[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

install ssl certificate in apache

Posted on 2011-03-20
10
Medium Priority
?
494 Views
Last Modified: 2012-05-11
Hi Folks,

i need help on how  to upgrade ssl certificate on apache. Currently it does have valid certificate.I tried to understand the configuration.So i checked the httpd.conf file and found this:
<IfModule mod_ssl.c>
    Include conf/ssl.conf
</IfModule>
So, i checked conf/ssl.conf and i feel only below lines are responsible for implmenting ssl:

SSLEngine on

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile /apps/lions2.2.1r/deployment/apache/conf/ssl.crt/server.crt

SSLCertificateKeyFile /apps/lions2.2.1r/deployment/apache/conf/ssl.key/server.key

SSLCertificateChainFile /apps/lions2.2.1r/deployment/apache/conf/ssl.crt/ca.crt

SSLVerifyClient none
SSLProxyEngine off

What i know is for upgrading i only need to create a new certificate using openssl and i can use the existing key.

So i tried to get more information about openssl and apache. (as i not familiar with both)
I did ps -ef | grep httpd

lionr  5876     1   0   Mar 15 ?           0:26 /apps/lions2.2.1r/deploymentbin/httpd.2.0.59-solaris/bin/httpd -f /apps

then i moved to apps/lions2.2.1r/deploymentbin/
and run :
$openssl version
ld.so.1: openssl: fatal: libssl.so.0.9.8: open failed: No such file or directory
Killed

Got the above output.

As i am not familar with openssl, i tried
$openssl x509 -text -in server.crt
to make sure iam on right path. but still also throwing the same error.

Please help me with ssl ceritficate. Would be great if you can explain my above confugration.

Thank you,
Joe


0
Comment
Question by:jayatallen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 31

Accepted Solution

by:
farzanj earned 1000 total points
ID: 35177819
Appears to me that your openssl is not properly installed.

Which OS are you using?

If you are using Fedora/CentOS/Redhat, you can see if you have it by issuing the following command
rpm -qa | grep openssl

If you have it then issue the following command
rpm -ql openssl | grep libssl

If you have other OS, way to determine would be different.
0
 

Author Comment

by:jayatallen
ID: 35180753
thank you for your reply.

I am using solaris 10.
0
 
LVL 31

Assisted Solution

by:farzanj
farzanj earned 1000 total points
ID: 35181442
I am giving you some commands. Use them as per your judgement.  First find a package.  If it exists, update it.  I would try openssl and libssl.  I am not sure if libssl a part of openssl.  If it does not exist at all, install it.

pkginfo | grep -i openssl

Further, you can try
pkginfo -l openssl

pkginfo -l libssl

List available packages (uses last downloaded copy):
pkg-get -a | egrep -i "openssl|libssl"

Download and install package:
pkg-get -i openssl
pkg-get -i libssl

Upgrade package:
pkg-get -u openssl

0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:jayatallen
ID: 35181637
Hi Farzanj,

i tried and found this:

bash-3.00$ pkginfo | grep -i openssl
application SMCossld                         openssl
system      SUNWopenssl-commands             OpenSSL Commands (Usr)
system      SUNWopenssl-include              OpenSSL Header Files
system      SUNWopenssl-libraries            OpenSSL Libraries (Usr)
system      SUNWopenssl-man                  OpenSSL Manual Pages
system      SUNWopensslr                     OpenSSL (Root)
bash-3.00$ pkginfo -l opensll
ERROR: information for "opensll" was not found
bash-3.00$ pkginfo -l openssl
ERROR: information for "openssl" was not found
bash-3.00$ pkginfo -l libssl
ERROR: information for "libssl" was not found


Does this mean everything is OK?
One more thing,currently ssl is working fine on apache.

Thanks,
Joe
0
 
LVL 31

Expert Comment

by:farzanj
ID: 35181828
Issue the following
openssl -l SUNWopenssl-libraries

It appears that your package is installed but some libraries are missing
0
 

Author Comment

by:jayatallen
ID: 35182218
ran and found:

bash-3.00$ openssl -l SUNWopenssl-libraries
bash: openssl: command not found
0
 

Author Comment

by:jayatallen
ID: 35182249
i tried this:
bash-3.00$ find / -name openssl 2>/dev/null
/usr/sfw/bin/openssl
/usr/sfw/include/openssl
/usr/local/ssl/bin/openssl
/usr/local/ssl/doc/openssl
/usr/local/ssl/include/openssl
/etc/sfw/openssl
/opt/boksm/lib/openssl

ash-3.00$ find /apps/aqueduct -name openssl -type f 2>/dev/null
/apps/aqueduct/tigger/tigger-v1.6.0/bin/httpd.2.0.59-linux-rh2/ssl/bin/openssl
/apps/aqueduct/tigger/tigger-v1.6.0/bin/httpd.2.0.59-linux-rh3/ssl/bin/openssl
/apps/aqueduct/tigger/tigger-v1.6.0/bin/httpd.2.0.59-linux-rh4-amd64/ssl/bin/openssl
/apps/aqueduct/tigger/tigger-v1.6.0/bin/httpd.2.0.59-linux-rh4-int32/ssl/bin/openssl
/apps/aqueduct/tigger/tigger-v1.6.0/bin/httpd.2.0.59-solaris/ssl/bin/openssl

Is there anyway to find which openssl is being use by apache?
0
 

Author Comment

by:jayatallen
ID: 35182263
Tried below one ..same error..


bash-3.00$ /apps/aqueduct/tigger/tigger-v1.6.0/bin/httpd.2.0.59-solaris/ssl/bin/openssl -l SUNWopenssl-libraries
ld.so.1: openssl: fatal: libssl.so.0.9.8: open failed: No such file or directory
Killed
0
 
LVL 31

Expert Comment

by:farzanj
ID: 35186014
Sorry, I meant
pkginfo -l SUNWopenssl-libraries

What do you get?

Also try this

pkg-get -u openssl
0
 

Author Comment

by:jayatallen
ID: 35192802
tried:
bash-3.00$ pkginfo -l SUNWopenssl-libraries
   PKGINST:  SUNWopenssl-libraries
      NAME:  OpenSSL Libraries (Usr)
  CATEGORY:  system
      ARCH:  sparc
   VERSION:  11.10.0,REV=2005.01.21.15.53
   BASEDIR:  /
    VENDOR:  Sun Microsystems, Inc.
      DESC:  OpenSSL Libraries (Usr)
    PSTAMP:  on10-patch20081113042408
  INSTDATE:  Apr 07 2009 07:41
   HOTLINE:  Please contact your local service provider
    STATUS:  completely installed
     FILES:       19 installed pathnames
                   5 shared pathnames
                   4 directories
                   4 executables
               14113 blocks used (approx)

0

Featured Post

Enroll in October's Free Course of the Month

Do you work with and analyze data? Enroll in October's Course of the Month for 7+ hours of SQL training, allowing you to quickly and efficiently store or retrieve data. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question