httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Katta, Srinivasa CTR" <>
Subject [users@httpd] Help Needed
Date Fri, 07 Dec 2012 18:52:41 GMT

Good Morning.

I was seeing following  error message in the apache log file /usr/local/apache/logs/error_log,When
I try to start the httpd daemon.

[Fri Dec 07 16:45:14 2012] [emerg] FIPS mode failed
[Fri Dec 07 16:45:14 2012] [emerg] SSL Library Error: 755413103 error:2D06B06F:FIPS routines:FIPS_check_incore_fingerprint:fingerprint
does not match

Could you please advise me,How I can start apache server and also me advise me,If I done any

Please find the openssl,openssh and httpd information below.



Here is the server information;

root@hqd-unixtst-s2 #> uname -a
SunOS hqd-unixtst-s2 5.10 Generic_147441-24 i86pc i386 i86pc
root@hqd-unixtst-s2 #>

Here is the openssl information;

root@hqd-unixtst-s2 #> /usr/local/ssl/bin/openssl
OpenSSL> version
OpenSSL 1.0.1c-fips 10 May 2012

Here is the openssh information;

root@hqd-unixtst-s2 #> sshd -v
sshd: illegal option -- v
OpenSSH_6.1p1, OpenSSL 1.0.1c-fips 10 May 2012
usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file]
            [-f config_file] [-g login_grace_time] [-h host_key_file]
            [-k key_gen_time] [-o option] [-p port] [-u len]
root@hqd-unixtst-s2 #>

Here is the apache httpd version information;

root@hqd-unixtst-s2 #> ./httpd -v
Server version: Apache/2.2.23 (Unix)
Server built:   Dec  7 2012 15:38:35
root@hqd-unixtst-s2 #>

Here is the httpd build configure options;

#! /bin/sh
# Created by configure

"./configure" \
"--prefix=/usr/local/apache" \
"--enable-mime-magic" \
"--enable-info" \
"--enable-imagemap" \
"--enable-speling" \
"--enable-rewrite" \
"--enable-authz-host" \
"--enable-authn-anon" \
"--enable-authn-dbm" \
"--enable-auth-digest" \
"--enable-cern-meta" \
"--enable-expires" \
"--enable-headers" \
"--enable-unique_id" \
"--enable-so" \
"--enable-ssl" \
"--with-ssl=/usr/local/ssl" \
"--with-included-apr" \
"$@" -----------------------------------------------------------------------------

I added SSLFips On  option in the httpd-ssl.conf file and right now,I do not have key files,So,I
commented the following lines in the httpd-ssl.conf file;
#SSLCertificateFile "/usr/local/apache/conf/server.crt"
#SSLCertificateKeyFile "/usr/local/apache/conf/server.key"

Srinivasa Rao Katta (Contractor)
Unix Administrator
URS Federal Services, Inc
Desk (202)-326-3170
Cell (571)-276-1846
(Sun Certified System and Network Administrator)
(Redhat Certified Technician)

View raw message