BladeSystem Forums have moved here
To make BladeSystem information easier to find, we have moved the BladeSystem forums here, to Servers and Operating Systems.
Showing results for 
Search instead for 
Do you mean 

getting ssl working on rp7410 11i apache 2.0.52

Occasional Advisor

getting ssl working on rp7410 11i apache 2.0.52

I am trying to get ssl working on our rp7410 server runing 11i. The admin prior to me setup that server and then left the company, so I'm now in charge and trying to figure what was done.

I know the bundle hpuxwsApache A. HP-UX Apache-based Web Server was installed and that apache (2.0.52) has been running fine. But the prior admin left before getting a certificate and getting ssl working.

That is my job. :-)

I used /opt/hpws/apache/bin/openssl to generate the key and the csr to get the certificate. So I know openssl is installed and at least the program openssl works.

What I have done:
1 - generated key and csr
2 - get certificate from provider
3 - install per cert provide and 3rd party software we are running
4 - add https 443 to /etc/services
5 - configure ssl.conf
6 - reboot server

I'm getting a connection refused when I try:

openssl s_client -connect localhost:443 -state -debug

I get:
warning, not much extra random data, consider using the -rand option
connect: Connection refused

To me it seems like port 443 is not setup correctly or port 443 has nothing listening on it. If I had to guess it’s the latter, but not sure what I need to do to get things to work.

Anyone have any ideas?

Honored Contributor

Re: getting ssl working on rp7410 11i apache 2.0.52


To be honest I'm sort of ssl illiterate...but...
Noticed in the manpage on s_client it suggests first trying to get just a try dropping the -state and -debug options. If it's still not making it add the -bugs option. Take a look at manpage yourself for this & for the other options it suggests trying.

Then your error is referring to the random number generator. See man rand.
So trying using that -rand option to get this kicked off.

OK...that's what I found,