Forum OpenACS Q&A: nsopenssl problem

Posted by Luis Garcia on
I have been trying to install nsopnessl for a while with no luck.

Here is what I have done and my config. file.

I downloaded nsopenssl 1.1c (I don't need the extra features of 2.1)
and compiled it pointing to my OPENSSL=/usr/include. No problems
Now, I change my config. file as follows:


# Socket driver module (HTTPS) -- nsssl


#  nsssl does not load unless sslkeyfile/sslcertfile exist (above).


#ns_section ns/server/${server}/module/nsssl

ns_section ns/server/${server}/modules/nsopenssl

ns_param  port        $httpsport

ns_param  hostname    $hostname

ns_param  address    $address

ns_param  keyfile    $sslkeyfile

ns_param  certfile    $sslcertfile

ns_param Protocol          SSLv2

ns_param Protocol          SSLv3

ns_param Protocol          TLSv1

ns_param CipherSuite


ns_param SessionCache      true

ns_param SessionCacheSize  512

ns_param SessionCacheTimeout 300

ns_param ClientVerify        true

ns_param CADir              ca

ns_param CAFile              ca.pem

ns_param Trace              false

ns_param SeedBytes          1024

ns_param RandomFile          /usr/include

I keep the port set to httpsport 8443 and none of the servers start.
If I comment out, then my http server starts. The
certificates I am using are the ones that come with nsopenssl.

What's going on? Any ideas?


Posted by David Walker on
That's hard to read. Try using html and putting <pre></pre> tags around that type of stuff in the future.

Look in /usr/local/aolserver/log/server-xxx.log or wherever your server's log file is for the answer to this.
Posted by Randy Kunkee on
Ditto that that's hard to read.  The answer is indeed in the log files.  I found this to be a very simple configuration, once I got everything matched up, ie. the key and cert file paths pointing to where I had actually put them.