Try: Group nobody
Of course, you need to have the nobody group on your system (many already do). Another popular choice for User/Group is apache (again, it must be present, don't mess with this until you understand the implications of creating a special user for Apache). again, thanks very much for the response. I believe it is unix/solaris system. The unix admin compiled apache. Is there a way to check users and groups? Are these groups and users unix accounts, or accounts under apache? Before trying to implement ssl (when there was no ssl.conf and a smaller version of httpd.conf was used, the apache server worked correctly (using apachectl start not startssl - is apachectl startssl the correct way to start the server?). Since then, an upgrade was performed from apache 1.3 to apache2 - some libraries were missing, and they were patched, but there may still be missing libraries. The Group was changed to nobody, and the error_log still produced: 207401 [Wed Aug 10 11:11:10 2005] [notice] Digest: generating secret for digest authentication ... 207402 [Wed Aug 10 11:11:10 2005] [notice] Digest: done 207403 [Wed Aug 10 11:11:13 2005] [warn] pid file /var/run/httpd.pid overwritten -- Unclean shutdown of previous Apache run? 207404 [Wed Aug 10 11:11:13 2005] [alert] (22)Invalid argument: setgid: unable to set group id to Group 4294967295 207405 [Wed Aug 10 11:11:13 2005] [alert] (22)Invalid argument: setgid: unable to set group id to Group 4294967295 207406 [Wed Aug 10 11:11:13 2005] [alert] (22)Invalid argument: setgid: unable to set group id to Group 4294967295 207407 [Wed Aug 10 11:11:13 2005] [alert] (22)Invalid argument: setgid: unable to set group id to Group 4294967295 207408 [Wed Aug 10 11:11:13 2005] [notice] Apache/2.0.54 (Unix) mod_ssl/2.0.54 OpenSSL/0.9.7d DAV/2 configured -- resuming normal operations 207409 [Wed Aug 10 11:11:13 2005] [alert] Child 22341 returned a Fatal error... Apache is exiting! 207410 [Wed Aug 10 11:11:13 2005] [alert] (22)Invalid argument: setgid: unable to set group id to Group 4294967295 tia, dk -----Original Message----- From: Jorey Bump <[EMAIL PROTECTED]> Sent: Aug 10, 2005 11:07 AM To: openssl-users@openssl.org Subject: Re: Can SSL work with IP Address instead of FQDN? [EMAIL PROTECTED] wrote: >>also looking into (22)Invalid argument: setgid: unable to set group id to > > Group 4294967295 > > This is your real problem. Check your Group setting in your apache > configuration. You probably just need to get your permissions and > ownerships correct. > > Thanks very much for your response. Any idea what the Group setting needs to > be in httpd.conf? In theory, only you know this. :) What's your platform? The de facto standard varies, and it's anyone's guess if you compiled apache yourself. > this is how it looks now > > User nobody > Group #-1 Try: Group nobody Of course, you need to have the nobody group on your system (many already do). Another popular choice for User/Group is apache (again, it must be present, don't mess with this until you understand the implications of creating a special user for Apache). ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
