This post is the result of what I consider to be an ambiguous error message and an example of a scenario where programmers could do much better.
The error message from the PEM_read_bio (whatever that is . . .a function?) complained that there was "no start line" associated with the certificate or private key.
While that was true, it was true because the certificate and private RSA keys were not combined into a common PEM file following recreation. While this was my oversight because after I recreated the openssl key pair, I did not combine them into a common file and move back into the production directory.
My point is that the error message rather than complain that there is no start line, a better diagnostic would be to inform that the file does not exist. Then perhaps I would not have invested a man-day trying to figure out why the "no start line" message was issued when in fact I could clearly see that the certificate contained the start line,
-----BEGIN CERTIFICATE-----
The error message from the PEM_read_bio (whatever that is . . .a function?) complained that there was "no start line" associated with the certificate or private key.
Code:
ROUT: Tue Aug 30 09:26:06 2011 [error] failed to load SSL pemfile, SSL disabled
ROUT: sx (ssl.c:922) couldn't load certificate from /usr/local/etc/jabberd/.ssh/server.pem;
error:0906D06C:PEM routines:PEM_read_bio:no start line
While that was true, it was true because the certificate and private RSA keys were not combined into a common PEM file following recreation. While this was my oversight because after I recreated the openssl key pair, I did not combine them into a common file and move back into the production directory.
My point is that the error message rather than complain that there is no start line, a better diagnostic would be to inform that the file does not exist. Then perhaps I would not have invested a man-day trying to figure out why the "no start line" message was issued when in fact I could clearly see that the certificate contained the start line,
-----BEGIN CERTIFICATE-----