[BlueOnyx:13674] Re: error in new ssl settings for admserv?

Christoph Schneeberger cschnee at box.telemedia.ch
Fri Sep 13 02:28:22 -05 2013 

Sorry for the redundant noise. Saw Dirks report 3s too late..

Cheers,
Christoph

On 09/13/2013 09:17 AM, Dirk Estenfeld wrote:
> Hello,
>
> Tody a customer had the issue that his BO management site was not accessible.
> I checked the server and /usr/sbin/httpd.admsrv was not running.
> I tried to
>
> /etc/init.d/admserv start
>
> But got the error message
>
> Starting admin web server: Syntax error on line 48 of /etc/admserv/conf.d/ssl.conf:
> SSLCipherSuite takes one argument, Colon-delimited list of permitted SSL Ciphers (`XXX:...:XXX' - see manual)
>                                                             [FAILED]
>
> I checked the /etc/admserv/conf.d/ssl.conf and see the following
>
> SSLCipherSuite
> ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:!ECDHE-RSA-RC4-SHA:!TLS_RSA_WITH_RC4_128_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECD        HE_RSA_WITH_3DES_EDE_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:AES128-GCM-SHA256:RC4:TLS_ECDHE_RSA_WITH_RC4_128_SHA:HIGH:!aNULL:!eNULL:!EXP:!LOW:!        MD5:!RC4
>
> In my mind one \n to much.
> I deleted the linefeed to
>
> SSLCipherSuite ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:!ECDHE-RSA-RC4-SHA:!TLS_RSA_WITH_RC4_128_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECD        HE_RSA_WITH_3DES_EDE_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:AES128-GCM-SHA256:RC4:TLS_ECDHE_RSA_WITH_RC4_128_SHA:HIGH:!aNULL:!eNULL:!EXP:!LOW:!        MD5:!RC4
>
> And after that the admserv was able to start again.
>
> I did not change the /etc/admserv/conf.d/ssl.conf manually before so I guess it comes with a yum update.
> @Michael: please check your changes and delete the linefeed (if there is one).
>
> Best regards,
> Dirk
>
>
> -----------------------------------------------
> Black Point Arts Internet Solutions GmbH - Hanauer Landstrasse 423a - 60314 Frankfurt
>
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
>

More information about the Blueonyx mailing list