Cisco Headend System Release 3.2 Installation Guide
Troubleshooting SSL
4036043 Rev B
119
Troubleshooting SSL
svcs -a | grep apache2
If the output of this command does not list the Apache2 server as being online,
the httpd process needs to be killed. Follow these instructions to kill the httpd
process.
a Type
the httpd process needs to be killed. Follow these instructions to kill the httpd
process.
a Type
ps -ef | grep httpd
and then press Enter.
b Type
kill [PID]
and then press Enter, where [PID] is the process ID
returned by the previous command.
openssl: not found
error
If the openssl command is not available in the PATH variable, then the path to
openssl has to be explicitly specified. The openssl tool is located in the following
directory: /usr/sfw/bin/openssl
openssl has to be explicitly specified. The openssl tool is located in the following
directory: /usr/sfw/bin/openssl
If the CSR generation with the aes256 option fails with an error about SUNWcry,
then generate the 3DES key by typing the following command and then pressing
Enter.
openssl genrsa -des3 -out server.key 1024
If the openssl s_client command (step 12 of Required Changes to the
/etc/apache2/ssl.conf File (on page 111)) generates an error, try this command
instead.
openssl s_client -connect localhost:443 -state -debug
If this command is successful, it probably is because the SSLCipherSuite is not
configured correctly. Retry the command in bullet 3 and refresh the Apache
server.
configured correctly. Retry the command in bullet 3 and refresh the Apache
server.