hello!

i use verisign certs but i am only using  the first to sections (rsa private, certificate).
an no blank lines between them also no intermediate and no root cert.

regards

mario

On Nov 29, 2007 2:29 AM, Pete DeLaurentis <pete@nextengine.com> wrote:
Hi guys,

Has anyone had success using Verisign certificates with Pound?  I'm
getting this error:

SSL_CTX_use_PrivateKey_file "/usr/local/etc/pound.pem" failed - aborted

I'm using Verisign's newer certificates that require an intermediate
CA.  We've been using the certificate successfully with Apache for
some time.  Now, we're switching from Apache to Lighttpd, and using
Pound to handle the SSL (it was already doing load balancing for us).

This same error message appears no matter how I violate the PEM file,
or even if I point it to a PEM file that doesn't exist.  So, it's not
much of a guide.  The basic translation seems to be: "Something is
wrong with the PEM file, but it could be anything."

Any help would be much appreciated.

Here's the contents of my PEM file (keys / certs omitted for security).

----BEGIN RSA PRIVATE KEY-----
Private key goes here
-----END RSA PRIVATE KEY-----

-----BEGIN CERTIFICATE-----
SSL Certificate goes here
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
Verisign Intermediate CA
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
Verisign Root CA
-----END CERTIFICATE-----

Thanks,
Pete DeLaurentis
NextEngine, Inc.



--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact roseg@apsis.ch for questions.