[Eisfair] [e2] owncloud ssl

Andreas Lehmler wuddy at nexgo.de
Sa Apr 6 14:02:04 CEST 2013


Hallo Jürgen,

den Port 443 hab ich mir immer für SSL freigehalten, was auch z.Z. so ist.
Ich hab eben mal versucht meine ca.pem und apache.pem zu löschen, da es 
dort Änderungen gibt. Aber dort werden auch error angezeigt

***

Certificate selection

Certificates

   1 - apache.pem
   2 - ca.pem
   3 - cacert-class-1-root.pem
   4 - cacert-class-3-root.pem
   5 - mini_httpd.pem

Which certificate should be revoked (1-5,q)? 2

You have to enter the following data:

1. Select revocation reason.
2. Passphrase for your CA key.

running commands: openssl ca -revoke /usr/local/ssl/certs/ca.pem 
-crl_reason <reason>
                   openssl ca -updatedb
                   mv /usr/local/ssl/certs/ca.pem 
/usr/local/ssl/revoked/ca.pem
                   /usr/bin/ssl/c_rehash /usr/local/ssl/certs
Press ENTER to continue

   1 - key has been compromised.
   2 - CA has been compromised.
   3 - no reason given.
   4 - information of the certificate owner has been changed.
   5 - certificate has been replaced.
   6 - certificate no longer required.

Please select (1-6): 4
Using configuration from /usr/local/ssl/openssl.cnf
unable to load CA private key
27453:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: ANY PRIVATE KEY
Update revokation list now (y/N)? y

You have to enter the following data:

1. Passphrase of your CA key.

running commands: openssl ca -gencrl -out /usr/local/ssl/crl/crl.pem
                   openssl crl -in /usr/local/ssl/crl/crl.pem -outform 
der -out /usr/local/ssl/crl/crl.der
                   /usr/bin/ssl/c_rehash /usr/local/ssl/crl >/dev/null 
2>/dev/null
Press ENTER to continue
Using configuration from /usr/local/ssl/openssl.cnf
unable to load CA private key
27855:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: ANY PRIVATE KEY
unable to load CRL
27856:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: X509 CRL

Press ENTER to continue

***

Selbst wenn ich das pem für den apache löschen will , koomt eine error 
Meldung

***

Certificate selection

Certificates

   1 - apache.pem
   2 - ca.pem
   3 - cacert-class-1-root.pem
   4 - cacert-class-3-root.pem
   5 - mini_httpd.pem

Which certificate should be revoked (1-5,q)? 1

You have to enter the following data:

1. Select revocation reason.
2. Passphrase for your CA key.

running commands: openssl ca -revoke /usr/local/ssl/certs/apache.pem 
-crl_reason <reason>
                   openssl ca -updatedb
                   mv /usr/local/ssl/certs/apache.pem 
/usr/local/ssl/revoked/apache.pem
                   /usr/bin/ssl/c_rehash /usr/local/ssl/certs
Press ENTER to continue

   1 - key has been compromised.
   2 - CA has been compromised.
   3 - no reason given.
   4 - information of the certificate owner has been changed.
   5 - certificate has been replaced.
   6 - certificate no longer required.

Please select (1-6): 4
Using configuration from /usr/local/ssl/openssl.cnf
unable to load CA private key
7686:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: ANY PRIVATE KEY
Update revokation list now (y/N)? y

You have to enter the following data:

1. Passphrase of your CA key.

running commands: openssl ca -gencrl -out /usr/local/ssl/crl/crl.pem
                   openssl crl -in /usr/local/ssl/crl/crl.pem -outform 
der -out /usr/local/ssl/crl/crl.der
                   /usr/bin/ssl/c_rehash /usr/local/ssl/crl >/dev/null 
2>/dev/null
Press ENTER to continue
Using configuration from /usr/local/ssl/openssl.cnf
unable to load CA private key
7714:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: ANY PRIVATE KEY
unable to load CRL
7715:error:0906D06C:PEM routines:PEM_read_bio:no start 
line:pem_lib.c:647:Expecting: X509 CRL

Press ENTER to continue

***

Liegt das an der error Meldung, das das bei mir nbicht geht ?
Ich hab die certs / 1.2.5 / 2012-11-03

Gruß
Andreas






Mehr Informationen über die Mailingliste Eisfair