Thread: Enabling SSLEngine on Client Mac OS Leopard
View Single Post
Old 08-21-2009, 05:05 PM   PM User | #1
Coyote6
Regular Coder

 
Join Date: May 2009
Location: Moore, OK
Posts: 277
Thanks: 10
Thanked 41 Times in 41 Posts
Coyote6 is an unknown quantity at this point
Enabling SSLEngine on Client Mac OS Leopard
Hi,

I am trying to enable SSL on my Mac running OS Leopard client (not server). I followed the direction on http://www.afp548.com/articles/web/sslcert.html as suggested by another thread but I fall short on where to place the files and how to enable the SSLEngine manual. I have gone in and made sure that the mod_ssl is not commented out in my httpd.conf file and that the include to the extra httpd-ssl.conf file is not commented out.

My httpd-ssl.conf looks like this:

Code:
Listen 443

<VirtualHost *:443>
#My doc root has been changed to my user sites folder.
DocumentRoot "/Users/MyName/Sites"
ServerName localhost:443
ServerAdmin my@email.com
ErrorLog "/private/var/log/apache2/error_log"
TransferLog "/private/var/log/apache2/access_log"

SSLEngine on

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile "/private/etc/ca/server.crt"
SSLCertificateKeyFile "/private/etc/ca/server.key"
SSLCACertificatePate "/private/etc/ca/"

<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/Library/WebServer/CGI-Executables">
SSLOptions +StdEnvVars
</Directory>

BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

CustomLog "/private/var/log/apache2/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>
MY ssl files created from the site listed above are located in the /private/etc/ca folder.

Every time I turn the SSLEngine to on in the config file I get the error 'Safari can't open the page "http://localhost/" because Safari can't connect to the server "localhost". I get the same if I try "https://". If turn the SSLEngine off then everything works fine. In my error logs I get these messages.

Code:
[Time Date][error] Init:Unable to read pas phrase [Hint: key introduced or changed before restart?]
[Time Date][error] SSL Library Error: 218710120 error: 0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
[Time Date][error] SSL Library Error: 218529960 error: 0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Time Date][error] SSL Library Error: 218595386 error: 0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
[Time Date][error] SSL Library Error: 218734605 error: 0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
Can some please tell me what I am doing wrong here? Any help is appreciated thanks.
Coyote6 is offline   Reply With Quote