apache mod_ssl chroot problem

Muhammad Reza reza at mra.co.id
Wed Oct 17 05:15:36 PDT 2007 

Dear List.

I have problem running apache in chroot mode with ssl enable.
Apache in chroot mode running fine without ssl enable, but when i try to
start with mod_ssl enable, error occured with this message.

beastie#chroot /chroot/httpd /usr/local/apache2/bin/httpd
Apache/2.2.6 mod_ssl/2.2.6 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.

Server beastie.mra.co.id:443 (RSA)
Enter pass phrase:Apache:mod_ssl:Error: Private key not found.
**Stopped

and with error log

[Wed Oct 17 13:37:25 2007] [error] Init: Private key not found
[Wed Oct 17 13:37:25 2007] [error] SSL Library Error: 218710120
error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
[Wed Oct 17 13:37:25 2007] [error] SSL Library Error: 218529960
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Wed Oct 17 13:37:25 2007] [error] SSL Library Error: 218595386
error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
[Wed Oct 17 13:37:25 2007] [error] SSL Library Error: 218734605
error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
[Wed Oct 17 13:38:32 2007] [error] Init: Private key not found
[Wed Oct 17 13:38:32 2007] [error] SSL Library Error: 218710120
error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
[Wed Oct 17 13:38:32 2007] [error] SSL Library Error: 218529960
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Wed Oct 17 13:38:32 2007] [error] SSL Library Error: 218595386b
error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
[Wed Oct 17 13:38:32 2007] [error] SSL Library Error: 218734605
error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib

If i escape from chrooted enviroment, apache with mod_ssl work fine 

beastie# /usr/local/apache2/bin/httpd
Apache/2.2.6 mod_ssl/2.2.6 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.

Server www.example.com:443 (RSA)
Enter pass phrase:

OK: Pass Phrase Dialog successful.

Is there something missing here, please enlight me.

regards
Reza

More information about the freebsd-questions mailing list