Description
■Environment
OS: CentOS 6.7(x86_64)
kernel: 2.6.32-573.3.1.el6.x86_64
h2o: 1.4.4
openssl: 1.0.1e
■h2o cmake option
cmake -DWITH_BUNDLED_SSL=on
■h2o config
user: nobody
listen:
port: 80
host: 0.0.0.0
listen:
port: 443
host: 0.0.0.0
ssl:
key-file: /etc/pki/tls/private/server.key
certificate-file: /etc/pki/tls/certs/server.pem
max-connections: 1024
file.index: ['index.php', 'index.html']
file.send-gzip: ON
file.etag: OFF
expires: 1 day
hosts:
"hogehoge.com:80":
paths:
/:
redirect: https://hogehoge.com/
"hogehoge.com:443":
paths:
/:
file.dir: /path/wordpress
file.dirlisting: OFF
redirect:
url: /index.php/
internal: YES
status: 307
file.custom-handler:
extension: .php
fastcgi.connect:
port: /var/run/php-fpm/php-fpm.sock
type: unix
access-log: "| exec rotatelogs /var/log/h2o/access.log.%Y%m%d 86400"
error-log: "| exec rotatelogs /var/log/h2o/error.log.%Y%m%d 86400"
pid-file: /var/run/h2o.pid
http2-reprioritize-blocking-assets: ON
header.unset: "X-Powered-By"
header.set: "X-Content-Type-Options: nosniff"
■ configration test
h2o -c /etc/h2o/h2ossl.conf -t
Enter PEM pass phrase:
[OCSP Stapling] testing for certificate file:/etc/pki/tls/certs/server.pem
fetch-ocsp-response (using OpenSSL 1.0.1e-fips 11 Feb 2013)
sending OCSP request to http://gv.symcd.com
/etc/pki/tls/certs/server.pem: good
This Update: Aug 19 01:02:14 2015 GMT
Next Update: Aug 26 01:02:14 2015 GMT
verifying the response signature
verify OK (used: -VAfile /tmp/MLclhcdAt8/issuer.crt)
[OCSP Stapling] stapling works for file:/etc/pki/tls/certs/server.pem
Enter PEM pass phrase:
[OCSP Stapling] testing for certificate file:/etc/pki/tls/certs/server.pem
fetch-ocsp-response (using OpenSSL 1.0.1e-fips 11 Feb 2013)
sending OCSP request to http://gv.symcd.com
/etc/pki/tls/certs/server.pem: good
This Update: Aug 19 01:02:14 2015 GMT
Next Update: Aug 26 01:02:14 2015 GMT
verifying the response signature
verify OK (used: -VAfile /tmp/U_ABtoqx2R/issuer.crt)
[OCSP Stapling] stapling works for file:/etc/pki/tls/certs/server.pem
configuration OK
■h2o error.log
starting new worker 11524
Enter PEM pass phrase:
[/etc/h2o/h2ossl.conf:10] in command listen, failed to load private key file:/etc/pki/tls/private/server.key
139901539391392:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem/pem_lib.c:116:
139901539391392:error:0906A068:PEM routines:PEM_do_header:bad password read:pem/pem_lib.c:467:
139901539391392:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:613:
new worker 11524 seems to have failed to start, exit status:19968
starting new worker 11525
Enter PEM pass phrase:
[/etc/h2o/h2ossl.conf:10] in command listen, failed to load private key file:/etc/pki/tls/private/server.key
140023512741792:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem/pem_lib.c:116:
140023512741792:error:0906A068:PEM routines:PEM_do_header:bad password read:pem/pem_lib.c:467:
140023512741792:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:613:
new worker 11525 seems to have failed to start, exit status:19968
starting new worker 11527
Enter PEM pass phrase:
[/etc/h2o/h2ossl.conf:10] in command listen, failed to load private key file:/etc/pki/tls/private/server.key
139798662301600:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem/pem_lib.c:116:
139798662301600:error:0906A068:PEM routines:PEM_do_header:bad password read:pem/pem_lib.c:467:
139798662301600:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:613:
new worker 11527 seems to have failed to start, exit status:19968
starting new worker 11536
Enter PEM pass phrase:
[/etc/h2o/h2ossl.conf:10] in command listen, failed to load private key file:/etc/pki/tls/private/server.key
140685311305632:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem/pem_lib.c:116:
140685311305632:error:0906A068:PEM routines:PEM_do_header:bad password read:pem/pem_lib.c:467:
140685311305632:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:613:
new worker 11536 seems to have failed to start, exit status:19968
starting new worker 11537
Enter PEM pass phrase:
The nginx 's and is working without problems .