https using lighttpd in am335x

Arumugam Jesu

Hello

Im working on bringing https connection using lighttpd in am335x. But Im getting the following error, while producing the CSR (Certificate Signalling Request). I tried as I can , still im facing the same issue.

1073805024:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public key type:p_sign.c:125:
1073805024:error:0D0C3006:asn1 encoding routines:ASN1_item_sign:EVP lib:a_sign.c:279:

Thanks in advance

Arun

over 11 years ago

0 Miroslav Kiradzhiyski XID over 11 years ago

TI__Mastermind 25235 points

Hi Arun,

The lighttpd package that comes with the AM335x SDK isn't compiled with SSL support. Perhaps this is the reason for your errors. To verify this, type:

lighttpd -V

The output is as follows:

root@am335x-evm:~# lighttpd -V
lighttpd/1.4.31 - a light and fast webserver
Build-Date: Jun 25 2013 16:50:19

Event Handlers:

   + select (generic)
   + poll (Unix)
   - rt-signals (Linux 2.4+)
   + epoll (Linux 2.6)
   - /dev/poll (Solaris)
   - eventports (Solaris)
   - kqueue (FreeBSD)
   - libev (generic)

Network handler:

   - linux-sendfile
   - freebsd-sendfile
   - solaris-sendfilev
   + writev
   + write
   - mmap support

Features:

   + IPv6 support
   + zlib support
   - bzip2 support
   + crypt support
   - SSL Support
   + PCRE support
   - mySQL support
   - LDAP support
   - memcached support
   - FAM support
   - LUA support
   - xml support
   - SQLite support
   - GDBM support

Please refer to the lighttpd wiki page for information on how to compile and use lighttpd with secure http.

Best regards,
Miroslav

0 Arumugam Jesu over 11 years ago in reply to Miroslav Kiradzhiyski XID

Prodigy 70 points

Hi Miroslav,

I cross compiled with lighttpd with ssl and while I execute "lighttpd -V" . I got the following saying ssl is enabled

root@am335x-evm:~# lighttpd -V
lighttpd/1.4.33 (ssl) - a light and fast webserver
Build-Date: Apr 29 2014 12:40:33

Event Handlers:

        + select (generic)
        + poll (Unix)
        - rt-signals (Linux 2.4+)
        + epoll (Linux 2.6)
        - /dev/poll (Solaris)
        - eventports (Solaris)
        - kqueue (FreeBSD)
        - libev (generic)

Network handler:

        - linux-sendfile
        - freebsd-sendfile
        - solaris-sendfilev
        + writev
        + write
        - mmap support

Features:

        - IPv6 support
        - zlib support
        - bzip2 support
        + crypt support
        + SSL Support
        + PCRE support
        - mySQL support
        - LDAP support
        - memcached support
        - FAM support
        - LUA support
        - xml support
        - SQLite support
        - GDBM support

Thanks

Arun

0 Rajput Ajay over 11 years ago in reply to Arumugam Jesu

Intellectual 310 points

Dear Sir,

I have cross compiled lighttpd1.4.30 version for beaglebone white. I am able to run the webserver form beaglebone.

I have crosscompiling the lighttpd with SSL support, and copying the generated binaries in /usr/sbin and librariries in /usr/lib/lighttpd.

Checking with command : lighttpd -V in beaglebone, give below output:

root@am335x-evm:/usr/sbin# lighttpd -V
lighttpd/1.4.30 (ssl) - a light and fast webserver
Build-Date: Jun 9 2014 17:14:24

Event Handlers:

        + select (generic)
        + poll (Unix)
        - rt-signals (Linux 2.4+)
        + epoll (Linux 2.6)
        - /dev/poll (Solaris)
        - eventports (Solaris)
        - kqueue (FreeBSD)
        - libev (generic)

Network handler:

        + writev
        + mmap support

Features:

        + IPv6 support
        - zlib support
        - bzip2 support
        + crypt support
        + SSL Support
        + PCRE support
        - mySQL support
        - LDAP support
        - memcached support
        - FAM support
        - LUA support
        - xml support
        - SQLite support
        - GDBM support

I generated the RSA key using following command:

openssl genrsa -des3 -out maipl.com.key 1024

Now, when i try to generate CSR key file using below command

openssl req -new -key maipl.com.key -out maipl.com.csr, it shows following error:

1074243296:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public key type:p_sign.c:125:
1074243296:error:0D0C3006:asn1 encoding routines:ASN1_item_sign:EVP lib:a_sign.c:279:

Please suggest me what can be cause of problem.

Following are the data entered for csr key file.

root@am335x-evm:/etc/lighttpd/ssl/gps.in# ls
maipl.com.key
ut maipl.com.csr/etc/lighttpd/ssl/gps.in# openssl req -new -key maipl.com.key -o
Enter pass phrase for maipl.com.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:in
State or Province Name (full name) [Some-State]:guj
Locality Name (eg, city) []:gnaga
Organization Name (eg, company) [Internet Widgits Pty Ltd]:masibus
Organizational Unit Name (eg, section) []:rnd
Common Name (e.g. server FQDN or YOUR name) []:ajay
Email Address []:ajayrajput@masibus.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:masibus1975
An optional company name []:

Thanks.

Processors

Processors forum

https using lighttpd in am335x