It was said that the writers on Star Trek (TNG) had a way of saying, “We’ll fill in the jargon later”. That was to just write “Tech” several times in bold or italics.
I am on a continual quest to take my server to the next level. I am also trying to learn how and why it works. However, the further I go, the more I really learn about my limitations of knowledge.
So, beyond the cut it my latest tech traumas. If you know answers to techie type quandaries or know people who do… any advice would be more than warmly welcomed.
So here is this week’s installment of:
Please note: all of my work is done on Mac OS X Server. This translates to: I’m using standard unix and sometimes get a nifty GUI interface. But typically, no. I don’t.
My two current major brain bashers are
Cyrus/IMAP and SSL
Cyrus/IMAP:
It would seem that my test user’s cyrus directory has gotten munged. I’d like to remove it, find a way to extract the user’s old mail and then deposit or transfer it into a freshly created area. Actually, I’d like to change the name of the user’s mail identity.
SSL:
Oh, this one has been a nightmare. I actually got a cert agency to make me a 128 bit cert. This all seemed to go as planned. I installed it just as the apache ssl_mod says:
SSLCertificateFile /path to certificate file/your issued certificate
SSLCertificateKeyFile /path to key file/your key file
SSLCertificateChainFile /path to intermediate certificate/sf_issuing.crt
I even told the cert agency: Apache. Made the local key, made the CSR. Got back the key and the chain key.
When I run httpd it quickly dies with the errors:
[Sat Feb 26 13:03:00 2005] [error] mod_ssl: Init: Pass phrase incorrect (OpenSSL library error follows)
[Sat Feb 26 13:03:00 2005] [error] OpenSSL: error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long
I am assuming that the Pass phrase is the one I used to generate the local key. So… where am I having problems. The error is none to clear.
Any advice/pointers appreciated…
I wish I knew more about what I was doing.
« I am proud to say, I am no longer ashamed… tech tech tech… 1/2 looking good! »
Here’s what I used to do self-signed certs on Apache on MacOS X v10.2–this should help.
I’d also make sure that all your Apache configuration files, certificates and other text configuration files are set up so that they use Unix line endings instead of Macintosh or Windows line endings.
Um, sledge.hammer should take care of that annoying server. 😉
I think what you want is “The Great Big Panther/SSL Article” over at afp548.com 🙂
http://www.afp548.com/article.php?story=20040722080720854