Re: [users@httpd] Apache HTTPD 2.2.6 + mod_ssl 2.2.6 -- odd error...

Wed, 01 Dec 2010 07:31:08 -0800 

J.Lance Wilkinson wrote:

Sander Temme wrote:

On Nov 30, 2010, at 8:37 PM, J.Lance Wilkinson wrote:
But my httpd log files present an unexpected error each and every time a browser visits an SSL encrypted page (2 examples cited): 

So there is no discernible negative impact on the client?


    Correct.   At the moment, the only negative impact is the considerably
    larger error log files being generated.

    Furthermore, watching the error log with tail -f, I can say that the
    errors are NOT being thrown EVERY time a browser visits an SSL
    encrypted page.



User interface error unable to load Private Key 22439:error:0906A068:PEM
routines:PEM_do_header:bad password read:/on10/build-nd/G10U10B0B/usr/src/common/openssl/crypto/pem/pem_lib.c:401: 

        In hindsight, the fact these messages were not prefixed by typical
        Apache error log tokens like like [timestamp] [severity] [client]
        should have been the tipoff here.

        These errors are being thrown not by Apache, mod_ssl or mod_cosign.
        That explains why they don't appear at server startup, and normal
        client activity doesn't seem to be affected.

        The errors are being thrown by explicit executions of the OPENSSL
        utility from within PHP scripts on the application that was used to
        test out the new certificates -- an application used to, ironically,
        MANAGE SSL CERTIFICATES.  The output from backtick'd calls to the
        OPENSSL utility was being output to syserr which of course PHP (using
        mod_php5) was shunting to the Apache error log for lack of a better
        place to put it.

        Should be safe to proceed with the other applications of these new
        certificates that are so critical today.

        Thanks for everybody's patience and indulgence -- clearly this should
        never have been posted here, but I was desperate.

--
J.Lance Wilkinson ("Lance")           InterNet: lance.wilkin...@psu.edu
Systems Design Specialist - Lead        Phone: (814) 865-4870
Digital Library Technologies            FAX:   (814) 863-3560
E3 Paterno Library
Penn State University
University Park, PA 16802

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Reply via email to