Quantcast

spurious SSL error: originating from cherokee-admin

classic Classic list List threaded Threaded
1 message Options
jvp
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

spurious SSL error: originating from cherokee-admin

jvp
This post has NOT been accepted by the mailing list yet.
when adding/changing either cert or key for a vserver, the 'update' proc accepts whatever and it can be 'saved'. however, when the server is (re-)started and tries to use openssl to validate the cert to the key and it finds an error it will report that the error occurred in the vserver PRIOR to the one actually in error.

i.e., you have vservers A, B, C, D, and default (sequentially from top-to-bottom): if you induce an error in server 'C', the checking proc will report that the error was in 'B'.

obviously, not knowing this will cause you to waste a lot of time wondering/checking the csr, crt, and key for the wrong vserver. this is all the more confusing since everything is right in the server you are supposed to correct per the proc.

--
thank you,

johann

cherokee 101
openssl 1.0.0
centos 6.2
Loading...