Date: Wed, 17 Oct 2007 13:38:45 +0100 From: Daniel Bye <freebsd-questions@slightlystrange.org> To: freebsd-questions@freebsd.org Subject: Re: apache mod_ssl chroot problem Message-ID: <20071017123845.GA1393@brick.slightlystrange.org> In-Reply-To: <1192628761.14024.44.camel@beastie.mra.co.id> References: <1192628761.14024.44.camel@beastie.mra.co.id>
next in thread | previous in thread | raw e-mail | index | archive | help
--d6Gm4EdcadzBjdND
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Oct 17, 2007 at 08:46:01PM +0700, Muhammad Reza wrote:
> Dear List.
>=20
> I have problem running apache in chroot mode with ssl enable.
> Apache in chroot mode running fine without ssl enable, but when i try to
> start with mod_ssl enable, error occured with this message.
>=20
> beastie#chroot /chroot/httpd /usr/local/apache2/bin/httpd
> Apache/2.2.6 mod_ssl/2.2.6 (Pass Phrase Dialog)
> Some of your private key files are encrypted for security reasons.
> In order to read them you have to provide the pass phrases.
>=20
> Server beastie.mra.co.id:443 (RSA)
> Enter pass phrase:Apache:mod_ssl:Error: Private key not found.
> **Stopped
>=20
> and with error log
>=20
> [Wed Oct 17 13:37:25 2007] [error] Init: Private key not found
> [Wed Oct 17 13:37:25 2007] [error] SSL Library Error: 218710120
> error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
> [Wed Oct 17 13:37:25 2007] [error] SSL Library Error: 218529960
> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
> [Wed Oct 17 13:37:25 2007] [error] SSL Library Error: 218595386
> error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
> [Wed Oct 17 13:37:25 2007] [error] SSL Library Error: 218734605
> error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
> [Wed Oct 17 13:38:32 2007] [error] Init: Private key not found
> [Wed Oct 17 13:38:32 2007] [error] SSL Library Error: 218710120
> error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
> [Wed Oct 17 13:38:32 2007] [error] SSL Library Error: 218529960
> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
> [Wed Oct 17 13:38:32 2007] [error] SSL Library Error: 218595386b
> error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
> [Wed Oct 17 13:38:32 2007] [error] SSL Library Error: 218734605
> error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
>=20
> If i escape from chrooted enviroment, apache with mod_ssl work fine=20
>=20
> beastie# /usr/local/apache2/bin/httpd
> Apache/2.2.6 mod_ssl/2.2.6 (Pass Phrase Dialog)
> Some of your private key files are encrypted for security reasons.
> In order to read them you have to provide the pass phrases.
>=20
> Server www.example.com:443 (RSA)
> Enter pass phrase:
>=20
> OK: Pass Phrase Dialog successful.
>=20
> Is there something missing here, please enlight me.
The first thing that comes to mind - are your keys inside the chroot area
you want to run apache in?
--=20
Daniel Bye
_
ASCII ribbon campaign ( )
- against HTML, vCards and X
- proprietary attachments in e-mail / \
--d6Gm4EdcadzBjdND
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)
iD8DBQFHFgJVixf5fBYiFmoRAuztAJ9Ny3erNwBsf19x+ATCv5EPtw0WBACgnTfh
yjtr1h2NVX8OTq08O1F4kyg=
=jDL6
-----END PGP SIGNATURE-----
--d6Gm4EdcadzBjdND--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071017123845.GA1393>