apache segfaults on startup after specifying the certificate file and key

Hi all,
I am running freebsd 6.1 and apache 2.2.0_7
I am new to SSL and have configured a self-signed certificate
according to http://slacksite.com/apache/certificate.html
I placed the .crt and .pem files in /usr/local/etc/apache22 and set
the .pem file readable only by root
When I start up apache it gives a segmentation fault and stops.
When set the logging option in httpd.conf to debug.
The log file shows the following before the seg fault:

[Sat Dec 30 00:48:27 2006] [info] Init: Seeding PRNG with 136 bytes
of entropy
[Sat Dec 30 00:48:27 2006] [info] Loading certificate & private key
of SSL-aware server
[Sat Dec 30 00:48:27 2006] [debug] ssl_engine_pphrase.c(469):
unencrypted RSA private key - pass phrase not required
[Sat Dec 30 00:48:27 2006] [info] Init: Generating temporary RSA
private keys (512/1024 bits)
[Sat Dec 30 00:48:27 2006] [info] Init: Generating temporary DH
parameters (512/1024 bits)
[Sat Dec 30 00:48:27 2006] [info] Init: Initializing (virtual)
servers for SSL
[Sat Dec 30 00:48:27 2006] [info] Configuring server for SSL protocol
[Sat Dec 30 00:48:27 2006] [debug] ssl_engine_init.c(405): Creating
new SSL context (protocols: SSLv2, SSLv3, TLSv1)
[Sat Dec 30 00:48:27 2006] [debug] ssl_engine_init.c(601):
Configuring permitted SSL ciphers [ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:
+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL]
[Sat Dec 30 00:48:27 2006] [debug] ssl_engine_init.c(729):
Configuring RSA server certificate
[Sat Dec 30 00:48:27 2006] [warn] RSA server certificate CommonName
(CN) `mail.reoins.com' does NOT match server name!?
[Sat Dec 30 00:48:27 2006] [debug] ssl_engine_init.c(768):
Configuring RSA server private key
[Sat Dec 30 00:48:27 2006] [info] Server: Apache/2.2.0, Interface:
mod_ssl/2.2.0, Library: OpenSSL/0.9.8a
[Sat Dec 30 00:48:27 2006] [info] mod_unique_id: using ip addr
209.163.210.42

Thanks for any help or suggestions.
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: apache segfaults on startup after specifying the certificate file and key

------=_Part_114374_26768653.1167544343198
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

You will have better luck on the apache mailing lists (
http://httpd.apache.org) as mod_ssl on this website, as told on modssl.org,
is only for apache 1.x. As of 2.x modssl is incorporated into the apache
distribution and is also maintained by the apache http server project.

On 12/29/06, Mark Robinson wrote:
>
> Hi all,
> I am running freebsd 6.1 and apache 2.2.0_7
> I am new to SSL and have configured a self-signed certificate
> according to http://slacksite.com/apache/certificate.html
> I placed the .crt and .pem files in /usr/local/etc/apache22 and set
> the .pem file readable only by root
> When I start up apache it gives a segmentation fault and stops.
> When set the logging option in httpd.conf to debug.
> The log file shows the following before the seg fault:
>
> [Sat Dec 30 00:48:27 2006] [info] Init: Seeding PRNG with 136 bytes
> of entropy
> [Sat Dec 30 00:48:27 2006] [info] Loading certificate & private key
> of SSL-aware server
> [Sat Dec 30 00:48:27 2006] [debug] ssl_engine_pphrase.c(469):
> unencrypted RSA private key - pass phrase not required
> [Sat Dec 30 00:48:27 2006] [info] Init: Generating temporary RSA
> private keys (512/1024 bits)
> [Sat Dec 30 00:48:27 2006] [info] Init: Generating temporary DH
> parameters (512/1024 bits)
> [Sat Dec 30 00:48:27 2006] [info] Init: Initializing (virtual)
> servers for SSL
> [Sat Dec 30 00:48:27 2006] [info] Configuring server for SSL protocol
> [Sat Dec 30 00:48:27 2006] [debug] ssl_engine_init.c(405): Creating
> new SSL context (protocols: SSLv2, SSLv3, TLSv1)
> [Sat Dec 30 00:48:27 2006] [debug] ssl_engine_init.c(601):
> Configuring permitted SSL ciphers [ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:
> +MEDIUM:+LOW:+SSLv2:+EXP:+eNULL]
> [Sat Dec 30 00:48:27 2006] [debug] ssl_engine_init.c(729):
> Configuring RSA server certificate
> [Sat Dec 30 00:48:27 2006] [warn] RSA server certificate CommonName
> (CN) `mail.reoins.com' does NOT match server name!?
> [Sat Dec 30 00:48:27 2006] [debug] ssl_engine_init.c(768):
> Configuring RSA server private key
> [Sat Dec 30 00:48:27 2006] [info] Server: Apache/2.2.0, Interface:
> mod_ssl/2.2.0, Library: OpenSSL/0.9.8a
> [Sat Dec 30 00:48:27 2006] [info] mod_unique_id: using ip addr
> 209.163.210.42
>
> Thanks for any help or suggestions.
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>

------=_Part_114374_26768653.1167544343198
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

You will have better luck on the apache mailing lists (, is only for apache 1.x
.. As of 2.x modssl is incorporated into the apache distribution and is also maintained by the apache http server project.