Cisco Headend System Release 2.7 Installation Guide

 

114 

4036043 Rev B 

9  Type the following command  and then press Enter to create the necessary link. 

ln -s /etc/opt/certs/server.crt  cachain.crt

 

10  Is client authentication required on this system? 

 

If yes, type 

cp server.crt cacert.pem

 and then press Enter. 

 

If no, comment out in the ssl.conf file the line that includes SSL VerifyClient. 

11  Type 

ps -ef | grep apache2

 and then press Enter to verify the Apache2 

process is running with SSL. 
Example:  A message similar to the following should appear: 

dncs 18058 18054  0 00:45:45 ?   0:00 

/usr/apache2/bin/httpd -k start -DSSL

 

root 18054  1   0 00:45:44 ?  0:03 /usr/apache2/bin/httpd -

k start -DSSL

 

12  Type the following command and then press Enter to verify that SSL processing 

is active. 

openssl s_client -cipher ADH-RC4-MD5 -connect localhost:443 

-state -debug

 

Example:  Output similar to the following should appear: 

CONNECTED(00000004)

 

SSL_connect:before/connect initialization

 

write to 0008E7D8 [0008EDE8] (46 bytes => 46 (0x2E))

 

0000 - 80 2c 01 03 01 00 03 00-00 00 20 00 00 18 23 98   

.,........ ...#.

 

0010 - 

3

d 9f 16 9f 4c 09 90 92-fe 94 36 81 09 6d e0 b4   

=...L.....6..m..

 

0020 - e1 92 03 52 48 df 2c 57-42 9a 48 f3 98 a1         

...RH.,WB.H...

 

SSL_connect:SSLv2/v3 write client hello A

 

read from 0008E7D8 [00094348] (7 bytes => 7 (0x7))

 

0000 - 16 03 01 00 4a 02                                 

....J.

 

0007 - <SPACES/NULS>

 

read from 0008E7D8 [0009434F] (72 bytes => 72 (0x48))

 

0000 - 00 46 03 01 4b 7c 7b a6-99 60 bb 97 1a a6 63 3c   

.F..K|{..`....c<

 

0010 - 86 b0 11 13 a3 8d 53 72-24 aa 68 62 e5 f5 ae 91   

......Sr$.hb....

 

0020 - 80 aa 06 c3 20 49 36 a9-0e fb cf 7a aa 96 c1 21   

.... I6....z...!