[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]

SSL config info

Nikolaos Papavassiliou Nikolaos.Papavassiliou@reuters.com
Mon, 24 May 2004 18:24:35 -0700 (PDT)


I apologize if the answer to the the following is too obvious, but this is the first time I am
adding SSL to the mix and I can't seem to be able to make the server work.

I am using a Ultra1 running Solaris 9, and I have compiled with the following options
==========
# ./conserver -V
conserver: conserver.com version 8.1.5
conserver: default access type `r'
conserver: default escape sequence `^Ec'
conserver: default configuration in `/opt/conserver/etc/conserver.cf'
conserver: default password in `/opt/conserver/etc/conserver.passwd'
conserver: default logfile is `/var/log/conserver'
conserver: default pidfile is `/var/run/conserver.pid'
conserver: default limit is 16 members per group
conserver: default primary port referenced as `conserver'
conserver: default secondary base port referenced as `0'
conserver: options: libwrap, openssl, pam, trustrevdns
conserver: openssl version: OpenSSL 0.9.7d 17 Mar 2004
conserver: built with `./configure --prefix=/opt/conserver --with-pam --with-openssl=/opt/local/ssl --with-libwrap=/usr/sfw --with-trustrevdns'
===============

An attempt to start the server fails with the following message:

# ./conserver -d
[Mon May 24 19:45:13 2004] conserver (7111): conserver.com version 8.1.5
[Mon May 24 19:45:13 2004] conserver (7111): started as `root' by `niko'
[Mon May 24 19:45:13 2004] conserver (7111): ERROR: SetupSSL(): could not load SSL certificate from `/opt/conserver/ssl-cred'

The manual page for conserver says that if encryption is built into the code then encrypted connections
(without certificate exchanges) happen by default. What am I missing here?
Do I really have to create those certificates? Has anyone made this work without certificates?

I alos tried to start the server with the -E option, but it did not help

Any help will be appreciated

Regards
Niko





-----------------------------------------------------------------
       Visit our Internet site at http://www.reuters.com

Get closer to the financial markets with Reuters Messaging - for more
information and to register, visit http://www.reuters.com/messaging

Any views expressed in this message are those of  the  individual
sender,  except  where  the sender specifically states them to be
the views of Reuters Ltd.