| Author |
|
roger
Joined: 08 May 2009
Posts: 5
Location: Canada
|
 Posted: Tue 12 May '09 20:25 Post subject: setup ssl problem |
 |
|
Hello, I am trying to setup SSL. I have installed Apache 2.2 with openSSL. when running any openssl command I get
Warning: can't open config file: /usr/local/ssl/openssl.cnf
in this doc http://www.apachelounge.com/download/InstallingApacheonWindows.pdf it mentions to create a folder in C openssl/ssl and place the openssl.cnf file from conf folder. I did that.
please advise. thank you |
|
| Back to top |
|
glsmith
Moderator
Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA
|
| Posted: Tue 12 May '09 21:05 Post subject: |
|
|
I saw this post coming about a year or more ago and had suggested building openssl with the following switches at compile time.
--prefix=/Apache2 --openssldir=/Apache2/conf
You need to make the tree on the same drive Apache is installed .. if that is the C drive at C:\Apache2 then at a command prompt
cd\
md usr
md usr\local
md usr\local\ssl
copy \apache2\conf\openssl.cnf \usr\local\ssl |
|
| Back to top |
|
roger
Joined: 08 May 2009
Posts: 5
Location: Canada
|
| Posted: Tue 12 May '09 21:36 Post subject: |
|
|
| thanks, that did the trick. |
|
| Back to top |
|
sonavor
Joined: 05 Oct 2009
Posts: 2
|
| Posted: Mon 05 Oct '09 19:11 Post subject: Problems with openssl with Apache 2.2 on windows XP |
|
|
I am getting the error:
can't open config file: /usr/local/ssl/openssl.cnf
when I try to run
E:\ApacheSoftwareFoundation\Apache2.2\bin>openssl req -config openssl.cnf -new -out server.csr
I am trying to configure a certificate for SSL on a development server to test my http/https switching. I use Apache 2.2 as the web server and Tomcat 5.5 as the servlet engine.
From the instructions in all of the Apache - SSL postings here I thought I had all of the pieces. On my Apache installation I noticed that the openssl.cnf file had been renamed to just openssl and Windows thinks it is a file type "SpeedDial". I placed the ".cnf" extension back on it. The file is in my Apache2.2\conf directory.
In trying several variations of the
openssl req -config conf\openssl.cnf -new -out my-server.csr
command....
I keep getting the WARNING: can't open config file: /usr/local/ssl/openssl.cnf
It makes sense that I am getting an error if the process is expecting a /usr/local/ssl directory....it isn't going to find a /usr directory on Windows. It would need to at least look for a \usr direcotry (which I did create).
What am I missing in this setup attempt?
Thanks
-sonavor |
|
| Back to top |
|
sonavor
Joined: 05 Oct 2009
Posts: 2
|
| Posted: Mon 05 Oct '09 20:23 Post subject: Problems with openssl with Apache 2.2 on windows XP |
|
|
Solved the problem
I found a hint to the solution at -
http://raibledesigns.com/wiki/Wiki.jsp?page=ApacheSSL
There is an environment variable called OPENSSL_CONF that can be set.
When it is set you can use this command -
openssl req -new -out server.csr
instead of -
openssl req -config openssl.cnf -new -out server.csr
The openssl command will look for the config file path in the environment variable since it is left out of -
openssl req -new -out server.csr
In my case I set the environment variable like this -
set OPENSSL_CONF=E:\ApacheSoftwareFoundation\Apache2.2\conf\openssl.cnf
A tricky part of getting it to work is with the openssl.cnf file itself. Windows shows it as a file type "SpeedDial" and hides the extension so the filename looks like it is just "openssl". I tried renaming it to "openssl.cnf". That looks correct in windows explorer but if you look at the filename in a dos window the actual filename became "openssl.cnf.cnf". So even though Windows shows the name without the .cnf extension it is there. That was confusing because I have my explorer set to not hide file extensions.
So with the environment variable pointing to the openssl.cnf file that I needed the command -
openssl req -new -out server.csr
worked. |
|
| Back to top |
|
