[BlueOnyx:17542] Re: Bad ca-cert stopped the apache server on 5107R
Michael Stauber
mstauber at blueonyx.it
Thu May 7 20:56:29 -05 2015
Hi Ernie,
> I just had a web developer upload a ca-cert to their vsite but he didn't
> check it and it had text comments in it from the CA which you are supposed to
> edit out first. This stopped the apache server and it couldn't restart until
> the offending ca-cert was manually removed by me. Probably needs some sort
> of modification to the Certificate Authority Management script that uploads
> the ca-cert to make sure it wont prevent apache restarting.
Hmm. That's indeed a good point and I'm a bit surprised why this check
isn't already there (or not working for the intermediate).
We can use OpenSSL to verify the cert, key and the intermediate to make
sure they make sense and check out.
I'll look into it.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list