Unable to start server

From: Dinesh Garg (Dinesh.Garg_at_telsima.com)
Date: 04/26/05

  • Next message: Sonsurkar, Jayant: "RE: ssh.com sshd 3.2.x, really enforcing sftp-only"
    Date: Tue, 26 Apr 2005 04:16:56 -0400
    To: <secureshell@securityfocus.com>
    
    

    Hi All,

    I compiled the openSSL code (openssl-0.9.7g) using cygwin(I downloaded
    today itself) successfully. But when I ran server as follows I got the
    errors.

    ===========================

    OpenSSL> s_server

    Using default temp DH parameters

    unable to get certificate from 'server.pem'

    2496:error:02001002:system library:fopen:No such file or
    directory:bss_file.c:10

    4:fopen('server.pem','r')

    2496:error:2006D080:BIO routines:BIO_new_file:no such
    file:bss_file.c:107:

    2496:error:02001002:system library:fopen:No such file or
    directory:bss_file.c:27

    8:fopen('server.pem','rb')

    2496:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:280:

    2496:error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system
    lib:ssl_rsa

    .c:515:

    error in s_server

    OpenSSL>

    ===========================

     

    I can see that 'server.pem' is at the following location
    "openssl-0.9.7g\apps".

    Does anyone have any idea how to get over this problem?

     

    Thanks a lot,

    Dinesh


  • Next message: Sonsurkar, Jayant: "RE: ssh.com sshd 3.2.x, really enforcing sftp-only"

    Relevant Pages

    • Re: [fw-wiz] Web server security?
      ... > interface for pluggable security modules. ... I'm unlikely to do a major kernel version upgrade on my only personal Web ... server until I'm comfortable with 2.6. ... Apache and OpenSSL. ...
      (Firewall-Wizards)
    • [EXPL] Openssl-Too-Open: Apache / OpenSSL Remote Exploit
      ... openssl-too-open is a remote exploit for the KEY_ARG overflow in OpenSSL ... The CLIENT_HELLO message contains a list of the ciphers the client ... The server replies with a SERVER_HELLO message, ... The client sends a CLIENT_FINISHED message with a copy of the connection ...
      (Securiteam)
    • [ MDVSA-2014:158 ] openssl
      ... Affected: Business Server 1.0 ... Multiple vulnerabilities has been discovered and corrected in openssl: ... can be exploited through a Denial of Service attack. ... Updated Packages: ...
      (Bugtraq)
    • [NEWS] Multiple OpenSSL TLS Vulnerabilities
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... OpenSSL has two TLS related programming errors which cause it to crash. ... The first error causes OpenSSL to crash to segmentation fault when it ... 'Server Key exchange message' is omitted from the TLS handshake. ...
      (Securiteam)
    • Re: STARTTLS=client errors in log
      ... See the source code of your OpenSSL version. ... It could be a problem with the server certificate, ... Hm, you ask a question, get a response from the ultimate expert, ... but once I got the unknown cipher too. ...
      (comp.mail.sendmail)