can not reset SSL Private Key & Certificate for Virtual Host

Discussion in 'Bug Reports' started by andreas, Jul 19, 2011.

  1. andreas

    andreas New Member

    *value must be set
  2. webizen

    webizen New Member

    you can manually empty the fields in config xml for the time being. admin cp will be updated to allow reset in a bit.
  3. webizen

    webizen New Member

    the latest 4.1.2 allows the reset.
  4. netjess

    netjess New Member

    /etc/ssl/private/server.key

    I have a new install running on Ubuntu 10.10.
    I accepted defaults during install.

    When I try to set up my first SSL listener it sees the cert file but on the key file it returns "*file /etc/ssl/private/server.key does not exist. Please create manually".

    In the server log it has the error:
    0#_AdminVHost] [STDERR] PHP Warning: is_file() [<a href='function.is-file'>function.is-file</a>]: Stat failed for /etc/ssl/private/server.key (errno=13 - Permission denied) in /usr/local/lsws/admin/html.4.1.2/classes/ConfValidation.php on line 627

    I have not been able to figure out what/who access is getting denied.
    I compared permissions to the file to another server we have running and they look the same. I even added lsadm user to the root group (not sure that is a good idea).

    sudo ls -l /etc/ssl/private/server.key
    -rwxrwxr-- 1 root root 963 2011-07-28 16:49 /etc/ssl/private/server.key

    any thoughts?
  5. netjess

    netjess New Member

    Well, I did a "chown -R lsadm:lsadm /etc/ssl/private" and that let me apply the key.

    But now I am getting:
    "[SSL] Config SSL Context with Certificate File: /etc/ssl/certs/server.crt and Key File:/etc/ssl/private/server.key get SSL error: error:0906406D:pEM routines:pEM_def_callback: problems getting password"

    and

    "[config:server:listener:SSL] failed to start SSL listener on address 192.168.1.238:443!"
  6. mistwang

    mistwang LiteSpeed Staff

    You can make /etc/ssl/private/ world readable temporarily, after save the configuration, then lock down the permission.
    This issue will be addressed in next release 4.1.3 .
  7. mistwang

    mistwang LiteSpeed Staff

    You have to remove the passcode of the private key.
  8. netjess

    netjess New Member

Share This Page