Forum
Cannot start Hiawatha with ssl
Fred
11 November 2015, 12:21
Hi,
I get the following error message when starting the webserver:
The server.pem was issued by cacert
I get the following error message when starting the webserver:
Error loading X.509 certificates (-0x2180): X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected
/usr/local/etc/rc.d/hiawatha: WARNING: failed to start hiawatha
The server.pem was issued by cacert
Hugo Leisink
11 November 2015, 21:24
Look at this HOWTO page to see how TLS is configured in Hiawatha.
Fred
11 November 2015, 22:42
Hi Hugo,
I followed the instruction fron the link above and I am now getting the following error message when restarting Hiawatha
Here is my binding.conf file
Can you see any typo I mighth have missed?
Thank you.
PS: my ssl directory = 600 and serverkey.pem = 400
I followed the instruction fron the link above and I am now getting the following error message when restarting Hiawatha
Syntax error in bindings.conf on line 16.
/usr/local/etc/rc.d/hiawatha: WARNING: failed to start hiawatha
Here is my binding.conf file
Binding {
Port = 80
Interface = 192.168.1.125
#Interface = 127.0.0.1
MaxKeepAlive = 100
TimeForRequest = 5,15
MaxRequestSize = 2000
MaxUploadSize = 2
}
Binding {
Port = 443
#Interface = 192.168.1.125
MaxKeepAlive = 100
TimeForRequest = 5,15
TLScertFile = /usr/local/etc/hiawatha/siteconf/ssl/serverkey.pem
MaxRequestSize = 2000
MaxUploadSize = 2
}
Can you see any typo I mighth have missed?
Thank you.
PS: my ssl directory = 600 and serverkey.pem = 400
Hugo Leisink
12 November 2015, 00:53
What Hiawatha version are you using? Since 9.13, all SSL terms in the configuration file has been replaced with TLS. So, if you are using version 9.12 or lower, use SSLcertFile instead. Or even better: upgrade to the latest version.
Fred
12 November 2015, 14:50
Hi Hugo,
I upgraded my Hiawatha version to Hiawatha v9.13 (freeBSD port) and I now get the following error:
Am I suppose to use the server.pem or privatekey.pem?
I used the privatekey.pem.
I use cacert to request the ssl certificate, is there any extra steps that I need to take?
Thank you
Fred
I upgraded my Hiawatha version to Hiawatha v9.13 (freeBSD port) and I now get the following error:
Error loading X.509 certificates from /usr/local/www/webs/production/ssl/bollenberg_privatekey.pem: X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected (-0x2180)
/usr/local/etc/rc.d/hiawatha: WARNING: failed to start hiawatha
Am I suppose to use the server.pem or privatekey.pem?
I used the privatekey.pem.
I use cacert to request the ssl certificate, is there any extra steps that I need to take?
Thank you
Fred
Hugo Leisink
13 November 2015, 12:56
For some reason, mbed TLS is not able to read your certificate. Since I can't take a look at your certificate, I don't know what goes wrong.
This topic has been closed.
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.
Built upon the Banshee PHP framework.
