Forum
Error loading RSA private key (FFFFD500)
RaGe10940
29 January 2013, 01:50
Hiawatha version: 8.7
Operating System: Ubuntu Server
Hello I am getting an error every time I try to execute this in the command line : sudo /usr/local/sbin/hiawatha
the error is the Topic Subject.
This is the most important of the lines in my conf file :
Any help / explenation would be lovely.
Operating System: Ubuntu Server
Hello I am getting an error every time I try to execute this in the command line : sudo /usr/local/sbin/hiawatha
the error is the Topic Subject.
This is the most important of the lines in my conf file :
# BINDING SETTINGS
# A binding is where a client can connect to.
#
Binding {
Port = 80
Interface = 192.168.1.3
MaxKeepAlive = 30
TimeForRequest = 3,20
}
Binding {
Port = 443
Interface = 192.168.1.3
MaxKeepAlive = 30
TimeForRequest = 3,20
SSLcertFile = /usr/local/etc/certs/securesite.pem
}
# VIRTUAL HOSTS
# Use a VirtualHost section to declare the websites you want to host.
#
VirtualHost {
Hostname = 192.168.1.3
WebsiteRoot = /usr/local/var/www/FinAidApp
StartFile = index.php
AccessLogfile = /usr/local/var/log/FinAidApp/access.log
ErrorLogfile = /usr/local/var/log/FinAidApp/error.log
TimeForCGI = 20
UseFastCGI = PHP5
AccessList = allow 192.168.1.5, deny all
RequireSSL = yes
# UseToolkit = banshee
}
Any help / explenation would be lovely.
Hugo Leisink
29 January 2013, 08:58
The error means that Hiawatha is not able to read the securesite.pem file. Check the filesystem access rights.
RaGe10940
29 January 2013, 13:17
I already know where this is going, I have to have the securesite.pem file be the same ID as the Hiawatha and rework the read permissions. Thanks again Hugo. Ey quick suggestion maybe have a page with errors? I googled around for this error code and I couldn't find any info on it. I will get to work on this tonight thanks.
Hugo Leisink
29 January 2013, 14:05
I already changed the SSL-related error messages. The should be more clear now.
RaGe10940
30 January 2013, 01:32
I just really want to thank you Hugo. I finally got my server up and running, with SSL enabled by default. I am really happy about this. Thank you so very much. All I had to do was move the key from the directory I made (certs) and put it in the same director as the hiawatha.conf I would like to have it in its own directory but as long as it works I am fine with that.
However another question arises. I know how to encrypt files with OPENSSL. If I encypt my .pem file will that cause hiawatha to not read the .pem file?
However another question arises. I know how to encrypt files with OPENSSL. If I encypt my .pem file will that cause hiawatha to not read the .pem file?
Hugo Leisink
30 January 2013, 07:33
Hiawatha doesn't support password-protected certificate files, because it doesn't make sence. Encrypting a certificate file requires that the used password is included in the Hiawatha configuration. To protect the password, the configuration file should be made readable only for root. But, you could also have made the certificate file read-only for root. Because the last option is more easier and there is no hustle with a password, I chose that option.
This topic has been closed.
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.
Built upon the Banshee PHP framework.
