Apache + mod_ssl (OpenSSL Error)

Apache + mod_ssl (OpenSSL Error)

am 14.11.2002 23:52:00 von Manoj Kithany

Hi Experts!

I want to INSTALL and CONFIGURE my APACHE 1.3.27 for SSL. I am using IBM AIX
box.
So, I got mod_ssl from the IBM site and installed it in following way(after
READing INSTALL file for 2 hrs;-(

------------------------------------------------------------ ------------
#pwd
/opt/freeware/src/packages/SOURCES/mod_ssl-2.8.11-1.3.27

# ./configure --with-apache=../apache_1.3.27
--with-ssl=/Downloads/openssl-0.9.6g --with-crt=/usr/local/ssl/bin/cert.cer
--with-key=/usr/local/ssl/bin/private.key --prefix=/kit --enable-shared=ssl

#cd ..
#cd apache_1.3.27
#make
#make certificate
#make install
------------------------------------------------------------ ------------
This DOCUMENTATION was given in README file in the above directory.

Later, I start my APACHE for SSL as shown below and get ERROR:
------------------------------------------------------------ ------------
#./apachectl startssl
../apachectl startssl: httpd could not be started
------------------------------------------------------------ ------------

So, I finally READ the LOG file "error_log" and checked it shows:
------------------------------------------------------------ ------------
[error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
(OpenSSL library error follows)
[error] OpenSSL: error:24064064:random number
generator:SSLEAY_RAND_BYTES:PRNG not seeded
[error] OpenSSL: error:04069003:rsa routines:RSA_generate_key:BN lib
------------------------------------------------------------ ------------

Do you know what this error would be? I have already installed EGD entrophy
and is it stored in /dev/egd-pool
Any links/pointers on this is appreciated.

Thanks!

____________________________________________________________ _____
Tired of spam? Get advanced junk mail protection with MSN 8.
http://join.msn.com/?page=features/junkmail

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: Apache + mod_ssl (OpenSSL Error)

am 15.11.2002 09:25:01 von Lutz Jaenicke

On Thu, Nov 14, 2002 at 10:52:00PM +0000, Manoj Kithany wrote:
>
> Hi Experts!
>
> I want to INSTALL and CONFIGURE my APACHE 1.3.27 for SSL. I am using IBM
> AIX box.
> So, I got mod_ssl from the IBM site and installed it in following way(after
> READing INSTALL file for 2 hrs;-(
>
> ------------------------------------------------------------ ------------
> #pwd
> /opt/freeware/src/packages/SOURCES/mod_ssl-2.8.11-1.3.27

> So, I finally READ the LOG file "error_log" and checked it shows:
> ------------------------------------------------------------ ------------
> [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA private key
> (OpenSSL library error follows)
> [error] OpenSSL: error:24064064:random number
> generator:SSLEAY_RAND_BYTES:PRNG not seeded
> [error] OpenSSL: error:04069003:rsa routines:RSA_generate_key:BN lib
> ------------------------------------------------------------ ------------
>
> Do you know what this error would be? I have already installed EGD entrophy
> and is it stored in /dev/egd-pool
> Any links/pointers on this is appreciated.

/dev/egd-pool is only queried automatically starting with OpenSSL 0.9.7.
For 0.9.6x you have to enter the appropriate path using the SSLRandomSeed
directive in httpd.conf. Details are found in the manual.

Best regards,
Lutz
--
Lutz Jaenicke Lutz.Jaenicke@aet.TU-Cottbus.DE
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org