go/14533564-153893-= 150459050 RERA Reg. No. 12803 Click here to unsubscribe http://newsletters.alruwad.ae/account/150459050-0= ea5354ff164c3b793a30a9385579790-1062523/2387742 . From owner-freebsd-questions@freebsd.org Fri Apr 6 01:51:29 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8D9E5F94D40 for ; Fri, 6 Apr 2018 01:51:29 +0000 (UTC) (envelope-from starrtennis@gmail.com) Received: from mail-pl0-x22c.google.com (mail-pl0-x22c.google.com [IPv6:2607:f8b0:400e:c01::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0C29A7D175 for ; Fri, 6 Apr 2018 01:51:29 +0000 (UTC) (envelope-from starrtennis@gmail.com) Received: by mail-pl0-x22c.google.com with SMTP id 61-v6so19727900plb.2 for ; Thu, 05 Apr 2018 18:51:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=o89vVTpVpTgSB8SPF4HmoRD0kS/qgsYM/gclkgQjHOU=; b=g5SYyP3f3ZSyzGb4pNtb5v4u3Ih5eFGdE4tarXIFo4LIsShgUTTIsSwaX223gHbCXJ wK0byVimFX0yFWTD3Ne46oCGvB8IqWF8lBeQMnydTTa+q08wwWlxWSTOSOx9Jm7sJzsh n0OJAqcTNQNSZGCLM/zJKRh8BtSpi6XmjExzKj8U34h6aLv6UCliJdB6Rk7ijGoqT5Tu VuWBsojHA+Wqssh3n2YpviAC5WBIYHBh6AlO5AjWBGVPFKZPwfh/Ycv3h6+z42R/tezp 8g17WVugdx2EdMCKD986s++YWkGSajIE3WuZ55vx69WqTHyk0yWT7xDxoXjxYZgzwmCA klKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=o89vVTpVpTgSB8SPF4HmoRD0kS/qgsYM/gclkgQjHOU=; b=KUjOrF3StwjsG82hIYNReRhliNFWMrMmAVmydSlTykvWnoS5hOn9K9Jec2quP8//0U iBxV+kRhBU6nGYe+i9h2bMV0u+Ze0ElEAsUm8qkKfzJwxH0VwmhvR5JcrBdsRckh5v5l bHgEeyAesJZUmktl7APcOlYfFIQW/KyIE2y/X0uyvN+w5O+Sv6Upd0FMgQZSSwC072UL k5bvkNYSs8GOpgY/EOeQlYNyUlyyY3Utov5zMLXfyg95vakcB6rhLhVrt7P95j66Xlpm cg2j91lryJYNuLt15Y6Z8PJmSBHh4q811/ix9y7UKG8ojO50c4o2txHDdJnSZSwfDx7Z KqQA== X-Gm-Message-State: AElRT7G43EpNh8fZRVvPbG4Iw2Ex8BCnxT/zwR7dThWwGr4YR2dU/Akg FHO/VjsFA1u7SByPLk8/P0H14gwtrKUwuHPW5NU= X-Google-Smtp-Source: AIpwx493oZa5nSsadrnvlKabl+oxhRCKTZCrc1jIG98RuL/s+CeSrUhJicnsNrV1IHc/0AXXiZhde2ViaG1JDunRciM= X-Received: by 2002:a17:902:4481:: with SMTP id l1-v6mr25387529pld.43.1522979487880; Thu, 05 Apr 2018 18:51:27 -0700 (PDT) MIME-Version: 1.0 Received: by 10.100.159.73 with HTTP; Thu, 5 Apr 2018 18:51:27 -0700 (PDT) From: Mike Starr Date: Thu, 5 Apr 2018 18:51:27 -0700 Message-ID: Subject: Introduction To: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Apr 2018 01:51:29 -0000 Freebsd, Hello. I have been on the mail list for a while now and am now introducing myself. I have a hacked-up laptop with FreeBSD installed but never saw a manual either in PDF or docstring. How should I go about getting re-started? It's a dual boot. Michael From owner-freebsd-questions@freebsd.org Fri Apr 6 05:24:53 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 72A87F80B65 for ; Fri, 6 Apr 2018 05:24:53 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C5B3685391 for ; Fri, 6 Apr 2018 05:24:52 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de ([92.195.30.67]) by mrelayeu.kundenserver.de (mreue007 [212.227.15.167]) with ESMTPA (Nemesis) id 0MD155-1fCKch3Tql-009ink; Fri, 06 Apr 2018 07:24:44 +0200 Date: Fri, 6 Apr 2018 07:24:44 +0200 From: Polytropon To: Mike Starr Cc: freebsd-questions@freebsd.org Subject: Re: Introduction Message-Id: <20180406072444.fcea1614.freebsd@edvax.de> In-Reply-To: References: Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K1:YrpzHA8PWgSP1UTBZUjO02w80QAHQ2F+U1avGI12N4iMFyYGs8P 0qITDMc1HGbhHfTNcgC+rC9io/NmvX2p8J0d10nDvwi8FW5bRYgUUDUpSQeG3BoDJeEesx/ t6BKuS8DfJ1tqpzwCD5y1L1td1EeIvViFYBNFY7KFoGvT8eXY/s5GmZ0MRUPtgvykz5L9Hu MUjiMkwvzMeWbJFNSZEJA== X-UI-Out-Filterresults: notjunk:1;V01:K0:rxH9KDSu7nI=:sUqT7pMus8IE+3tOLQ1eqc aJFmxvhzJ5X6ihRBUVHGSwOjTzLoxkL1MhuAXlYnXcZ+5kNgqBxFzDnPWhM2L77I0W0OZwf14 +r8nFP7K0zbKLFjxcPkXn14uif63bEvBvBGrzzafWzdOCOHxoXDz4s+ji8qLisWpkCVqge9V7 i6YqiAVdkUieHgkt4wjSUaE0BXw7GnXpsbAkdK3OEVA4GY50KkjGZrqF8KH6rzmSS1FJrUSfo Y1n0/6vEy9MAgGxTZaK6ZMsFqkH0oMrh7yULW25iisw1+awOCjAlqUb3zQsiZa0qvXW6LxRyP XSoNokQS1h03n9qMyAdWVc0Q5jbzuDtNSYMJTDLI62al+vT6i0HFno4GeBLqQFptSdQnDlIms dRKg1s+jvUWwSFzEUZx9K18qjl+w11TmQfLKtAP9pJ9RctQ+KcvxjH8audulgdGbfs6Ek/gVe aRpN18LnI1CuFjbUFkgSzbKnnby5+AYxikeKnZtLYC1lOeBnK7ox7MN6KtrfxuYM5FqjrBOeU vmKgbU95nroaRCy66ERGOub5pfi1BusTxkOQL+JXfyfSDcUU92JMLK6RRrQSqaUhf0MNPzK2Z lGo/tOh8yWZXxldVYaxmUVGhBwa2qHkfPY4e+QwThL1vw333pAueyJXf+3vhco/09YgqueNFn 39bqpmpf9EkNQVyDAtl/VsCBwThG816XNMLbLMfLOD65Q3kVQ1/mZDm2ARqIz6peRwcj2ARQi +dbD4QNKj9NY8p2HHPIumK3u604wt+g6oFETyP9RZIHF2MoZnhTVYPkjRJw= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Apr 2018 05:24:53 -0000 On Thu, 5 Apr 2018 18:51:27 -0700, Mike Starr wrote: > I have a hacked-up laptop with FreeBSD installed but never saw a > manual either in PDF or docstring. How should I go about getting > re-started? FreeBSD comes with manual pages and a handbook locally installed. The cocumentation can be viewed in many formats (typically as formatted text, but also as PDF files or web pages) - the toolchain to do so is part of FreeBSD as well. Here are a few examples for the online resources: https://www.freebsd.org/docs.html https://www.freebsd.org/doc/handbook/ https://www.freebsd.org/cgi/man.cgi The locally installed documentation can be accessed using the well-known methods "man
" and "apropos ". The handbook is present in /usr/doc//. Additional documentation is present in /usr/share/doc and /usr/local/share/doc. > It's a dual boot. FreeBSD doesn't require this for documentation. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Fri Apr 6 08:21:07 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A76ECF90E21 for ; Fri, 6 Apr 2018 08:21:07 +0000 (UTC) (envelope-from verogarcia@consult.com) Received: from consult.com (061093214146.ctinets.com [61.93.214.146]) by mx1.freebsd.org (Postfix) with ESMTP id 97F476C82A for ; Fri, 6 Apr 2018 08:21:05 +0000 (UTC) (envelope-from verogarcia@consult.com) From: verogarcia@consult.com To: freebsd-questions@freebsd.org Subject: Re:Response Date: 06 Apr 2018 16:20:16 +0800 Message-ID: <20180406162016.D451729EF0BE5117@consult.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Apr 2018 08:21:07 -0000 Hello, Please, Let me know if you received my message, I have sent more=20 than 3 messages to you in the last 3 months without response,get=20 back to me Yours, Veronica Garcia From owner-freebsd-questions@freebsd.org Fri Apr 6 11:58:11 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B7399FA0088 for ; Fri, 6 Apr 2018 11:58:11 +0000 (UTC) (envelope-from kraduk@gmail.com) Received: from mail-it0-x232.google.com (mail-it0-x232.google.com [IPv6:2607:f8b0:4001:c0b::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5480E768D9 for ; Fri, 6 Apr 2018 11:58:11 +0000 (UTC) (envelope-from kraduk@gmail.com) Received: by mail-it0-x232.google.com with SMTP id 19-v6so1435993itw.3 for ; Fri, 06 Apr 2018 04:58:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=WqU9u6de5yUOFm5ozDXTXWF3OXgRYvd7pZcUbdJIJWs=; b=VPSGA8djucmkjw+NyKCqNJv2o7ZnWGLGrI/JuynYlfXWx36xNoNQ841jeVXVt60nOw IIa4H2r2aKZlVCDgN+cx76YkFLE+awBS5X9Yg05W9aKwDuK7MFggk9DPG81ecBdRCfHN kYAdYgTUw4B8Omt2YTuF7s6cuKiOXZ4tehv5lPhzDQL/qbSHO6sSfDwm4ecR9rNasTCq mzFjQep6ueW4g/WLT6vrvLLeFKfPJ2qLxEaT1kaEK/I+JeTnQ4xQGf/H8vo01hvCAgoQ YrTqgKsAq5r2rhLNNHwQRCiF76B94WxZC+LLb0kX4SjRFpFfKNKTF4OeZuYyZadijsi+ V2Hw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=WqU9u6de5yUOFm5ozDXTXWF3OXgRYvd7pZcUbdJIJWs=; b=ARZM4gXDdZS0mpWQerZBUd4VsXjlvB46RbWcq9yf1/NZXmZxvqCV1Rx7I0Sqx/Jsi+ MbVZzjFv6RmgFTa/TJrhX3PIzk7u70SjaaB2x90+z51blNQb8fy68yx59mCXj4kMgY1M 1QZljBj3Ve8WCFEolXz6nhpZynPovLIUO8e+t8RdiRAIhAF67F7QKM2EWhZincf2J92U K1h5L7c1xZKMY7EyvZMqQFzMJj7hZ4cLic7ccl7IXiD+zd3vdqFCOfFuGkPp9ycTHlRZ PYGnIf3MwGdlry4LRMFDyVDEw5GoL5h+mNELjU5ufJjFKavh+TFOS9BW9+r9IdovsfoB L4+A== X-Gm-Message-State: ALQs6tAzC6YMLxuaeGzCNdRhtFI70K4jgQEBkg4NPljH6ZvrM/BbRcr+ pSt8JfQv5XMk9o5wrE6eaoBQrHiZl3WKTPD2djk= X-Google-Smtp-Source: AIpwx4/MjMon2KMekE8piZ7WDZ8yl04M6TUeryAoF7XNwAsrM8JRRHqe8x5vbB9TOVaAJ/+aVQcGwa/M8FGo23FMYmk= X-Received: by 2002:a24:c88:: with SMTP id 130-v6mr17661596itn.14.1523015890563; Fri, 06 Apr 2018 04:58:10 -0700 (PDT) MIME-Version: 1.0 Received: by 10.2.79.215 with HTTP; Fri, 6 Apr 2018 04:58:09 -0700 (PDT) In-Reply-To: <36f18609-b418-ff3e-8a02-7129b889c08c@dreamchaser.org> References: <36f18609-b418-ff3e-8a02-7129b889c08c@dreamchaser.org> From: krad Date: Fri, 6 Apr 2018 12:58:09 +0100 Message-ID: Subject: Re: my Let's Encrypt certs "broken" overnight! To: freebsd@dreamchaser.org Cc: William Dudley , freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Apr 2018 11:58:12 -0000 When you say share the same certificate do mean that the cert has multiple sites defined in it? Could you supply the output of the following? certbot certificates The directive defines where that particular vhost binds logically on the hosts network stack, where as the servername defines the host that the vhost responds at the application level. Therefore having *:433 defined is fine Is there any chance of any .htaccess file lurking under the docroot that maybe polluting the apache config. Also its worth noting letencrypt do wild card certs now!! On 4 April 2018 at 04:56, Gary Aitken wrote: > On 04/03/18 07:48, William Dudley wrote: > > I had letsencrypt certs for most of the sites I host, and they were >> working fine until a recent upgrade -- either apache 2.4 or openssl >> changed and now things are hosed. >> >> An example: >> >> I host www.njsbmwr.org. I have a "test" URL for development, >> njsbmwr.dudley.nu. Both share the same certificates, or at least, >> they used to. >> >> Now, if I uncomment the section for >> www.njsbmwr.org, apache throws an error and won't start. If I >> comment the section out, apache is happy but www.njsbmwr.org doesn't >> serve https pages. >> >> njsbmwr.dudley.nu has almost the identical >> section, and it works fine as https://njsbmwr.dudley.nu >> >> The apache error I get when I enable the section >> for www.njsbmwr.org is: >> >> [Tue Apr 03 09:13:29.141783 2018] [ssl:emerg] [pid 49861] AH02572: >> Failed to configure at least one certificate and key for >> njsbmwr.org:80 [Tue Apr 03 09:13:29.141947 2018] [ssl:emerg] [pid >> 49861] SSL Library Error: error:140A80B1:SSL >> routines:SSL_CTX_check_private_key:no certificate assigned [Tue Apr >> 03 09:13:29.141982 2018] [ssl:emerg] [pid 49861] AH02312: Fatal error >> initialising mod_ssl, exiting. AH00016: Configuration Failed >> >> Here's the section that causes failure: >> >> ServerAdmin webmaster@dudley.nu ServerName >> www.njsbmwr.org DocumentRoot /usr/local/www/njsbmwr.dudley.nu Alias >> /.well-known/ /usr/local/www/.well-known/ ScriptAlias /cgi-bin/ >> "/usr/local/www/njsbmwr.dudley.nu/cgi-bin/" SSLEngine on >> SSLCertificateFile \ "/usr/local/etc/letsencrypt/live/ >> njsbmwr.dudley.nu/cert.pem" SSLCertificateKeyFile \ >> "/usr/local/etc/letsencrypt/live/njsbmwr.dudley.nu/privkey.pem" >> SSLCertificateChainFile \ "/usr/local/etc/letsencrypt/live/ >> njsbmwr.dudley.nu/fullchain.pem" SSLOptions +StdEnvVars BrowserMatch >> "MSIE [2-5]" \ nokeepalive >> ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog >> "/var/log/njsbmwr.dudley.nu-httpd-ssl_request.log" \ "%t %h >> %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" Header set >> Content-Security-Policy "default-src 'self'; script-src 'self' 'u >> nsafe-inline' pagead2.googlesyndication.com www.google-analytics.com >> *.cloudflar e.com www.paypal.com; img-src 'self' *.crystalbrook.com >> www.paypalobjects.com" Header set X-Frame-Options SAMEORIGIN Header >> set X-XSS-Protection "1; mode=block" Header set >> X-Content-Type-Options nosniff ErrorDocument 404 >> /errormessages/oatmeal_404.html ErrorDocument 500 >> /errormessages/oatmeal_500.html ErrorDocument 503 >> /errormessages/oatmeal_503.html ErrorLog >> /var/log/njsbmwr.dudley.nu-error_log CustomLog >> /var/log/njsbmwr.dudley.nu-access_log combined > "/usr/local/www/njsbmwr.dudley.nu"> Options +ExecCGI +FollowSymLinks >> +Includes +Indexes -SymLinksIfOwnerMatc h AllowOverride All >> Order allow,deny Allow from all >> >> The ONLY difference between this section, that doesn't work, and the >> section that DOES work is the ServerName line: >> >> < ServerName njsbmwr.dudley.nu --- >> >>> ServerName www.njsbmwr.org >>> >> > Not sure this will help, but it might be worth trying. > I had a somewhat similar but not exactly the same issue and resolved > it by being more explicit in the VirtualHost assignments. You might > try doing each separately and pointing to the same certs: > > ... > > and repeat for njsbmwr.dudley.nu:443 > Apache 2.4 (not sure about earlier releases) uses the first match it > finds for the . So *:443 will match both, and the server > name won't match for one of them. > > Gary > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe > @freebsd.org" > From owner-freebsd-questions@freebsd.org Fri Apr 6 13:33:08 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5A8FBF861E3 for ; Fri, 6 Apr 2018 13:33:08 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: from mail-yb0-x242.google.com (mail-yb0-x242.google.com [IPv6:2607:f8b0:4002:c09::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E24897BD09 for ; Fri, 6 Apr 2018 13:33:07 +0000 (UTC) (envelope-from wfdudley@gmail.com) Received: by mail-yb0-x242.google.com with SMTP id e3-v6so382611ybk.1 for ; Fri, 06 Apr 2018 06:33:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=2OZaab9U07tC5RjmTQOrbe6dao5FkIBL1mUgc9Cl/Xc=; b=b+YwLeNquCpw5j2pjz7Bk+RdqPskRsFVDajT+HlLTXPXKXibOPL00YUrql+zlzapWf oUvZfeUI/XEUzoE2ED6GvgEY1oihGd24OoYYPRb7H2QGZ/R0uIuB1aomyCdqyuYMzOy5 PDT8e6+j4llulhXAj8PfEZJySL8Qibh/Q/l24CU9PaBn5DC29QSfBkD8AvhXvjwlbyY4 ldgmI4zsKk3P4ZaOrorO6f/cl4OWitfXGLkl2F7oy0ooCJLqtTtjdihNton1P4IZTEMt QoNgs6Ifa5iavHJYNI5jAqnrHIZ6UimdD7ZPdsj3qVLDEn5anlr2pdbn6TnthsP/r+Ru Hozw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=2OZaab9U07tC5RjmTQOrbe6dao5FkIBL1mUgc9Cl/Xc=; b=qyKPn2vmhJGU3a5WMAc0QQdcI66Ry+6gazGm2FX1TmgUB3jhlwsHdECyDDD7USW0Ar emw5eboTGKX9C5MYFmWXAyyFjTZF5d/GePATfMChmXdi9TXZ21SwRXQJuP+CoAhqt/G8 wGWB+42ttR2vYmCDDLObRYk+qCnGBDwttv7RN7BhyTlwABs7KF8CRylnGFwcHnhobZy3 3mOSoZH6UQhjNXRg3h4mVBAQy9MsO7ZbZxBgxgdM663xHD57L9vkDySYZ1kNqkn40zLH 2degwi2PB/VfVGtfWrZF52znkPaN9AF+4zcmT+Smli7unfTYDWMzBv/selv0pkNvQq9+ QDhw== X-Gm-Message-State: ALQs6tA/JVw9WbYJVMLBStezdtL75x9xlWYi2VGHm660Rc457yYdnj0D eYW8DXDIfLmIb8SR2rs2BPYgkrW+1w+wE3x9fsw= X-Google-Smtp-Source: AIpwx4+Z0QYJBK7AR2CQIPy/7Rj1bABGmR1SnV7yWArQ5wLV1pcYQtvpTtOduSqc++rUeV9VxXamwi8ZSTIIBmsGFhY= X-Received: by 2002:a25:c791:: with SMTP id w139-v6mr15079612ybe.199.1523021587248; Fri, 06 Apr 2018 06:33:07 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:2e48:0:0:0:0:0 with HTTP; Fri, 6 Apr 2018 06:33:06 -0700 (PDT) From: William Dudley Date: Fri, 6 Apr 2018 09:33:06 -0400 Message-ID: Subject: Re: my Let's Encrypt certs "broken" overnight! SOLVED To: krad Cc: freebsd@dreamchaser.org, freebsd-questions Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Apr 2018 13:33:08 -0000 Krad, This has been solved. problem domain is FreeBSD 10.3, apache24-2.4.33 I had multiple problems, and an *upgrade* caused *mod_ssl* to start barfing when it saw the problems. The problems: I had njsbmwr.dudley.nu, www.njsbmwr.org, but NOT njsbmwr.org defined in the cert. I was doing a redirect for https://njsbmwr.org but didn't list the cert in the stanza, like this: ServerName njsbmwr.org Redirect permanent / https://www.njsbmwr.org/ That's wrong, one also needs the lines SSLCertificateFile "/usr/local/etc/letsencrypt/live/ njsbmwr.dudley.nu/cert.pem" SSLCertificateKeyFile "/usr/local/etc/letsencrypt/live/ njsbmwr.dudley.nu/privkey.pem" SSLCertificateChainFile "/usr/local/etc/letsencrypt/live/ njsbmwr.dudley.nu/fullchain.pem" Or mod_ssl (and hence apache 2.4) refuse to run. And yes, wild card carts would have been a good thing, but I started down this road 6 months ago. Bill Dudley This email is free of malware because I run Linux. On Fri, Apr 6, 2018 at 7:58 AM, krad wrote: > When you say share the same certificate do mean that the cert has multiple > sites defined in it? > Could you supply the output of the following? > > certbot certificates > > > > The directive defines where that particular vhost binds > logically on the hosts network stack, where as the servername defines the > host that the vhost responds at the application level. Therefore having > *:433 defined is fine > > Is there any chance of any .htaccess file lurking under the docroot that > maybe polluting the apache config. > > Also its worth noting letencrypt do wild card certs now!! > > > > On 4 April 2018 at 04:56, Gary Aitken wrote: > >> On 04/03/18 07:48, William Dudley wrote: >> >> I had letsencrypt certs for most of the sites I host, and they were >>> working fine until a recent upgrade -- either apache 2.4 or openssl >>> changed and now things are hosed. >>> >>> An example: >>> >>> I host www.njsbmwr.org. I have a "test" URL for development, >>> njsbmwr.dudley.nu. Both share the same certificates, or at least, >>> they used to. >>> >>> Now, if I uncomment the section for >>> www.njsbmwr.org, apache throws an error and won't start. If I >>> comment the section out, apache is happy but www.njsbmwr.org doesn't >>> serve https pages. >>> >>> njsbmwr.dudley.nu has almost the identical >>> section, and it works fine as https://njsbmwr.dudley.nu >>> >>> The apache error I get when I enable the section >>> for www.njsbmwr.org is: >>> >>> [Tue Apr 03 09:13:29.141783 2018] [ssl:emerg] [pid 49861] AH02572: >>> Failed to configure at least one certificate and key for >>> njsbmwr.org:80 [Tue Apr 03 09:13:29.141947 2018] [ssl:emerg] [pid >>> 49861] SSL Library Error: error:140A80B1:SSL >>> routines:SSL_CTX_check_private_key:no certificate assigned [Tue Apr >>> 03 09:13:29.141982 2018] [ssl:emerg] [pid 49861] AH02312: Fatal error >>> initialising mod_ssl, exiting. AH00016: Configuration Failed >>> >>> Here's the section that causes failure: >>> >>> ServerAdmin webmaster@dudley.nu ServerName >>> www.njsbmwr.org DocumentRoot /usr/local/www/njsbmwr.dudley.nu Alias >>> /.well-known/ /usr/local/www/.well-known/ ScriptAlias /cgi-bin/ >>> "/usr/local/www/njsbmwr.dudley.nu/cgi-bin/" SSLEngine on >>> SSLCertificateFile \ "/usr/local/etc/letsencrypt/live/ >>> njsbmwr.dudley.nu/cert.pem" SSLCertificateKeyFile \ >>> "/usr/local/etc/letsencrypt/live/njsbmwr.dudley.nu/privkey.pem" >>> SSLCertificateChainFile \ "/usr/local/etc/letsencrypt/live/ >>> njsbmwr.dudley.nu/fullchain.pem" SSLOptions +StdEnvVars BrowserMatch >>> "MSIE [2-5]" \ nokeepalive >>> ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog >>> "/var/log/njsbmwr.dudley.nu-httpd-ssl_request.log" \ "%t %h >>> %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" Header set >>> Content-Security-Policy "default-src 'self'; script-src 'self' 'u >>> nsafe-inline' pagead2.googlesyndication.com www.google-analytics.com >>> *.cloudflar e.com www.paypal.com; img-src 'self' *.crystalbrook.com >>> www.paypalobjects.com" Header set X-Frame-Options SAMEORIGIN Header >>> set X-XSS-Protection "1; mode=block" Header set >>> X-Content-Type-Options nosniff ErrorDocument 404 >>> /errormessages/oatmeal_404.html ErrorDocument 500 >>> /errormessages/oatmeal_500.html ErrorDocument 503 >>> /errormessages/oatmeal_503.html ErrorLog >>> /var/log/njsbmwr.dudley.nu-error_log CustomLog >>> /var/log/njsbmwr.dudley.nu-access_log combined >> "/usr/local/www/njsbmwr.dudley.nu"> Options +ExecCGI +FollowSymLinks >>> +Includes +Indexes -SymLinksIfOwnerMatc h AllowOverride All >>> Order allow,deny Allow from all >>> >>> The ONLY difference between this section, that doesn't work, and the >>> section that DOES work is the ServerName line: >>> >>> < ServerName njsbmwr.dudley.nu --- >>> >>>> ServerName www.njsbmwr.org >>>> >>> >> Not sure this will help, but it might be worth trying. >> I had a somewhat similar but not exactly the same issue and resolved >> it by being more explicit in the VirtualHost assignments. You might >> try doing each separately and pointing to the same certs: >> >> ... >> >> and repeat for njsbmwr.dudley.nu:443 >> Apache 2.4 (not sure about earlier releases) uses the first match it >> finds for the . So *:443 will match both, and the server >> name won't match for one of them. >> >> Gary >> >> >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe >> @freebsd.org" >> > > From owner-freebsd-questions@freebsd.org Fri Apr 6 14:05:31 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0B605F8851B for ; Fri, 6 Apr 2018 14:05:31 +0000 (UTC) (envelope-from ranceh@gmail.com) Received: from mail-ot0-x234.google.com (mail-ot0-x234.google.com [IPv6:2607:f8b0:4003:c0f::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 957047D3E5 for ; Fri, 6 Apr 2018 14:05:30 +0000 (UTC) (envelope-from ranceh@gmail.com) Received: by mail-ot0-x234.google.com with SMTP id m7-v6so1295774otd.1 for ; Fri, 06 Apr 2018 07:05:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=X5foyRGJfVz21CKWKq7ZxNZ52wsZ38HHD7Wj+06TMdE=; b=PVZ+B7C53Vaeou9faNaT+8FtA6ZHkIgOrnsEGGT6zVkzXHI25Jj27gxIvim0yeVBqq JnnaNfUpzSQkSNdb+gd7jISld6qK/TDyM5ZvTG8WgzZwhVZbvExM9jlTXIF4t+hGbF+/ ALHz4yQGR4q8/MtK9hUsprj3MBg81Vdf4LBRXqdsOK9aDlVfjPuTu6rnvHrnbZd2tc/9 YibQrMEgrBu+i5AtCfy4zq/MisvaF3gRdDZG7/r/FX+++1MEQLGcOkyKk/X+P3g5jHnD Wx+AQkmubLCbAr4S3E58FXjSTdKQQXUMsjhFGn4VIE6Uu+S83/n7d/V9eSvi2VgSlVyC xOJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=X5foyRGJfVz21CKWKq7ZxNZ52wsZ38HHD7Wj+06TMdE=; b=KaTY8VN4VbiT75rapz0NhtIbnuSCKtpK2HowPjLkBeL0DE9VTg7I/PUM8dgx2zoK8w DL6wOEjFyXyIxiqPy74s/evTIS6XC9e6lfVTCmr0DNvhi9vMbtxjOiRgm/okCgBuLgY7 PGIGdTNV321Cxj0GGl0jfBVa3hBPLfSAzxwzfIEGywDhi79vyU+wEuUNJfK61Rps2qN6 OV9WV7V2FYDPSv2sX57qPCLNLYm8J4gpm3zmS719R59DTn+vqMk4hET37rqMAUUp/uRD plW8I7lXkRC0XD+Sro1Y6S//hE+ID9X7vxgRgYGJ5UBQdiAq9L6OLutu0rI1HZjIXOV7 h+hA== X-Gm-Message-State: ALQs6tCwhwKbzOK1kkzRcnNUgET/qGKlwK8z3Stsfoqct65RPL8Xt5yT 6TCTfOLOwwjzG18flny8HJwX6iHKe69Ys/h4c7LkJQ== X-Google-Smtp-Source: AIpwx49K5kL868pqBAH7kzGuorW0Tw4HfB1Q69AXDivuuJ6I3W9W0vCB+Au4V65uMJQClQ0tcAqIRwQstCDMOhSDGK0= X-Received: by 2002:a9d:4376:: with SMTP id y51-v6mr3477475oti.329.1523023529636; Fri, 06 Apr 2018 07:05:29 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a9d:3e43:0:0:0:0:0 with HTTP; Fri, 6 Apr 2018 07:05:29 -0700 (PDT) From: Rance Hall Date: Fri, 6 Apr 2018 09:05:29 -0500 Message-ID: Subject: Freebsd root on zfs install To: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Apr 2018 14:05:31 -0000 I have a freebsd 11.1 server setup using root on zfs using a pair of matching usb keys. I have a pair of matching 1TB drives for data, and a pair of 6TB drives for media. I'm trying to minimize the number of disk writes to the usb keys so I'm working on a plan to remount some of the zroot mounts onto the spinning disks. I've already moved /tmp and /usr/home I'd like some suggestions of what to do next. Here's my current output of "zfs list | grep zroot": zroot 1.88G 10.2G 88K /zroot zroot/ROOT 1.26G 10.2G 88K none zroot/ROOT/default 1.26G 10.2G 1.26G / zroot/usr 633M 10.2G 88K /usr zroot/usr/ports 88K 10.2G 88K /usr/ports zroot/usr/src 633M 10.2G 633M /usr/src zroot/var 860K 10.2G 88K /var zroot/var/audit 88K 10.2G 88K /var/audit zroot/var/crash 88K 10.2G 88K /var/crash zroot/var/log 400K 10.2G 400K /var/log zroot/var/mail 88K 10.2G 88K /var/mail zroot/var/tmp 108K 10.2G 108K /var/tmp I have my eye on /var/log and /var/tmp and adding a mount for /usr/local/ Thanks for your time guys. From owner-freebsd-questions@freebsd.org Fri Apr 6 14:18:29 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2CB3DF8979B for ; Fri, 6 Apr 2018 14:18:29 +0000 (UTC) (envelope-from mexas@bristol.ac.uk) Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-he1eur02on0729.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe05::729]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "Microsoft IT TLS CA 4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7D9427DF9D for ; Fri, 6 Apr 2018 14:18:28 +0000 (UTC) (envelope-from mexas@bristol.ac.uk) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bristol.ac.uk; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=7ErRvhxOwYVz//oEaawsY3ibjdqOGT0dFv32PWodCww=; b=G7ndj6VT896mkGYU5TWRWrKTaF0s+6HqBG19Be3UrmR1pFn0Gi4WFfqPTHLDpGw1l/jPgY4rL6ay+zWY8DTDyAOO6PIVLeIDBhYzhD1VhEUXM1NTkdyrXaekRPa5XwcnYpWqvTHMQxE888/cWMmH6mxLqzE7R/d7CiPNbP2550k= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=mexas@bristol.ac.uk; Received: from scm-men-p0.men.bris.ac.uk (2001:630:e4:8102:21d:d8ff:feb7:1f48) by AM4PR06MB1491.eurprd06.prod.outlook.com (2a01:111:e400:59e9::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.653.12; Fri, 6 Apr 2018 14:18:25 +0000 Received: from scm-men-p0.men.bris.ac.uk (localhost [127.0.0.1]) by scm-men-p0.men.bris.ac.uk (8.14.7/8.14.7) with ESMTP id w36EINL9011269 for ; Fri, 6 Apr 2018 15:18:23 +0100 Received: (from mexas@localhost) by scm-men-p0.men.bris.ac.uk (8.14.7/8.14.7/Submit) id w36EIN8g011268 for freebsd-questions@freebsd.org; Fri, 6 Apr 2018 15:18:23 +0100 From: Anton Shterenlikht Message-Id: <201804061418.w36EIN8g011268@scm-men-p0.men.bris.ac.uk> Date: Fri, 06 Apr 2018 15:18:23 +0100 To: freebsd-questions@freebsd.org Subject: Dell Precision 3520 laptop - help with dual graphics card User-Agent: Heirloom mailx 12.5 7/5/10 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Originating-IP: [2001:630:e4:8102:21d:d8ff:feb7:1f48] X-ClientProxiedBy: AM5PR0202CA0018.eurprd02.prod.outlook.com (2603:10a6:203:69::28) To AM4PR06MB1491.eurprd06.prod.outlook.com (2a01:111:e400:59e9::13) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 61bc6724-3666-47e7-4c54-08d59bc942b8 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:AM4PR06MB1491; X-Microsoft-Exchange-Diagnostics: 1; AM4PR06MB1491; 3:LDPnZPZO2c3WG6Cxq/uNZQ0I/mg1cus52o03jMEZeumbereo+LunkWRzQh9A9KyrlYvYS641mSxrBJRSrl3edM717yB/BZNoebsIzfJAMCzWAo0uFAvfmFQw2IaWvcnLJDTavjpvy58og9lCev0d/ATa9HnPQBLQlcEkbadKU7cZ+syk5ztOAkXaeOjK2iMxewuBCIAXQyzJd05eImE+w2icqCxkW3uXM4+v0MFSsZ+X5GjdfRrsfh/Fe9l4rdww; 25:HKClt0B0jn75yQrMg8MobeqU67dHB1MMW1QeboIWzEZg3glQSfawTMkBhXOTOVROMqXDBSH3IlrvPLtAZLIEnEZWUoMyDOB6olNWu0U96jKcKGFStB5NBI6xs59P8L/ok3lTxwdcEYOU4DzccUiQt9TZ45ikOrD2OWDg+/uLUz7e+PFpP888oV3CxGoy8BCvmShLMKuArbw3MmcRWEGBcRy0ZeS7X7K8y+LbPD4FZQTkv9GdsEM0M22YIfy6u/hcHoeVGzNUKr2f4Kebz2MAffW6K4RfqFHoRbkjEz8dHAxUqXAzUYWoGXfMP/oFk1shyI7g2/mbToDI2TrpViy77A==; 31:Wi8nAGOwkOdTC7+UlBvVl4u0fwzVuivKSt0qmLKqOwqDfsiSNuhbrsQZ5iGc0hYfAaFY/i05VkxMe6zmTpLO+tVboAJ0dDWPogaE2/QxOlN1/BxUwoIxJPn/ko4UkPqXTH3Fob100gC6A5R+46N48Rz8862QBy2vZ8uaVxxwbXs/wXMrN3tj6ePjpibVafCGEmY9IBmsfj6chw23XQHNmYOunU1G2VTXC1XdUo9r0Ro= X-MS-TrafficTypeDiagnostic: AM4PR06MB1491: X-Microsoft-Exchange-Diagnostics: 1; AM4PR06MB1491; 20:Biu3FNY79dCKVPmJif9mBsAjXXF+MpBSejZKuW2m8nBSxfJ36JC2dbviNkOTCm86iK8dYyjbJCamVTwq+FMFchMv83Wj6eb7gI3PCK4Q6bgVqtyL1ht1qI2msv2xG4S/5+YcphkpegXzCvIhbdBftXUDlSZlzebQBAmeWGv9oE3Q7ppZVJmRxxYuX6qnXC3PowvaRU/8igRqViS4OSyQA+YvQ7JB9Z5ONukw4eAZipjMBZsXfVEjbX+iX89L4H1t/2yGpE9gSbphIqs35F62TqxGWGCJCRxmnozl2tPoBelyDDqbvD20zIRS8RB39h2Thi5dXvy5pZE0CFxIwg5o6y+9mK99Pit+IO3BmJILeP5KaDB9IzYJbEVBB3k7vTBKsw9kYdQwUTn9csZa3NgE8pVHYhq6IwXJmf3QpbFiYHhRWNH8LIV88QhnCupGVdbfrcpr9VRqHe5K2VI6tXCv8ALXYqNS5SQ8G8CIXrYUza7TGcAFY8QFQrdvv2V54CgU; 4:O0rTgByQhTCswS5T+DjXGMleNgXqY4Cr7nYPd67/fAr3yqovSmz9N/74MQHqUc/moEkc96TbysCHQasjd8nq2tGpPPTqV1QvXpcNSQeg+/mp2fwsa07KW8HAaaqXvl8Bev1/kVs/towe43pPsi8wDO76eq7vHhc1zcfcPo9F79r/ZVFgKpJ4B50pVhodPr7pd4vG2LOYNhntW9EDgSqmf/AGsoldmt8JBogHEb0t/UpIdA5tC1SFwUDEBUyVfoHdsWo+dxSeqY/K9EueaOhMCg== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(3231221)(944501327)(52105095)(10201501046)(6041310)(201703131423095)(201702281529075)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123560045)(20161123558120)(20161123562045)(6072148)(201708071742011); SRVR:AM4PR06MB1491; BCL:0; PCL:0; RULEID:; SRVR:AM4PR06MB1491; X-Forefront-PRVS: 0634F37BFF X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(39860400002)(346002)(376002)(396003)(39380400002)(189003)(199004)(57704003)(68736007)(8276002)(33896004)(50466002)(97736004)(2361001)(386003)(2351001)(305945005)(9686003)(6306002)(5660300001)(786003)(316002)(8676002)(86362001)(7736002)(46003)(42186006)(966005)(122856001)(186003)(23726003)(8936002)(1076002)(81166006)(52396003)(81156014)(58126008)(6916009)(106356001)(230700001)(74482002)(87636003)(53936002)(47776003)(6116002)(476003)(2906002)(478600001)(486006)(105586002)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:AM4PR06MB1491; H:scm-men-p0.men.bris.ac.uk; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; Received-SPF: None (protection.outlook.com: bristol.ac.uk does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; AM4PR06MB1491; 23:FGp0fugBoIY+TmEpsEjNctKwRhiFGWWg3c6tl5d5x?= =?us-ascii?Q?y8Km+/Sl1L6HLGxRRv2wKI6XB1FWohVFnmlnpJpN+byc3ODc9DL+VzBxXUNB?= =?us-ascii?Q?xINnlnHbq6+H5dnl65eVkY62y3Zz0hWfwaRKvvzrnt0hCmuqoFTd21KogCic?= =?us-ascii?Q?Qzp52WiPvjBywAJi3jaYlUd1G1C/ESELi2OCAJ3kwBHda8KxuVWZLRNY4na+?= =?us-ascii?Q?eonD5Y7qorMqxu5rrapYzSxJARg7gQnXC07zt7v9BjbMMbsHgu55uI77Wk6o?= =?us-ascii?Q?ztb3tFP3VEBCSg1wOda2t10EnxRPItS/kr5soUqFwW1nQr8ETHOzHydeFgNy?= =?us-ascii?Q?Sd9fhMiWynIsrCAC/1PdyLQLTMBKeHWxaf7F2wauQIfsBL/ch2P/CITdKOKu?= =?us-ascii?Q?XaO8ju6DYlMr8splVtLkgxSgK4p1SCwqaPAR2hxEwJ2UOJbS+OhTLOiRBe26?= =?us-ascii?Q?eQqQ9tx8m5pUthz6CNCPmF8isgx0zXoc9c0HwiwmlypwOVb4CWuzKUp4teHu?= =?us-ascii?Q?WiEFJCU512PR6AIbD4DYMwrcVUrKxFFTN43CLW70/sHL3GBCGfck7IVtdOp7?= =?us-ascii?Q?/EKbEJrxc6xn7WNzDZOIF0VYvNJqwF6tuAsHahtLWL7MebT3eFXZCE8V+0hh?= =?us-ascii?Q?EgwVvRC7nc0RPlpIe2kBPhS3l3eGxlvHxAWT4RQoxQZeq9DULZ3XqS4uQ5b+?= =?us-ascii?Q?ejbUoN6rLeaBa7rguq78sRq2UDn9SYrASKBTz1oWvD6N9mxEivFtzao40ioY?= =?us-ascii?Q?DgoYJWKim2U7dmXQvLEQQNDs0OPVDBQP1QSQAcRpQKlAAfwRz4W7p4JcWvaQ?= =?us-ascii?Q?xfG9dEsOXk0w9erpqp+uMUqc5twDPpwxd6Kp+YzD5ib6SqNiPSFFxrriFVCz?= =?us-ascii?Q?TJicz5PddFmATKrPpPUZuJcQh83IhfER/fDGz5l+rZhhlVDhtdGMZMJJpB1U?= =?us-ascii?Q?foQCpjFiDVpiuPXi+pg+Mmxz2xfsl3IvEcXHjrJWHIZJeTnm7HIK8d+tiXnq?= =?us-ascii?Q?LzmVSe+XVpA99lCZo02itp+NhPxu4goBZjF0zya4uuq4PMXCLrRBNKadKgEl?= =?us-ascii?Q?AwbOCPXAdS3QUX+acbTtAHE0RH/EInYiSgUJ5Gm4XRN5Jf7OR51uQ1E3lMmZ?= =?us-ascii?Q?LLXUgPrD66fnEYoFF063ph+264+Cc7s41L4LR3L3O4RewZp6YgoHw=3D=3D?= X-Microsoft-Antispam-Message-Info: QXepcknXJAKwUrROzRoyRXLnfxJoyYK8s4HxaNEImSHzxZp3yW3ZCs8MWIr/jlaMF3qtUX0Hs+zDac6sCe8jnu4x2cf5cnMulAU0Ds5/IsEXu6BwQw6/Ndqe8KkfTazCjN/e4OKTv2dM1BLPdI86SuN5x5W3C6ZiLj4+pDy7i2Y4qrlejyyHET69vNyVGP5o X-Microsoft-Exchange-Diagnostics: 1; AM4PR06MB1491; 6:w0lTXuASatkyi4rHgqsc6iebH4oGgSGBTI0YgLZkEdZ0ckSJD1+gEDhDTX3Xv5V6tYbN+0+81fkTew+tGHQDYEmF/fQJ59Gil33w+k45q0aQ8FTWV1w9+gtapF02y6oQ+KWsOV5m0eRvYvpDdkxyYfKbCn+Yvxt/9fxEbu35MajOFmIy5inIQAgbm1Dw9ymAJOdQ7coAXDeF8YTLWG2PDj/7+vTVj4Um9R94/wn86ceUdGme/LrRjzLetRtR+ko0pUzbBsyWUWeNzj2sPjTBkpD0GYLP9fNKO9BDE4Xl0/5MSha/NhEposTHV+me49lFjVm5K98UWepGmuFgaPan9zs9JmqUBIEqJDESSKNvrl8vVsJGYj5YDIeR72ZsPADJkHJOWFFMlBQwnpsmtC43NfgBnCxBxFYuZxCvGSp+F1Ez1cZGduw33PYFWt/xTjxwRwq3jpySPT8klyYz5GwMMw==; 5:ySKaV/WF2g4J630lar/unN/MIQcApc5cSFo0bnWyr+heLBhegOXxW/cyK1F4d86msb5isocLANFs2UBuGsTAZRbq/sbD2wkwLVU1Ek2ZY8MYJMn+zQfFP/AJwCPgfpPM1x619s4kV2b2h/2Y4VydWmLfdYDBh8p+xAsvkgJQIVc=; 24:bL48I73y78k6j3qQe7BbxxXUqOn4YKd16LCmvxeTJaY7Liv0Dfb+JgCyyNhrxzUp7RZcjhuv8OFhXBa4IBdiz5tcQJoXvzgekGcUq53Op04= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; AM4PR06MB1491; 7:PjZba6szQIIL4TpvlBljBn36L4x/q79LI7iNLOJ1pEaRsXMiAVO/XXJUSj4HdveKUa2AL6ti6BWB3OwDgIdFi9gIeAf+/Lg3t1QQRf5Wfoo5h6d9zB6jHYV0veXbCVjycuJMVfZNerbpCmj1ym+7o7qLz1sh9EJNgvjE0+sDZDpPjntWeHM6DEuw+oP9WloESB1cvpxlBH5mWTBDMOTMzyqdhsFMPDiw/JtIK1XGV44d6gJ0g0DdEimA+MiFINfE X-OriginatorOrg: bristol.ac.uk X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Apr 2018 14:18:25.2609 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 61bc6724-3666-47e7-4c54-08d59bc942b8 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: b2e47f30-cd7d-4a4e-a5da-b18cf1a4151b X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR06MB1491 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Apr 2018 14:18:29 -0000 Please help I got a Dell Precision 3520 laptop with 11.1-RELEASE. I cannot figure out how to setup X: [ 92.583] (EE) open /dev/dri/card0: No such file or directory And indeed there is no /dev/dri directory at all. I seem to have a dual graphics card (or 2 cards): vgapci1@pci0:0:2:0: class=0x030000 card=0x07a91028 chip=0x191b8086 rev=0x06 hdr=0x00 vendor = 'Intel Corporation' device = 'HD Graphics 530' class = display subclass = VGA vgapci0@pci0:1:0:0: class=0x030200 card=0x07a91028 chip=0x13b410de rev=0xa2 hdr=0x00 vendor = 'NVIDIA Corporation' device = 'GM107GLM [Quadro M620 Mobile]' class = display subclass = 3D Which apparently is the source of my problems. In this thread the suggestion is to disable one card in BIOS: https://forums.freebsd.org/threads/dell-precision-m7710-laptop-and-xorg.55899 Unfortunately I don't see any such or similar option in my BIOS. Indeed my BIOS does not mention 2 cards. It only lists the Intel graphics device. I searched all possible BIOS options - power, devices, etc., but can find nothing to disable one card. What else can I try? Do I need to create an X config file in my case? Thanks Anton From owner-freebsd-questions@freebsd.org Fri Apr 6 14:24:30 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F2A75F89E70 for ; Fri, 6 Apr 2018 14:24:29 +0000 (UTC) (envelope-from as@cmplx.uk) Received: from jail0199.vps.exonetric.net (jail0199.vps.exonetric.net [IPv6:2a02:1658:1::199:1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "jail0199.vps.exonetric.net", Issuer "jail0199.vps.exonetric.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 777197E46F for ; Fri, 6 Apr 2018 14:24:29 +0000 (UTC) (envelope-from as@cmplx.uk) Received: from jail0199.vps.exonetric.net (jail0199.vps.exonetric.net [178.250.76.108]) by jail0199.vps.exonetric.net (8.15.2/8.15.2) with ESMTPS id w36EOPUI004710 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 6 Apr 2018 14:24:25 GMT (envelope-from as@jail0199.vps.exonetric.net) Received: (from as@localhost) by jail0199.vps.exonetric.net (8.15.2/8.15.2/Submit) id w36EOPeO004709; Fri, 6 Apr 2018 14:24:25 GMT (envelope-from as) Date: Fri, 6 Apr 2018 14:24:25 +0000 From: Anton Shterenlikht To: Anton Shterenlikht Cc: freebsd-questions@freebsd.org Subject: Re: Dell Precision 3520 laptop - help with dual graphics card Message-ID: <20180406142425.GA4593@jail0199.vps.exonetric.net> Mail-Followup-To: Anton Shterenlikht , freebsd-questions@freebsd.org References: <201804061418.w36EIN8g011268@scm-men-p0.men.bris.ac.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <201804061418.w36EIN8g011268@scm-men-p0.men.bris.ac.uk> User-Agent: Mutt/1.9.2 (2017-12-15) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Apr 2018 14:24:30 -0000 On Fri, Apr 06, 2018 at 03:18:23PM +0100, Anton Shterenlikht wrote: > Please help > > I got a Dell Precision 3520 laptop with 11.1-RELEASE. > I cannot figure out how to setup X: > > [ 92.583] (EE) open /dev/dri/card0: No such file or directory > > And indeed there is no /dev/dri directory at all. > > I seem to have a dual graphics card (or 2 cards): > > vgapci1@pci0:0:2:0: class=0x030000 card=0x07a91028 chip=0x191b8086 rev=0x06 hdr=0x00 > vendor = 'Intel Corporation' > device = 'HD Graphics 530' > class = display > subclass = VGA > > vgapci0@pci0:1:0:0: class=0x030200 card=0x07a91028 chip=0x13b410de rev=0xa2 hdr=0x00 > vendor = 'NVIDIA Corporation' > device = 'GM107GLM [Quadro M620 Mobile]' > class = display > subclass = 3D > > Which apparently is the source of my problems. > In this thread the suggestion is to disable > one card in BIOS: > > https://forums.freebsd.org/threads/dell-precision-m7710-laptop-and-xorg.55899 > > Unfortunately I don't see any such or similar > option in my BIOS. Indeed my BIOS does not mention > 2 cards. It only lists the Intel graphics device. > > I searched all possible BIOS options - power, devices, > etc., but can find nothing to disable one card. Just spoke to Dell support on the phone - not possible to disable one of the cards via BIOS in this model. So I guess I need to go the X config file route... Would still be grateful for any advice. Anton From owner-freebsd-questions@freebsd.org Fri Apr 6 14:37:09 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D3586F8AB54 for ; Fri, 6 Apr 2018 14:37:09 +0000 (UTC) (envelope-from mexas@bristol.ac.uk) Received: from mail-relay2.bristol.ac.uk (mail-relay2.bristol.ac.uk [137.222.7.7]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6FA547EBAC for ; Fri, 6 Apr 2018 14:37:09 +0000 (UTC) (envelope-from mexas@bristol.ac.uk) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bristol.ac.uk; s=uob_relays; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:To:Date:Message-Id:From; bh=7ErRvhxOwYVz//oEaawsY3ibjdqOGT0dFv32PWodCww=; b=aEg6eDQPKwLO02R9joLOpBrQwPF8hk41QjCWHP7p1MAElJG4jWTjWAoBkMTCtVly1VUokB2gyj8L1evU6MKQxJKHAGEHbsjxZaeVjDiDidm9L3bR0yFISEFvKk7MclNtircTl+4EWtB5yfUdHi6vXhiLDYC239/KoE/8mDVEAUM=; Received: from scm-men-p0.men.bris.ac.uk ([172.25.2.93] helo=scm-men-p0.bristol.ac.uk) by athena.isys.bris.ac.uk with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from ) id 1f4Rux-0008Pw-Ov for freebsd-questions@freebsd.org; Fri, 06 Apr 2018 15:00:41 +0100 Received: from scm-men-p0.men.bris.ac.uk (localhost [127.0.0.1]) by scm-men-p0.bristol.ac.uk (Postfix) with ESMTP id 9517D120056 for ; Fri, 6 Apr 2018 15:00:39 +0100 (BST) Received: (from mexas@localhost) by scm-men-p0.men.bris.ac.uk (8.14.7/8.14.7/Submit) id w36E0dir010871 for freebsd-questions@freebsd.org; Fri, 6 Apr 2018 15:00:39 +0100 From: Anton Shterenlikht Message-Id: <201804061400.w36E0dir010871@scm-men-p0.men.bris.ac.uk> Date: Fri, 06 Apr 2018 15:00:39 +0100 To: freebsd-questions@freebsd.org Subject: Dell Precision 3520 laptop - help with dual graphics card User-Agent: Heirloom mailx 12.5 7/5/10 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Score: 0.2 X-Spam-Level: / X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Apr 2018 14:37:10 -0000 Please help I got a Dell Precision 3520 laptop with 11.1-RELEASE. I cannot figure out how to setup X: [ 92.583] (EE) open /dev/dri/card0: No such file or directory And indeed there is no /dev/dri directory at all. I seem to have a dual graphics card (or 2 cards): vgapci1@pci0:0:2:0: class=0x030000 card=0x07a91028 chip=0x191b8086 rev=0x06 hdr=0x00 vendor = 'Intel Corporation' device = 'HD Graphics 530' class = display subclass = VGA vgapci0@pci0:1:0:0: class=0x030200 card=0x07a91028 chip=0x13b410de rev=0xa2 hdr=0x00 vendor = 'NVIDIA Corporation' device = 'GM107GLM [Quadro M620 Mobile]' class = display subclass = 3D Which apparently is the source of my problems. In this thread the suggestion is to disable one card in BIOS: https://forums.freebsd.org/threads/dell-precision-m7710-laptop-and-xorg.55899 Unfortunately I don't see any such or similar option in my BIOS. Indeed my BIOS does not mention 2 cards. It only lists the Intel graphics device. I searched all possible BIOS options - power, devices, etc., but can find nothing to disable one card. What else can I try? Do I need to create an X config file in my case? Thanks Anton From owner-freebsd-questions@freebsd.org Fri Apr 6 18:34:08 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0C900F9D184 for ; Fri, 6 Apr 2018 18:34:08 +0000 (UTC) (envelope-from dweimer@dweimer.net) Received: from webmail.dweimer.net (24-240-198-186.static.stls.mo.charter.com [24.240.198.186]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "dweimer.net", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9EDE76E1E9 for ; Fri, 6 Apr 2018 18:34:07 +0000 (UTC) (envelope-from dweimer@dweimer.net) Received: from www.dweimer.net (pfSense.dweimer.local [10.9.5.1]) (authenticated bits=0) by webmail.dweimer.net (8.15.2/8.15.2) with ESMTPSA id w36IWt0a099198 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Fri, 6 Apr 2018 13:32:56 -0500 (CDT) (envelope-from dweimer@dweimer.net) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dweimer.net; s=2017.01.31; t=1523039576; bh=hU7U1+9OfAzja296NSy3S/4EUtVW66K1f7NSnD1dsdI=; h=Date:From:To:Subject:Reply-To; b=CRMIomxH/2QKmSlUjc9MUcBZE4H3+RkMPaq+twH/ad9JfoxDDee2LNR7QBPe6/PJ3 MkH3Cwte7kjRqRN7Q5fpEFKF0erGMFrnh24nFwElSJvmunJMvqQG6BwLfkSu/Jd0cY oEJAhzhoq9cqmmoX3zInRofzOIasORNSmkWdbIitMGtmj5dHMiJECVzo0jtfaCmCEh nXKBIfRBR6xiMsd8RzhH1gvbuI2jAARMzNMc7LdoB+3TzI3PQUFDeoPmtLEbW2cFRf 9sYuQdsFbEV0DphKTj5h3aWSx1wCoc01Dfq0J2fDeSPniJw1p7Mxzk8b+7qNVZsgFG mdJkKO5kHQEvg== MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Fri, 06 Apr 2018 13:32:50 -0500 From: "Dean E. Weimer" To: FreeBSD Questions Subject: Jail unable to access some network devices Organization: dweimer.net Reply-To: dweimer@dweimer.net Mail-Reply-To: dweimer@dweimer.net Message-ID: <7f30fe692d049949bbd74c5d4c136f16@dweimer.net> X-Sender: dweimer@dweimer.net User-Agent: Roundcube Webmail/1.3.5 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Apr 2018 18:34:08 -0000 I am trying to setup some jails on a server utilizing multiple routing fib tables I have a few jails already running some of them in different fibs, one in the same fib as the host. But this last one I added has caused some problems. Its the first one I am trying to build in this fib. Below is sections from the fib routing setup and the jail. ## Set up the DMZ[1] routing table # Interface route(s) setfib 1 route add -net 10.50.0.0/16 -iface lagg0.4 setfib 1 route add -net 10.52.0.0/16 -iface lagg0.4 setfib 1 route add -net 172.17.0.0/25 -iface lagg0.900 # Default route setfib 1 route add default 10.50.110.9 # Default Jail Options allow.mount.devfs; mount.devfs; devfs_ruleset = '4'; allow.sysvipc; allow.dying; exec.start = "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; exec.consolelog = "/jails/${name}/console.log"; proxy2 { exec.fib=1; allow.raw_sockets = 1; ip4.addr = 'lagg0.4|10.50.20.42/16'; ip4.addr += 'lagg0.4|10.52.20.42/16'; ip4.addr += 'lagg0.900|172.17.0.5/25'; } The jail can talk to every host on the 172.17.0.0/25 subnet, and can talk to every hos tin the 10.52.0.0/16 subnet. I can't talk to some things in the 10.50.0.0/16 subnet though. The 3 devices I can't talk to also have 10.52.0.0/16 addresses on the same adapter as the 10.50.0.0/16 I can talk to their 10.52 address but receive an invalid argument error when attempting to connect via 10.50 address. Below the 10.50.20.4 and 10.52.20.4 are the same device, an older FreeBSD server that this jail is intending to replace. root@fbsdhost2:/jails/proxy2 # proxy2 root@proxy2-temp:/ # ping 10.52.20.4 PING 10.52.20.4 (10.52.20.4): 56 data bytes 64 bytes from 10.52.20.4: icmp_seq=0 ttl=64 time=0.749 ms 64 bytes from 10.52.20.4: icmp_seq=1 ttl=64 time=0.311 ms ^C --- 10.52.20.4 ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.311/0.530/0.749/0.219 ms root@proxy2-temp:/ # ping 10.50.20.4 PING 10.50.20.4 (10.50.20.4): 56 data bytes ping: sendto: Invalid argument ping: sendto: Invalid argument ^C --- 10.50.20.4 ping statistics --- 2 packets transmitted, 0 packets received, 100.0% packet loss root@proxy2-temp:/ # ping 10.50.110.9 PING 10.50.110.9 (10.50.110.9): 56 data bytes 64 bytes from 10.50.110.9: icmp_seq=0 ttl=255 time=0.599 ms 64 bytes from 10.50.110.9: icmp_seq=1 ttl=255 time=0.253 ms ^C --- 10.50.110.9 ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.253/0.426/0.599/0.173 ms root@fbsdhost2:/jails/proxy2 # setfib 1 netstat -rnf inet Routing tables (fib: 1) Internet: Destination Gateway Flags Netif Expire default 10.50.110.9 UGS lagg0.4 10.50.0.0/16 84:2b:2b:4d:6e:08 US lagg0.4 10.52.0.0/16 84:2b:2b:4d:6e:08 US lagg0.4 127.0.0.1 lo0 UHS lo0 172.17.0.0/25 84:2b:2b:4d:6e:08 US lagg0.90 I know it has to be something on the jail configuration, as it doesn't even attempt to send the traffic to the interface, watched on host adapter. If I ping this jail address from the other system the echo requests do show up, on that adapter. Can anyone see anything in the above configuration that I have missed, or got wrong? -- Thanks, Dean E. Weimer http://www.dweimer.net/ From owner-freebsd-questions@freebsd.org Fri Apr 6 20:32:06 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 412E6F84023 for ; Fri, 6 Apr 2018 20:32:06 +0000 (UTC) (envelope-from mack63richard@gmail.com) Received: from mail-io0-x22c.google.com (mail-io0-x22c.google.com [IPv6:2607:f8b0:4001:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D26D8750DD for ; Fri, 6 Apr 2018 20:32:05 +0000 (UTC) (envelope-from mack63richard@gmail.com) Received: by mail-io0-x22c.google.com with SMTP id e79so3121192ioi.7 for ; Fri, 06 Apr 2018 13:32:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=uZfI4MAs8xk+HpgWagltI5zaf8QU6eAuBoDL3zlA4uY=; b=ZkI6lAy7HJEILCrHLd65s6tuf3lnG2O2S5TF9LFHr4qW4ozaCtkXsR/7LBLsOTj5pc MBOFADIdRUKO1uvAz6BPuR4Khjb5zMiN/wCKGWNPUJHANtfUVGsxH3T/W2do9hHS1uIc MIq+ZBvRSWIs1Y5vtuRoXN5sZzdRZw//4cu8aPGvYBqjguo+YKddBOM7B6NyLjGRLbPM KCIPb10vGW+3sPyibCnMsfBpEGpy9k9/kBzq6ltfi/54ifZhIV59aQ13tQRaE+B2L9mx h6SMwMCJCLpzBamlJIhiQqljKnPefZkXVTutgHxNO0zWefBY+5LjVr8jKeLL7rlrEuJ2 do4w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=uZfI4MAs8xk+HpgWagltI5zaf8QU6eAuBoDL3zlA4uY=; b=T86r/u3hxXFygQG0zyMg0EQRrAURHJ/AAREVcsaLPn+woTpCV8UNR6j5RJGeCArMxO t1w0cTE28l8RVvaT2buIRemKIBXiGO51FXThJb74X/tg/ynbaDwghikopSc0phQ7w+QC RV1kba+1EfIuF6hSmR0Mxky25oAEhGS7+k1kaPkO6XAhewIQ0JPbYK40NgC+MsP8ytAm QVQqCg0scb8g76FtCgZsnDc5ktGf0Zn9pZb43ezO+6/9Ynj73otTxZrektLHhDuIX+sh FZdD9AiJNJZsg0UFMaSnobU6ATHQxwn7fdAZivWg+uS+Z4E/KaopXoKn6kboxH8gzcWs 3ZfA== X-Gm-Message-State: ALQs6tAc/spCPXFDuidb3KmOobSsO0Xd/rx72QxOT4zy9dLN7I2wxMz6 Sl+ysg0A5fuCFsR7plzUoYnmabiKnwJvNV7x+Sw= X-Google-Smtp-Source: AIpwx48mGFht9u7c+WPkqHma3YKrhQ+EyVW/megG3+tmnJcZnMYgH/e5VFLXbMecEmzjBT4IqNkHiX8M3KrtrRGNTx0= X-Received: by 10.107.20.13 with SMTP id 13mr26345980iou.246.1523046724781; Fri, 06 Apr 2018 13:32:04 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Richard P Mackerras Date: Fri, 06 Apr 2018 20:31:54 +0000 Message-ID: Subject: Re: Freebsd root on zfs install To: Rance Hall Cc: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Apr 2018 20:32:06 -0000 Hi Zfs always writes to new space rather than overwriting a file. So the wear (if that is what you are concerned about will tend to be relatively even. You appear to have 2TB usb sticks. I wouldn=E2=80=99t bother to do more. I = assume your memory sticks are quick. Back up important changing files to your spinning rust. By the time you wear out a usb stick 2TB will be too small to care about.. Of course if your sticks are not quick then that is a different matter. Swap is a biggie. You want to add swap in fast places.. you can add extra swap and remove current swap so add extra swap via your fstab. You could delete the current swap from fstab. HTH Richard P.S. have you got Samba working? On Fri, 6 Apr 2018 at 15:09, Rance Hall wrote: > I have a freebsd 11.1 server setup using root on zfs using a pair of > matching usb keys. > > I have a pair of matching 1TB drives for data, and a pair of 6TB drives f= or > media. > > I'm trying to minimize the number of disk writes to the usb keys so I'm > working on a plan to remount some of the zroot mounts onto the spinning > disks. > > I've already moved /tmp and /usr/home > > I'd like some suggestions of what to do next. > > Here's my current output of "zfs list | grep zroot": > > zroot 1.88G 10.2G 88K > /zroot > zroot/ROOT 1.26G 10.2G 88K non= e > zroot/ROOT/default 1.26G 10.2G 1.26G / > zroot/usr 633M 10.2G 88K /us= r > zroot/usr/ports 88K 10.2G 88K > /usr/ports > zroot/usr/src 633M 10.2G 633M > /usr/src > zroot/var 860K 10.2G 88K /va= r > zroot/var/audit 88K 10.2G 88K > /var/audit > zroot/var/crash 88K 10.2G 88K > /var/crash > zroot/var/log 400K 10.2G 400K > /var/log > zroot/var/mail 88K 10.2G 88K > /var/mail > zroot/var/tmp 108K 10.2G 108K > /var/tmp > > I have my eye on /var/log and /var/tmp and adding a mount for /usr/local/ > > > Thanks for your time guys. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > From owner-freebsd-questions@freebsd.org Sat Apr 7 10:41:01 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 808C6FA050D for ; Sat, 7 Apr 2018 10:41:01 +0000 (UTC) (envelope-from mayuresh@kathe.in) Received: from relay1-d.mail.gandi.net (relay1-d.mail.gandi.net [217.70.183.193]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0A0E581F86 for ; Sat, 7 Apr 2018 10:41:00 +0000 (UTC) (envelope-from mayuresh@kathe.in) Received: from webmail.gandi.net (unknown [10.200.201.11]) (Authenticated sender: mayuresh@kathe.in) by relay1-d.mail.gandi.net (Postfix) with ESMTPA id 35941240005 for ; Sat, 7 Apr 2018 12:40:53 +0200 (CEST) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Sat, 07 Apr 2018 16:10:53 +0530 From: Mayuresh Kathe To: freebsd-questions@freebsd.org Subject: swi-pl : minimalist edition Reply-To: mayuresh@kathe.in Mail-Reply-To: mayuresh@kathe.in Message-ID: <4651cc3af73323df69b574a07eb7dbe2@kathe.in> X-Sender: mayuresh@kathe.in User-Agent: Roundcube Webmail/1.1.2 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Apr 2018 10:41:01 -0000 i tried sending mail to johans@freebsd.org, failed. i am have been evaluating options to target my expert help system. have tinkered with netbsd and openbsd, but didn't feel comfortable. i liked prolog and was pleasantly surprised to see a port of swi-pl under freebsd. there's one hitch though, the swi-pl port has too many dependencies. would there be some way to _also_ have a minimalist edition of swi-pl? thanks, ~mayuresh From owner-freebsd-questions@freebsd.org Sat Apr 7 12:27:38 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 361D1F85046 for ; Sat, 7 Apr 2018 12:27:38 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8E8C67D188 for ; Sat, 7 Apr 2018 12:27:37 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de ([92.195.30.67]) by mrelayeu.kundenserver.de (mreue003 [212.227.15.167]) with ESMTPA (Nemesis) id 0M7Ws7-1eKEj80ksB-00xNSe; Sat, 07 Apr 2018 14:27:29 +0200 Date: Sat, 7 Apr 2018 14:27:28 +0200 From: Polytropon To: mayuresh@kathe.in Cc: freebsd-questions@freebsd.org Subject: Re: swi-pl : minimalist edition Message-Id: <20180407142728.235d7af2.freebsd@edvax.de> In-Reply-To: <4651cc3af73323df69b574a07eb7dbe2@kathe.in> References: <4651cc3af73323df69b574a07eb7dbe2@kathe.in> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K1:xsiLN95aSQuJpoeXJIPCNAtbg/4ykalm7PpeQv5TcSEKvCodWP3 WLwp6KnlYBCO4Spas1n190ZU4H8UdlDhGs9Zs7O0gsztWDY7uzvCQiBo6YA2Fl2r/mEVfkH CiXID+glCxSRoOF7+ROHSfmTzYf8iM4us8Ru8Z3oJrFwcAWyZS7l9uSx+eDclBUOUnrqnpB WYhZRHHWhllaseimJVA1w== X-UI-Out-Filterresults: notjunk:1;V01:K0:zCLFKynRjKw=:Qbr72z2TEVDh1YRmOIFXjO qpMJtejsRTg43w0sXaTUpKn+F8bGWjhsqScd1y30O0mkZWeQqqvEqaUnWWlC0gYe1RWWduI5P h+KTuvv9X/9Nwy/SgRBqD5lSNJaEo6+4TNL2MgPRZPQ0sbGHfpGHh8my2eG85lEVl4gPTWMUA ufEgWP8aJWyRjm29V5wz/0iF/QY/0MLoUj/rYv5kjeh/ZLbarpawMLEXYFz2sWJZVyao+kvHa HeI/gFi/QxMyXxTbHEMZ0BWtNVBGeMA5fchuX99FvHNc5TzLjFNLyx7mk/pqMo1PMtyNJOAfz yFTCW8+iK0OwnIzHqXbxTMsk8FewaV33kys/8HJhUXLC2/Sk7/OXMh7QcgQ1XxnE9DpmCzSnb t3Ne/ae4vIOybXYNUChuEuoT/LGEaMI7OCGsi/1gyxUnVJp7QjlGIJlX+RyVnOu0ICyv1Enp+ KyB1QIEAI/vzH7gPuq7mBtDnY6EtcyvNHgxYv+6mSC3ugoLbrljp65Ya6PML68z4EvM4uCYrf PstVenMoJtu1qvJSbb+jeoJm4M/dSlNyH0hReJYW+se+Oxt/g7K21RJbX+qnVvn+AxVySw0cv ONmpgMdKlqAeQio64dbU5GY/lGjowWUIHch556vVV4mV6EEJvkxOexnH2x4jUfTnhQHPY7k3j 2ChxBBJAY0qWzw47YvRY44bCO0u7n7FokNenTvl1wbBsQ9Ec+8e+U38IVoYqu7eerthgDkPsT ZPMRqlA/TyAkCgCUp1dAHBSZkeuLab6k5cqhBhIoGUwLbWx5aasFX0aUMm0= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Apr 2018 12:27:38 -0000 On Sat, 07 Apr 2018 16:10:53 +0530, Mayuresh Kathe wrote: > i tried sending mail to johans@freebsd.org, failed. Maybe try to address the ports team directly? > i am have been evaluating options to target my expert help system. > have tinkered with netbsd and openbsd, but didn't feel comfortable. That is intended. ;-) > i liked prolog and was pleasantly surprised to see a port of swi-pl > under freebsd. > there's one hitch though, the swi-pl port has too many dependencies. > would there be some way to _also_ have a minimalist edition of swi-pl? That's hard to say... The port's description says there are no options to configure, so I'd guess you cannot get rid of the X dependencies (if you don't use X). I've been using swi-pl in the past, and most of the dependencies will be present on an average desktop installation anyway. If you are using "pkg install" to install swi-pl, it will deal with the dependencies automatically. You will receive the runtime and the library dependencies only (no build dependencies required for binary installation). According to the list at https://www.freshports.org/lang/swi-pl/ it's not _that_ much additional stuff. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Sat Apr 7 16:37:30 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 70091F95A83 for ; Sat, 7 Apr 2018 16:37:30 +0000 (UTC) (envelope-from mayuresh@kathe.in) Received: from relay9-d.mail.gandi.net (relay9-d.mail.gandi.net [IPv6:2001:4b98:c:538::199]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F1FF16826B for ; Sat, 7 Apr 2018 16:37:29 +0000 (UTC) (envelope-from mayuresh@kathe.in) Received: from webmail.gandi.net (unknown [10.200.201.12]) (Authenticated sender: mayuresh@kathe.in) by relay9-d.mail.gandi.net (Postfix) with ESMTPA id B399CFF80B for ; Sat, 7 Apr 2018 18:37:22 +0200 (CEST) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Sat, 07 Apr 2018 22:07:21 +0530 From: Mayuresh Kathe To: freebsd-questions@freebsd.org Subject: word cloud! Reply-To: mayuresh@kathe.in Mail-Reply-To: mayuresh@kathe.in Message-ID: <5e93eb57b2d7a1111c60e58d8f3b8b24@kathe.in> X-Sender: mayuresh@kathe.in User-Agent: Roundcube Webmail/1.1.2 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Apr 2018 16:37:30 -0000 koobs had shared a "freebsd word cloud" a while back. i have been unable to find the image through google. does anyone know where i could get it from? From owner-freebsd-questions@freebsd.org Sat Apr 7 19:07:44 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5332DF9F746 for ; Sat, 7 Apr 2018 19:07:44 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from nightmare.dreamchaser.org (ns.dreamchaser.org [66.109.141.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "dreamchaser.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B4BD67376F for ; Sat, 7 Apr 2018 19:07:43 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from breakaway.dreamchaser.org (breakaway [192.168.151.122]) by nightmare.dreamchaser.org (8.15.2/8.15.2) with ESMTP id w37J7Z5W075116 for ; Sat, 7 Apr 2018 13:07:35 -0600 (MDT) (envelope-from freebsd@dreamchaser.org) To: FreeBSD Mailing List Reply-To: freebsd@dreamchaser.org From: Gary Aitken Subject: how to build and use a debug version of a ports lib? Message-ID: <677559c8-1f23-aac2-464f-621a41446d15@dreamchaser.org> Date: Sat, 7 Apr 2018 13:06:55 -0600 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (nightmare.dreamchaser.org [192.168.151.101]); Sat, 07 Apr 2018 13:07:35 -0600 (MDT) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Apr 2018 19:07:44 -0000 Trying to get a debug version of graphics/lensfun built and linked with something. I tried setting CFLAGS= -O0 -ggdb -pipe CMAKE_ARGS= -DBUILD_AUXFUN:BOOL=ON -O0 -ggdb -pipe in graphics/lensfun/Makefile, then got the following for make configure: CMake Warning: Manually-specified variables were not used by the project: CMAKE_CXX_FLAGS_DEBUG CMAKE_C_FLAGS_DEBUG CMAKE_C_FLAGS_RELEASE CMAKE_EXE_LINKER_FLAGS CMAKE_MODULE_LINKER_FLAGS CMAKE_VERBOSE_MAKEFILE Python_ADDITIONAL_VERSIONS THREADS_HAVE_PTHREAD_ARG 1. Can someone explain what the above means? Where were these manually specified, since I don't think I did it; they aren't in the main Makefile. Or does that message really mean: Manually-specifiable variables which were not ... 2. What's the right way to get libraries built suitable for debugging? Assuming I get the library built suitable for debugging, how do I get it linked? I tried manually doing the following, but ldd still shows the lensfun lib coming from the one in /usr/local/lib, not the one I pointed at: $ c++ -O0 -pipe -fstack-protector -fno-strict-aliasing -fstack-protector -o ufraw ufraw-ufraw.o libufraw.a /usr/ports/graphics/lensfun/work/lensfun-0.3.2/libs/lensfun/liblensfun.so.0.3.2 -L/usr/local/lib -lpthread -lexiv2 -lgthread-2.0 -pthread -lglib-2.0 -lintl -llcms2 -ltiff -lpng16 -lz -L/usr/local/lib -lgtkimageview -lgtk-x11-2.0 -lgdk-x11-2.0 -lpangocairo-1.0 -latk-1.0 -lcairo -lpthread -lgdk_pixbuf-2.0 -lgio-2.0 -lpangoft2-1.0 -lpango-1.0 -lgobject-2.0 -lglib-2.0 -lintl -lfontconfig -lfreetype -ljasper -ljpeg -lbz2 -lz -lm -lintl $ ldd ./ufraw ./ufraw: liblensfun.so.1 => /usr/local/lib/liblensfun.so.1 (0x80098e000) ... $ file /usr/ports/graphics/lensfun/work/lensfun-0.3.2/libs/lensfun/liblensfun.so.0.3.2 /usr/ports/graphics/lensfun/work/lensfun-0.3.2/libs/lensfun/liblensfun.so.0.3.2: ELF 64-bit LSB shared object, x86-64, version 1 (FreeBSD), dynamically linked, not stripped If instead of specifying the liblensfun.so specifically, I use a -L/usr/ports/graphics/lensfun/work/lensfun-0.3.2/libs/lensfun the link fails with things like: libufraw.a(ufraw_lens_ui.o): In function `camera_menu_fill': .../ufraw_lens_ui.c:77: undefined reference to `lf_mlstr_get' Thanks, Gary