sslug-teknik team mailing list archive

Thread
Date

Re: mod_ssl problem

To: sslug-teknik@xxxxxxxx
From: Jon Bendtsen <bendtsen@xxxxxxx>
Date: Sat, 14 Feb 2009 23:38:27 +0100
Delivered-to: mailing list sslug-teknik@xxxxxxxx
In-reply-to: <cf994cc70902141429x76be66e9p6a5060d619a9bd1b@mail.gmail.com>
Mailing-list: contact sslug-teknik-help@xxxxxxxx; run by ezmlm

On 14/02/2009, at 23.29, Martin Møller Skarbiniks Pedersen wrote:

Hej,
 Jeg har problemer med at lave certifikater til min test webserver og
får flg. fejl:

 # apache2ctl restart
 Syntax error on line 1 of /etc/apache2/conf.d/ssl.d/server.crt:
 Invalid command '-----BEGIN', perhaps misspelled or defined by a
module not included in the server configuration


 Jeg følger vejledningen i O'Reiley bogen: "Apache cookbook" 2nd
Edition 2008, side 156, hvor der står:

% openssl genrsa -out server.key 1024
% openssl req -new -key server.key -out server.csr
% cp server.key server.key.org
% openssl rsa -in server.key.org -out server.key

% openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt


og tilføjet til apache2 konfigurationen

LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so
SSLCertificateFile "/etc/apache2/conf.d/ssl.d/server.crt"
SSLCertificateKeyFile "/etc/apache2/conf.d/ssl.d/server.key"


hvad med

    SSLEngine on
    SSLProtocol all
    SSLCipherSuite HIGH:MEDIUM
    SSLVerifyDepth 1

?

References

mod_ssl problem
From: Martin Møller Skarbiniks Pedersen, 2009-02-14