SSLRandomFIle Error (Apache-mod_ssl)

Hi:

I think I have Apache + mod_ssl on my IBM AIX box.

My httpd.conf file contains:
-----------------------------------------------------------

ServerAdmin manojkithany108@hotmail.com
DocumentRoot /kit
ServerName www.my.server.name
ErrorLog logs/log1
SSLRandomFile file /dev/egd-pool 1024
SSLCertificateFile /usr/local/ssl/certs/cert.cer
SSLCertificateKeyFile /usr/local/ssl/bin/private.key

-----------------------------------------------------------
When I RUN my Apache, I get following Error:
-----------------------------------------------------------
# ./apachectl startssl
Syntax error on line 980 of /kit/conf/httpd.conf:
Invalid command 'SSLRandomFile', perhaps mis-spelled or defined by a module
not included in the server configuration
../apachectl startssl: httpd could not be started
-----------------------------------------------------------

Do you know what is the problem? I read the documentation regarding the
above since my IBM AIX Box does NOT have /dev/random

THANKS!


____________________________________________________________ _____
Help STOP SPAM with the new MSN 8 and get 2 months FREE*
http://join.msn.com/?page=features/junkmail

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: SSLRandomFIle Error (Apache-mod_ssl)

On Fri, Nov 15, 2002 at 09:11:48PM +0000, Manoj Kithany wrote:
> Hi:
>
> I think I have Apache + mod_ssl on my IBM AIX box.
>
> My httpd.conf file contains:
> -----------------------------------------------------------
>
> ServerAdmin manojkithany108@hotmail.com
> DocumentRoot /kit
> ServerName www.my.server.name
> ErrorLog logs/log1
> SSLRandomFile file /dev/egd-pool 1024
> SSLCertificateFile /usr/local/ssl/certs/cert.cer
> SSLCertificateKeyFile /usr/local/ssl/bin/private.key
>
> -----------------------------------------------------------
> When I RUN my Apache, I get following Error:
> -----------------------------------------------------------
> # ./apachectl startssl
> Syntax error on line 980 of /kit/conf/httpd.conf:
> Invalid command 'SSLRandomFile', perhaps mis-spelled or defined by a module
> not included in the server configuration
> ./apachectl startssl: httpd could not be started
> -----------------------------------------------------------
>
> Do you know what is the problem? I read the documentation regarding the
> above since my IBM AIX Box does NOT have /dev/random

But you didn't read carefully enough. If you are using an EGD style device,
you must explicitely tell:
SSLRandomSeed startup egd:/var/run/egd-pool
SSLRandomSeed connect egd:/var/run/egd-pool

(Your path of course is different...)

Best,
Lutz
--
Lutz Jaenicke Lutz.Jaenicke@aet.TU-Cottbus.DE
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: SSLRandomFIle Error (Apache-mod_ssl)

Thanks Lutz:

Where to put SSLRandomSeed....? Becos I put it in Virtual Host as shown:

ServerAdmin manojkithany108@hotmail.com
DocumentRoot /kit
ServerName www.my.server.name
ErrorLog logs/log1
#SSLRandomFile file /dev/egd-pool 1024
SSLRandomSeed startup egd:/var/run/egd-pool
SSLRandomSeed connect egd:/var/run/egd-pool
SSLCertificateFile /usr/local/ssl/certs/cert.cer
SSLCertificateKeyFile /usr/local/ssl/bin/private.key


and it throws following Error:
# ./apachectl startssl
Syntax error on line 983 of /kit/conf/httpd.conf:
SSLRandomSeed cannot occur within section
../apachectl startssl: httpd could not be started
#





>From: Lutz Jaenicke
>Reply-To: modssl-users@modssl.org
>To: modssl-users@modssl.org
>Subject: Re: SSLRandomFIle Error (Apache-mod_ssl)
>Date: Fri, 15 Nov 2002 22:17:31 +0100
>
>On Fri, Nov 15, 2002 at 09:11:48PM +0000, Manoj Kithany wrote:
> > Hi:
> >
> > I think I have Apache + mod_ssl on my IBM AIX box.
> >
> > My httpd.conf file contains:
> > -----------------------------------------------------------
> >
> > ServerAdmin manojkithany108@hotmail.com
> > DocumentRoot /kit
> > ServerName www.my.server.name
> > ErrorLog logs/log1
> > SSLRandomFile file /dev/egd-pool 1024
> > SSLCertificateFile /usr/local/ssl/certs/cert.cer
> > SSLCertificateKeyFile /usr/local/ssl/bin/private.key
> >
> > -----------------------------------------------------------
> > When I RUN my Apache, I get following Error:
> > -----------------------------------------------------------
> > # ./apachectl startssl
> > Syntax error on line 980 of /kit/conf/httpd.conf:
> > Invalid command 'SSLRandomFile', perhaps mis-spelled or defined by a
>module
> > not included in the server configuration
> > ./apachectl startssl: httpd could not be started
> > -----------------------------------------------------------
> >
> > Do you know what is the problem? I read the documentation regarding the
> > above since my IBM AIX Box does NOT have /dev/random
>
>But you didn't read carefully enough. If you are using an EGD style device,
>you must explicitely tell:
>SSLRandomSeed startup egd:/var/run/egd-pool
>SSLRandomSeed connect egd:/var/run/egd-pool



____________________________________________________________ _____
Tired of spam? Get advanced junk mail protection with MSN 8.
http://join.msn.com/?page=features/junkmail

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: SSLRandomFIle Error (Apache-mod_ssl)

On Fri, 15 Nov 2002, Manoj Kithany wrote:

> Thanks Lutz:
>
> Where to put SSLRandomSeed....? Becos I put it in Virtual Host as shown:
>
> ServerAdmin manojkithany108@hotmail.com
> DocumentRoot /kit
> ServerName www.my.server.name
> ErrorLog logs/log1
> #SSLRandomFile file /dev/egd-pool 1024
> SSLRandomSeed startup egd:/var/run/egd-pool
> SSLRandomSeed connect egd:/var/run/egd-pool
> SSLCertificateFile /usr/local/ssl/certs/cert.cer
> SSLCertificateKeyFile /usr/local/ssl/bin/private.key
>
>
> and it throws following Error:
> # ./apachectl startssl
> Syntax error on line 983 of /kit/conf/httpd.conf:
> SSLRandomSeed cannot occur within section
> ./apachectl startssl: httpd could not be started
> #

The clue here is clearly stated: SSLRandomSeed cannot occur within
section, move the SSLRandomSeed directives higher up in the
conf file, before the VirtualHost sections. Perhaps more directly under
the or prior to that.

Thanks,

Ron DuFresne

>
>
>
>
>
> >From: Lutz Jaenicke
> >Reply-To: modssl-users@modssl.org
> >To: modssl-users@modssl.org
> >Subject: Re: SSLRandomFIle Error (Apache-mod_ssl)
> >Date: Fri, 15 Nov 2002 22:17:31 +0100
> >
> >On Fri, Nov 15, 2002 at 09:11:48PM +0000, Manoj Kithany wrote:
> > > Hi:
> > >
> > > I think I have Apache + mod_ssl on my IBM AIX box.
> > >
> > > My httpd.conf file contains:
> > > -----------------------------------------------------------
> > >
> > > ServerAdmin manojkithany108@hotmail.com
> > > DocumentRoot /kit
> > > ServerName www.my.server.name
> > > ErrorLog logs/log1
> > > SSLRandomFile file /dev/egd-pool 1024
> > > SSLCertificateFile /usr/local/ssl/certs/cert.cer
> > > SSLCertificateKeyFile /usr/local/ssl/bin/private.key
> > >
> > > -----------------------------------------------------------
> > > When I RUN my Apache, I get following Error:
> > > -----------------------------------------------------------
> > > # ./apachectl startssl
> > > Syntax error on line 980 of /kit/conf/httpd.conf:
> > > Invalid command 'SSLRandomFile', perhaps mis-spelled or defined by a
> >module
> > > not included in the server configuration
> > > ./apachectl startssl: httpd could not be started
> > > -----------------------------------------------------------
> > >
> > > Do you know what is the problem? I read the documentation regarding the
> > > above since my IBM AIX Box does NOT have /dev/random
> >
> >But you didn't read carefully enough. If you are using an EGD style device,
> >you must explicitely tell:
> >SSLRandomSeed startup egd:/var/run/egd-pool
> >SSLRandomSeed connect egd:/var/run/egd-pool
>
>
>
> ____________________________________________________________ _____
> Tired of spam? Get advanced junk mail protection with MSN 8.
> http://join.msn.com/?page=features/junkmail
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com

"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart

testing, only testing, and damn good at it too!

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org