You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Root cause:
Missing pass phrase callback parameter (passwd_cb) for PEM_read_bio_PrivateKey function in SSLPrivateKeyHandler function.
I guess that was broken in 7dbb6cb#diff-cb865c0bc65fb8ef103a206282b78a50e0c1c9e93ca6713322ba9df9d921e6c9 because loading the same key with
SSL_CTX_set_default_passwd_cb and SSL_CTX_use_PrivateKey_file works ok.
If I call PEM_read_bio_PrivateKey w/o the callback parameter I get the "Enter PEM pass phrase:" prompt exactly as in the logs from journalctl -xeu trafficserver.service
The text was updated successfully, but these errors were encountered:
Apache Traffic Server - traffic_server - 9.2.3 - (build # 101116 on Oct 11 2023 at 16:11:14)
/etc/trafficserver/ssl_multicert.config
dest_ip=* ssl_cert_name=/etc/pki/tls/certs/cert.pem ssl_key_name=/etc/pki/tls/private/encrypted.key ssl_key_dialog=exec:/tmp/show_key
/tmp/show_key
#!/bin/sh
/usr/bin/echo SECRET_KEY
journalctl -xeu trafficserver.service
Mar 29 06:10:59 XXX traffic_manager[1432308]: Enter PEM pass phrase:
Errors:
[Mar 29 06:10:59.151] traffic_server DEBUG: <SSLUtils.cc:1024 (SSLPrivateKeyHandler)> (ssl_load) failed to load server private key (-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRY) from /etc/pki/tls/private/encrypted.key
[Mar 29 06:10:59.151] traffic_server ERROR: SSL::22753122588160:error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
[Mar 29 06:10:59.151] traffic_server ERROR: SSL::22753122588160:error:2807106B:UI routines:UI_process:processing error:crypto/ui/ui_lib.c:545:while reading strings
[Mar 29 06:10:59.151] traffic_server ERROR: SSL::22753122588160:error:0906406D:PEM routines:PEM_def_callback:problems getting password:crypto/pem/pem_lib.c:59
[Mar 29 06:10:59.151] traffic_server ERROR: SSL::22753122588160:error:0906A068:PEM routines:PEM_do_header:bad password read:crypto/pem/pem_lib.c:434
Root cause:
Missing pass phrase callback parameter (passwd_cb) for PEM_read_bio_PrivateKey function in SSLPrivateKeyHandler function.
I guess that was broken in 7dbb6cb#diff-cb865c0bc65fb8ef103a206282b78a50e0c1c9e93ca6713322ba9df9d921e6c9 because loading the same key with
SSL_CTX_set_default_passwd_cb and SSL_CTX_use_PrivateKey_file works ok.
If I call PEM_read_bio_PrivateKey w/o the callback parameter I get the "Enter PEM pass phrase:" prompt exactly as in the logs from journalctl -xeu trafficserver.service
The text was updated successfully, but these errors were encountered: