Big news! The community will be moving to a new platform April 21. Read more.
Big news! The community will be moving to a new platform April 21. Read more.
Absent Member.
Absent Member.
1225 views

F'ed up the server CA

H all: Long story - short. Due to an SMT issue, I replaced the YaST_Default_CA as it had expired. This went smoothly and I was able to export the "common server certificate". HOWEVER, it seems that I have corrupted the iManager certificate and now cannot register with Novell via "suse_register" as I get this error message:

error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol

I have confirmed that I can get to Novell fine using: curl -v --trace-asci /tmp/sutrace.txt https://secure-www.novell.com/home/
I cannot connect to iManager on the server using: curl -v --trace-asci /tmp/sutrace.txt https://server/nps/imanager/
The second command above yields the same curl 35.

So, has anyone else seen this issue and/or knows the cause and fix? All help greatly appreciated, Chris.
Labels (2)
0 Likes
4 Replies
Absent Member.
Absent Member.

This issue has been resolved. For some reason a soft-link to vhosts-ssl.conf was removed which caused all sorts of problems with apache.


>>> Chris<cmosentine@N0_5pam.vrapc.com> 5/20/2013 9:07 AM >>>


H all: Long story - short. Due to an SMT issue, I replaced the YaST_Default_CA as it had expired. This went smoothly and I was able to export the "common server certificate". HOWEVER, it seems that I have corrupted the iManager certificate and now cannot register with Novell via "suse_register" as I get this error message:

error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol

I have confirmed that I can get to Novell fine using: curl -v --trace-asci /tmp/sutrace.txt https://secure-www.novell.com/home/
I cannot connect to iManager on the server using: curl -v --trace-asci /tmp/sutrace.txt https://server/nps/imanager/
The second command above yields the same curl 35.

So, has anyone else seen this issue and/or knows the cause and fix? All help greatly appreciated, Chris.
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

Chris;2264653 wrote:
This issue has been resolved. For some reason a soft-link to vhosts-ssl.conf was removed which caused all sorts of problems with apache.


Hi Chris,

Thanks for feeding that back! I'm curious where that soft-link resides that was missing in your setup?

Thanks,
Willem
0 Likes
Absent Member.
Absent Member.

The soft-link (vhost-ssl.conf) resides in /etc/apache2/vhosts.d/ and points to /etc/smt.d/vhost-ssl.conf


>>> magic31<magic31@no-mx.forums.novell.com> 5/23/2013 3:46 AM >>>


Chris;2264653 Wrote:

> This issue has been resolved. For some reason a soft-link to
> vhosts-ssl.conf was removed which caused all sorts of problems with
> apache.
>


Hi Chris,

Thanks for feeding that back! I'm curious where that soft-link resides
that was missing in your setup?

Thanks,
Willem


--
Knowledge Partner (voluntary sysop)

It ain't anything like Harry Potter.. but you gotta love the magic IT
can bring to this world
------------------------------------------------------------------------
magic31's Profile: http://forums.novell.com/member.php?userid=2303
View this thread: http://forums.novell.com/showthread.php?t=466875
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

Chris;2264924 wrote:
The soft-link (vhost-ssl.conf) resides in /etc/apache2/vhosts.d/ and points to /etc/smt.d/vhost-ssl.conf


Ah, ok... I've always pre-configured for SSL directly in /etc/apache2/vhosts.d, so missed that default bit.

Thanks,
Willem
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.