[BlueOnyx:13672] error in new ssl settings for admserv?
Dirk Estenfeld
dirk.estenfeld at bpanet.de
Fri Sep 13 02:17:34 -05 2013
Hello,
Tody a customer had the issue that his BO management site was not accessible.
I checked the server and /usr/sbin/httpd.admsrv was not running.
I tried to
/etc/init.d/admserv start
But got the error message
Starting admin web server: Syntax error on line 48 of /etc/admserv/conf.d/ssl.conf:
SSLCipherSuite takes one argument, Colon-delimited list of permitted SSL Ciphers (`XXX:...:XXX' - see manual)
[FAILED]
I checked the /etc/admserv/conf.d/ssl.conf and see the following
SSLCipherSuite
ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:!ECDHE-RSA-RC4-SHA:!TLS_RSA_WITH_RC4_128_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECD HE_RSA_WITH_3DES_EDE_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:AES128-GCM-SHA256:RC4:TLS_ECDHE_RSA_WITH_RC4_128_SHA:HIGH:!aNULL:!eNULL:!EXP:!LOW:! MD5:!RC4
In my mind one \n to much.
I deleted the linefeed to
SSLCipherSuite ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:!ECDHE-RSA-RC4-SHA:!TLS_RSA_WITH_RC4_128_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECD HE_RSA_WITH_3DES_EDE_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:AES128-GCM-SHA256:RC4:TLS_ECDHE_RSA_WITH_RC4_128_SHA:HIGH:!aNULL:!eNULL:!EXP:!LOW:! MD5:!RC4
And after that the admserv was able to start again.
I did not change the /etc/admserv/conf.d/ssl.conf manually before so I guess it comes with a yum update.
@Michael: please check your changes and delete the linefeed (if there is one).
Best regards,
Dirk
-----------------------------------------------
Black Point Arts Internet Solutions GmbH - Hanauer Landstrasse 423a - 60314 Frankfurt
More information about the Blueonyx
mailing list