суббота, 11 июня 2016 г.

OpenSSL для Apache под Windows Server

 

При генерации сертификата вылетала вот такая ошибка:

WARNING: can't open config file: c:/openssl-1.0.2g-win64/ssl/openssl.cnf

Решение в моем случае было таким:

set OPENSSL_CONF=D:\iServer\Apache\conf\openssl.cnf

надо было прописать в переменную окружения путь к файлу конфига

найдено тут http://impradeep.com/warning-cant-open-config-file-copenssl-1-0-1esslopenssl-cnf/

WARNING: can’t open config file: c:/openssl-1.0.1e/ssl/openssl.cnf
Unable to load config info from c:/openssl-1.0.1e/ssl/openssl.cnf

This error occurs mainly on windows when you are using openssl package, The reason is that openssl failed to locate the openssl.cnf file.

There is an environment variable called OPENSSL_CONF that can be set.

I will recommend that you do the following (one windows only)

In my case I set the environment variable like this –
set OPENSSL_CONF=E:\ApacheSoftwareFoundation\Apache2.2\conf\openssl.cnf

A tricky part of getting it to work is with the openssl.cnf file itself. Windows shows it as a file type “SpeedDial” and hides the extension so the filename looks like it is just “openssl”. I tried renaming it to “openssl.cnf”. That looks correct in windows explorer but if you look at the filename in a dos window the actual filename became “openssl.cnf.cnf”. So even though Windows shows the name without the .cnf extension it is there. That was confusing because I have my explorer set to not hide file extensions.

Remember that every-time you open a command prompt you have to run the above command unless you set this as your environment variable.

 

И кроме того после настройки сертификатов так Apache не запускался по ошибке:

Invalid command 'SSLMutex', perhaps misspelled or defined by a module not included in the server configuration

Ошибка была тут SSLMutex default

Эта команда не поддерживается после Apache 2.2 вместо нее надо использовать

Mutex default

Решение найдено тут http://stackoverflow.com/questions/13969272/apache-sslmutex-issue