[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]

Re: SSL config info

Nikolaos Papavassiliou Nikolaos.Papavassiliou@reuters.com
Tue, 25 May 2004 12:14:31 -0700 (PDT)

Bryan Stansell wrote:

does your conserver.cf have an 'sslcredentials' entry pointing to
/opt/conserver/ssl-cred?  almost has to, based on what it's showing.  if
you include that option, the file needs to exist, be valid, etc.  if you
comment that line out, then, yes, ssl should encrypt the connections
without certs.

hopefully that explains things.


Many thanks Bryan. You were quite correct about it. I had this defined in the
conserver.cf file, not realizing that it will complain if they are not there. After I
removed it it seemed to start the server withno errors. However, I fell into another
problem... Now the client (console) refuses to connect to a console and fails
with SSL connection negotiation errors.

% console nycilab12
console: SSL negotiation failed

Looking at the debug info from the serverlog I see the following:

DEBUG: [cutil.c:2019] FileSSLAccept(): about to SSL_accept() for fd 6
DEBUG: [main.c:301] TmpDHCallback(): asked for a DH key length 1024
ERROR: FileSSLAccept(): SSL error on fd 6

Any clues on this?


users mailing list

       Visit our Internet site at http://www.reuters.com

Get closer to the financial markets with Reuters Messaging - for more
information and to register, visit http://www.reuters.com/messaging

Any views expressed in this message are those of  the  individual
sender,  except  where  the sender specifically states them to be
the views of Reuters Ltd.