Say that you restart apache2 and you get the following lines in your log files:
[error] Init: Unable to read server certificate from file /etc/apache2/ssl/server.pem
[error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
It means that you screwed up your apache2 config. Grep your configs for Certificate, i.e. (your config should look like this):
$ sudo grep -r Certificate /etc/apache2 | grep -v :#
/etc/apache2/vhosts.d/00-default-www.haller.ws.conf: SSLCertificateFile /etc/apache2/ssl/server.crt
/etc/apache2/vhosts.d/00-default-www.haller.ws.conf: SSLCertificateKeyFile /etc/apache2/ssl/server.pem
But your config probably says something incorrect like the following:
SSLCertificateFile /etc/apache2/ssl/server.pem
The file extension to apache2 configuration item mapping should look like this:
| Apache2 Configuration Item | File Extension |
|---|
| SSLCertificateFile | .crt |
| SSLCertificateKeyFile | .pem |
Yay...now I can make subversive comments over ssl!! - Nathan "Just Kidding" Powell
Phew... At least you didn't call me a nutjob. ;)
Err... is there a context for those two comments that I'm missing? -- David W
http://nathanpowell.org/blog/archives/316
@david, Oh him you read?!? What am I chopped liver! - Nathan :)
Yep ;) No actually I read your blog too, but I'm not subscribed comments feed... I suppose I should probably do that. -- David W
Just be happy bignate /has/ a comments feed now. Why are we talking about Nathan on Patrick's site again? -Doug
Because the content sucks? ;) -- Patrick.