Following a tutorial for self signing: SSL Library Error: error:0A00018F:SSL routines::ee key too small after an update.
by MooseCaboose from LinuxQuestions.org on (#6PTHX)
I'm pretty sure it was this tutorial
https://www.slackwiki.com/SSL
I pretty much followed it to the letter (aside from changing key info like first and last name).
It worked, too, until I updated 'current' some time ago, and ever since then, apache wouldn't even start and put
Code:[ssl:warn] [pid 1622:tid 1622] AH01902: Host www.example.com:443: X.509 CRL storage locations configured, but CRL checking (SSLCARevocationCheck) is not enabled
[ssl:emerg] [pid 1622:tid 1622] AH02561: Failed to configure certificate www.example.com:443:0, check /etc/ssl/certs/server.crt
[ssl:emerg] [pid 1622:tid 1622] SSL Library Error: error:0A00018F:SSL routines::ee key too smallin /var/log/httpd/error_log
It was probably a bad idea to even try this seeing how I'm near absolutely clueless about this kinda thing, but...I thought it would be fun.
And it, til it wasn't, lol.
Anyway? Is this easy enough to fix to be worth it, or should I just nuke the configs and reconstruct them from scratch with my previous virtual hosts that simply did not have https?
https://www.slackwiki.com/SSL
I pretty much followed it to the letter (aside from changing key info like first and last name).
It worked, too, until I updated 'current' some time ago, and ever since then, apache wouldn't even start and put
Code:[ssl:warn] [pid 1622:tid 1622] AH01902: Host www.example.com:443: X.509 CRL storage locations configured, but CRL checking (SSLCARevocationCheck) is not enabled
[ssl:emerg] [pid 1622:tid 1622] AH02561: Failed to configure certificate www.example.com:443:0, check /etc/ssl/certs/server.crt
[ssl:emerg] [pid 1622:tid 1622] SSL Library Error: error:0A00018F:SSL routines::ee key too smallin /var/log/httpd/error_log
It was probably a bad idea to even try this seeing how I'm near absolutely clueless about this kinda thing, but...I thought it would be fun.
And it, til it wasn't, lol.
Anyway? Is this easy enough to fix to be worth it, or should I just nuke the configs and reconstruct them from scratch with my previous virtual hosts that simply did not have https?