After setting up nsopenssl on aolserver I got the following error.
3) and logs show the libs and certs were loaded sucessfully
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: modload:
loading '/usr/lib/aolserver4/bin/nssha1.so'
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: modload:
loading '/usr/lib/aolserver4/bin/nsopenssl-3.0/nsopenssl.so'
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl:
generating 512-bit temporary RSA key ...
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl:
generating 1024-bit temporary RSA key ...
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): loading SSL context 'users'
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): 'users' ciphers loaded successfully
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): 'users' using SSLv3 protocol
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): 'users' using TLSv1 protocol
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): 'users' certificate and key loaded successfully
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): 'users' CA file loaded successfully
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: users
(nsopenssl): session cache is turned on for sslcontext 'cnauto'
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): loading SSL context 'client'
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): 'client' ciphers loaded successfully
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): 'client' using SSLv2 protocol
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): 'client' using SSLv3 protocol
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): 'client' using TLSv1 protocol
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): 'client' certificate and key loaded successfully
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): 'client' CA file loaded successfully
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: client
(nsopenssl): session cache is turned on for sslcontext 'cnauto'
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): default SSL context for server is users
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: default
server SSL context: users
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): default SSL context for client is client
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: default
client SSL context: client
[17/Jun/2012:20:20:45][30618.
3074823872][-main-] Notice: nsopenssl
(cnauto): loading 'users' SSL driver
...
[17/Jun/2012:20:20:56][30618.
3052837744][-nsopenssl:driver-] Notice:
starting
[17/Jun/2012:20:20:56][30618.
3052837744][-nsopenssl:driver-] Notice:
nsopenssl: listening on
127.0.0.1:8443
#######
I believe the error is related to the 'client' certificate. Before
I got the error:
########
[17/Jun/2012:20:00:42][30405.
3074971328][-main-] Notice: nsopenssl
(cnauto): loading SSL context 'client'
[17/Jun/2012:20:00:42][30405.
3074971328][-main-] Notice: nsopenssl
(cnauto): 'client' ciphers loaded successfully
[17/Jun/2012:20:00:42][30405.
3074971328][-main-] Notice: nsopenssl
(cnauto): 'client' using SSLv2 protocol
[17/Jun/2012:20:00:42][30405.
3074971328][-main-] Notice: nsopenssl
(cnauto): 'client' using SSLv3 protocol
[17/Jun/2012:20:00:42][30405.
3074971328][-main-] Notice: nsopenssl
(cnauto): 'client' using TLSv1 protocol
[17/Jun/2012:20:00:42][30405.
3074971328][-main-] Error: nsopenssl
(cnauto): 'client' certificate file is not readable or does not
exist
[17/Jun/2012:20:00:42][30405.
3074971328][-main-] Error: nsopenssl
(cnauto): SSL context 'client' left uninitialized
[17/Jun/2012:20:00:42][30405.
3074971328][-main-] Notice: nsopenssl
(cnauto): default SSL context for server is users
[17/Jun/2012:20:00:42][30405.
3074971328][-main-] Notice: default
server SSL context: users
[17/Jun/2012:20:00:42][30405.
3074971328][-main-] Notice: nsopenssl
(cnauto): default SSL context for client is client
[17/Jun/2012:20:00:42][30405.
3074971328][-main-] Notice: default
client SSL context: client
[17/Jun/2012:20:00:42][30405.
3074971328][-main-] Notice: nsopenssl
(cnauto): loading 'users' SSL driver
#########
Then I changed the 'client' cert's paths within config.tcl to the
same of users
Would that be the issue?
Best wishes,
Iuri