[Modules] packaging for Fedora Core 11
e at arix.com
Sat Sep 12 01:00:42 EDT 2009
as a matter of interest, it appears that the second domain doesn't
even get processed i.e. removing the key and cert files doesn't
prevent the server from starting:
# ls /var/www/ssl
-rw-r--r-- 1 root root 4243 2009-09-10 02:02 www.domain1.com.crt
-rw------- 1 root root 887 2009-09-10 02:02 www.domain1.com.key
-rw-r--r-- 1 root root 4279 2009-09-11 20:09 xxx.domain2.com.crt
-rw------- 1 root root 887 2009-09-11 20:07 xxx.domain2.com.key
# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
On Sep 11, 2009, at 8:52 PM, Erick Calder wrote:
> I'm attempting to package this module as an RPM for the Fedora
> distribution. I've come across some problems I need help with:
> 1. relocation of the install seems ignored... if I run:
> make DESTDIR=/tmp install
> the makefile still attempts to install to /usr. this is problematic
> for building RPMs but I don't know enough about automake to patch
> the needed files.
> 2. SRP seemed to fail when the module tried to load, complaining
> about a missing function gnutls_srp_server_get_username. is there
> something else I need to have installed or is it a bug? I've
> compiled with --disable-srp for now but would like to figure out
> whether there is a hard dependency I should respect
> 3. the document below indicates that without the dhfile or rsafile,
> the module will never work. however, after making those files don't
> get created... are they no longer needed or is something wrong with
> my setup?
> 4. I've set up a session cache via the command below:
> GnuTLSCache dbm "/var/cache/mod_gnutls"
> however the directory remains empty after I restart the server and
> instead I see two files: mod_gnutls.dir and mod_gnutls.pag in /var/
> cache... this seems wrong?
> 5. I've placed the following assertives in one of my virtual hosts:
> GnuTLSEnable on
> GnuTLSCertificateFile /path/to/my/crt
> GnuTLSKeyFile /path/to/my/key
> but when I visit the virtual host, the following shows up on the logs:
> [Fri Sep 11 20:09:49 2009] [error] GnuTLS: Hanshake Alert (42)
> 'Certificate is bad'.
> [Fri Sep 11 20:09:49 2009] [error] [client 126.96.36.199] GnuTLS:
> Handshake Failed (-12) 'A TLS fatal alert has been received.'
> the domain is one of two that I'm using to test. one of them works,
> the other doesn't. the certificates were generated in the same way
> and signed by the same CA. what could be the matter here?
> I found this:
> which seems somewhat relevant but my tarball doesn't have an
> auth_cert.c - help?
> 6. By turning off GnuTLS on the domain that works ok, I get the
> message below from the second domain:
> SSL received a record that exceeded the maximum permissible length.
> (Error code: ssl_error_rx_record_too_long)
> ok. enough for now. hope someone can help. sigh.
> - e
> Modules mailing list
> Modules at lists.outoforder.cc
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Modules