new to Apache-SSL world needs help
am 29.01.2003 14:43:06 von Zampognaro SergioThis message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
--Boundary_(ID_Djye1HMUmNmPze37iMbfug)
Content-type: text/plain; charset=iso-8859-1
Content-transfer-encoding: 7BIT
Hi all,
I need to migrate a web site from http to secure https. Mine is a Digital
UNIX V4.0F (Rev. 1229) server.
I downloaded following packages:
- openssl-0.9.7
- httpd-2.0.44
1) openssl installation - steps performed:
../config --prefix=/home/aspprod/aspapp/mySSL/openSSL
make
I got this warnings on stderr:
ar: Warning: creating ../libcrypto.a
ar: Warning: creating ../libssl.a
make test
On stderr I got this messages contained in attached fiel:
errore3.txt
make install
I got this messages on stderr:
./pod2mantest: pod2man: not found
pod2man does not work properly ('BasicTest' failed). Looking for
another pod2man ...
No working pod2man found. Consider installing a new version.
As a workaround, we'll use a bundled old copy of pod2man.pl.
First of all do you think all this warnings are fatal for my openssl
installation?
2) apache2 installation - steps performed:
../configure --prefix=/home/aspprod/aspapp/mySSL/apache2
--with=/home/aspprod/aspapp/mySSL/openSSL
make
I got a lot of warnings on stderr!
make install
At this point I have to customize http.conf and ssl.conf files.
Could you send me an example of such files already modified? I need to
understand what I must change.
thanks in advance!
Sergio
> ________________________________________
> SchlumbergerSema
ing. Sergio Zampognaro
System Integration - SMA
Via Antiniana 2A - 80078 Pozzuoli (NA) - ITALY
> Mobile*+39 335 131 54 26
> Phone * +39 081 6103 483
> Fax 6 +39 081 6103 200
> e-mail * SZampognaro@naples.sema.slb.com
>
This email is confidential and intended solely for the use of the individual
to whom it is addressed. Any views or opinions presented are solely those of
the author and do not necessarily represent those of SchlumbergerSema SpA.
If you are not the intended recipient, be advised that you have received
this email in error and that any use, dissemination, forwarding, printing,
or copying of this email is strictly prohibited.
If you have received this email in error please notify the SchlumbergerSema
Helpdesk, by telephone on +39.0125.810500 or by e-mail on
helpdesk@semagroup.it
--Boundary_(ID_Djye1HMUmNmPze37iMbfug)
Content-type: text/plain; name=errore3.txt
Content-transfer-encoding: 7BIT
Content-disposition: attachment; filename=errore3.txt
test BN_add
test BN_sub
test BN_lshift1
test BN_lshift (fixed)
test BN_lshift
test BN_rshift1
test BN_rshift
test BN_sqr
test BN_mul
test BN_div
test BN_div_recp
test BN_mod
test BN_mod_mul
test BN_mont
test BN_mod_exp
test BN_exp
test BN_kronecker
...............++++++
............................................................ .........................................
test BN_mod_sqrt
......
......
......
......
......
......
......
......
........++++++++++++
......
......++++++++++++
......
................++++++++++++
......
...++++++++++++
......
....++++++++++++
......
....++++++++++++
......
.....................++++++++++++
......
........++++++++++++
......
bc does not work properly ('SunOStest' failed). Looking for another bc ...
/usr/bin/bc does not work properly ('SunOStest' failed). Looking for another bc ...
No working bc found. Consider installing GNU bc.
0 tests passed
Generating a 512 bit RSA private key
..++++++++++++
.....++++++++++++
writing new private key to 'testkey.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
State or Province Name (full name) [Queensland]:
Locality Name (eg, city) []:Brisbane
Organization Name (eg, company) []:CryptSoft Pty Ltd
Organizational Unit Name (eg, section) []:.
Common Name (eg, YOUR name) []:Eric Young
Email Address []:eay@mincom.oz.au
verify OK
test generation of DSA parameters
..++++++++++++++++++++++++++++++++++++++++++++++++++*
....+........+..+...+............+.+..+..................... .....................................................+++++++ +++++++++++++
+++++++++++++++++++++++++++++++*
seed
D5014E4B 60EF2BA8 B6211B40 62BA3224 E0427DD3
counter=105 h=2
P:
00:8d:f2:a4:94:49:22:76:aa:3d:25:75:9b:b0:68:
69:cb:ea:c0:d8:3a:fb:8d:0c:f7:cb:b8:32:4f:0d:
78:82:e5:d0:76:2f:c5:b7:21:0e:af:c2:e9:ad:ac:
32:ab:7a:ac:49:69:3d:fb:f8:37:24:c2:ec:07:36:
ee:31:c8:02:91
Q:
00:c7:73:21:8c:73:7e:c8:ee:99:3b:4f:2d:ed:30:
f4:8e:da:ce:91:5f
G:
62:6d:02:78:39:ea:0a:13:41:31:63:a5:5b:4c:b5:
00:29:9d:55:22:95:6c:ef:cb:3b:ff:10:f3:99:ce:
2c:2e:71:cb:9d:e5:fa:24:ba:bf:58:e5:b7:95:21:
92:5c:9c:c4:2e:9f:6f:46:4b:08:8c:c5:72:af:53:
e6:d7:88:02
test generation of DSA parameters
..++++++++++++++++++++++++++++++++++++++++++++++++++*
....+........+..+...+............+.+..+..................... .....................................................+++++++ +++++++++++++
+++++++++++++++++++++++++++++++*
seed
D5014E4B 60EF2BA8 B6211B40 62BA3224 E0427DD3
counter=105 h=2
P:
00:8d:f2:a4:94:49:22:76:aa:3d:25:75:9b:b0:68:
69:cb:ea:c0:d8:3a:fb:8d:0c:f7:cb:b8:32:4f:0d:
78:82:e5:d0:76:2f:c5:b7:21:0e:af:c2:e9:ad:ac:
32:ab:7a:ac:49:69:3d:fb:f8:37:24:c2:ec:07:36:
ee:31:c8:02:91
Q:
00:c7:73:21:8c:73:7e:c8:ee:99:3b:4f:2d:ed:30:
f4:8e:da:ce:91:5f
G:
62:6d:02:78:39:ea:0a:13:41:31:63:a5:5b:4c:b5:
00:29:9d:55:22:95:6c:ef:cb:3b:ff:10:f3:99:ce:
2c:2e:71:cb:9d:e5:fa:24:ba:bf:58:e5:b7:95:21:
92:5c:9c:c4:2e:9f:6f:46:4b:08:8c:c5:72:af:53:
e6:d7:88:02
Generating a 512 bit RSA private key
............++++++++++++
.................++++++++++++
writing new private key to 'keyCA.ss'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers
Common Name (eg, YOUR name) []:Dodgy CA
unable to load 'random state'
This means that the random number generator has not been seeded
with much random data.
Consider setting the RANDFILE environment variable to point at a file that
'random' data can be kept in (the file will be overwritten).
Signature ok
subject=/C=AU/O=Dodgy Brothers/CN=Dodgy CA
Getting Private key
unable to load 'random state'
This means that the random number generator has not been seeded
with much random data.
Consider setting the RANDFILE environment variable to point at a file that
'random' data can be kept in (the file will be overwritten).
Getting request Private Key
Generating certificate request
verify OK
verify OK
Generating a 512 bit RSA private key
.................++++++++++++
..............................++++++++++++
writing new private key to 'keyU.ss'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers
Common Name (eg, YOUR name) []:Brother 1
Common Name (eg, YOUR name) []:Brother 2
unable to load 'random state'
This means that the random number generator has not been seeded
with much random data.
Consider setting the RANDFILE environment variable to point at a file that
'random' data can be kept in (the file will be overwritten).
Signature ok
subject=/C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
Getting CA Private Key
Generating a 512 bit RSA private key
..............++++++++++++
............................++++++++++++
writing new private key to './demoCA/private/./cakey.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers
Common Name (eg, YOUR name) []:Dodgy CA
Generating a 512 bit RSA private key
.............................................++++++++++++
...++++++++++++
writing new private key to 'newreq.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:AU
Organization Name (eg, company) []:Dodgy Brothers
Common Name (eg, YOUR name) []:Brother 1
Common Name (eg, YOUR name) []:Brother 2
Using configuration from ../apps/openssl.cnf
unable to load 'random state'
This means that the random number generator has not been seeded
with much random data.
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 1 (0x1)
Validity
Not Before: Jan 29 10:47:46 2003 GMT
Not After : Jan 29 10:47:46 2004 GMT
Subject:
countryName = AU
organizationName = Dodgy Brothers
commonName = Brother 1
commonName = Brother 2
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
66:F5:59:18:BA:EA:16:D6:6E:05:27:D7:A7:6D:11:88:D0:FA:C3:26
X509v3 Authority Key Identifier:
DirName:/C=AU/O=Dodgy Brothers/CN=Dodgy CA
serial:00
Certificate is to be certified until Jan 29 10:47:46 2004 GMT (365 days)
Sign the certificate? [y/n]:
1 out of 1 certificate requests certified, commit? [y/n]Write out database with 1 new entries
Data Base Updated
server authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
client authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
client authentication
server authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
server authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
client authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
client authentication
server authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
server authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
client authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
client authentication
server authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
server authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
client authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
client authentication
server authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
server authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
client authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
client authentication
server authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
server authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
client authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
client authentication
server authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
client authentication
server authentication
depth=1 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
In app_verify_callback, allowing cert. Arg is: Test Callback Argument
Finished printing do we have a context? 0x1fffcfb8 a cert? 0x400fe640
cert depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
--Boundary_(ID_Djye1HMUmNmPze37iMbfug)--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org