Bug#390415: [Pkg-openssl-devel] Bug#390415: openssl: Cannot Get Private Key from Cert Created

Sat, 07 Oct 2006 06:41:57 -0700

I had regenerate my cert, but this is shown in my mail.log, is these normal? please advice

Thank you

---------------------------------------------------------------------------------------------

Oct  7 18:53:13 mail postfix/smtpd[4081]: setting up TLS connection from unknown[202.75.42.117]
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:before/accept initialization
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F80] (11 bytes => -1 (0xFFFFFFFF))
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:error in SSLv2/v3 read client hello A
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F80] (11 bytes => 11 (0xB))
Oct  7 18:53:13 mail postfix/smtpd[4081]: 0000 80 8c 01 03 01 00 63                             ......c
Oct  7 18:53:13 mail postfix/smtpd[4081]: 0007 - <SPACES/NULLS>
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F8B] (131 bytes => -1 (0xFFFFFFFF))
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:error in SSLv2/v3 read client hello B
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F8B] (131 bytes => 131 (0x83))
...                                     .b.
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:SSLv3 read client hello A
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:SSLv3 write server hello A
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:SSLv3 write certificate A
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:SSLv3 write key exchange A
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:SSLv3 write server done A
Oct  7 18:53:13 mail postfix/smtpd[4081]: write to 080A3310 [080C30F0] (1944 bytes => 1944 (0x798))
...                                .....
Oct  7 18:53:13 mail postfix/smtpd[4081]: 0795 - <SPACES/NULLS>
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:SSLv3 flush data
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F80] (5 bytes => -1 (0xFFFFFFFF))
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:error in SSLv3 read client certificate A
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:error in SSLv3 read client certificate A
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F80] (5 bytes => 5 (0x5))
Oct  7 18:53:13 mail postfix/smtpd[4081]: 0000 16 03 01 00 86                                   .....
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F85] (134 bytes => -1 (0xFFFFFFFF))
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:error in SSLv3 read client certificate A
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F85] (134 bytes => 134 (0x86))
...
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:SSLv3 read client key exchange A
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F80] (5 bytes => -1 (0xFFFFFFFF))
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:error in SSLv3 read certificate verify A
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F80] (5 bytes => 5 (0x5))
Oct  7 18:53:13 mail postfix/smtpd[4081]: 0000 14 03 01 00 01                                   .....
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F85] (1 bytes => -1 (0xFFFFFFFF))
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:error in SSLv3 read certificate verify A
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F85] (1 bytes => 1 (0x1))
Oct  7 18:53:13 mail postfix/smtpd[4081]: 0000 01                                               .
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F80] (5 bytes => -1 (0xFFFFFFFF))
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:error in SSLv3 read certificate verify A
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F85] (1 bytes => 1 (0x1))
Oct  7 18:53:13 mail postfix/smtpd[4081]: 0000 01                                               .
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F80] (5 bytes => -1 (0xFFFFFFFF))
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:error in SSLv3 read certificate verify A
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F80] (5 bytes => 5 (0x5))
Oct  7 18:53:13 mail postfix/smtpd[4081]: 0000 16 03 01 00 30                                   ....0
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F85] (48 bytes => -1 (0xFFFFFFFF))
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:error in SSLv3 read certificate verify A
Oct  7 18:53:13 mail postfix/smtpd[4081]: read from 080A3310 [080B4F85] (48 bytes => 48 (0x30))
...
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:SSLv3 read finished A
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:SSLv3 write change cipher spec A
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:SSLv3 write finished A
Oct  7 18:53:13 mail postfix/smtpd[4081]: write to 080A3310 [080C30F0] (59 bytes => 59 (0x3B))
...
Oct  7 18:53:13 mail postfix/smtpd[4081]: SSL_accept:SSLv3 flush data
Oct  7 18:53:13 mail postfix/smtpd[4081]: TLS connection established from unknown[202.75.42.117]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)

---------------------------------------------------------------------------------------------
> severity 390415 important
> tags 390415 - l10n
> tags 390415 + moreinfo
> thanks
>
> On Sun, Oct 01, 2006 at 03:00:41PM +0800, System Administrator wrote:
>> Package: openssl
>> Version: 0.9.8c-2
>> Severity: critical
>> Tags: l10n
>> Justification: breaks unrelated software
>
> I don't see how it breaks unrelated, since it's clearly making use of
> the openssl library. Grave or serious should be more than enough if it
> really breaks something.
>
>> Oct 1 14:57:27 mail postfix/smtpd[23458]: initializing the server-side
>> TLS engine
>> Oct 1 14:57:27 mail postfix/smtpd[23458]: warning: cannot get private
>> key from file /etc/postfix/ssl/req.pem
>
> req.pem looks alot like an certificate request. I can only hope it
> doesn't contain your private key.
>
> Did this work with other versions or something?
>
> Your bug report doesn't contain much info, and I can only assume you've
> set things up wrong. So I'm lowering the severity since I don't believe
> this to be a bug in the software.
>
> What did you to create your certificate? I suggest you read the
> documentation on how to create it.
>
>
> Kurt
>
>

Reply via email to