From Bugzilla Helper: User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7) Gecko/20040616 Description of problem: When ssl is turned on, system-config-httpd insists on a CA chain file (to be exact, httpd crashes if the field is left blank). I don't know enough about key systems to know if this is correct behaviour or not. What I _do_ know is that the Makefile in /etc/pki/tls/certs supports the creation of self-signed keys, but in the process, does _not_ create a CA chain file. Version-Release number of selected component (if applicable): system-config-httpd-1.3.2-2 How reproducible: Always Steps to Reproduce: 1.Follow the well-documented processes around the web to use /etc/pki/tls/certs/Makefile to create a self-signed certificate 2. Run system-config-httpd, turn on ssl, and fill the fields for which files have been created 3. save the configuration 4. restart httpd Actual Results: httpd crashes Expected Results: system-config-httpd should have created a valid httpd.conf file Additional info: I don't know what the correct behaviour should be here. I can think of at least four (not entirely mutually exclusive) .system-config-httpd doesn't create a CA chain file directive if none is specified (I don't know if this is a reasonable behaviour or not) .system-config-httpd _gives a helpful error message_ if a null CA chain file is specified ./etc/pki/tls/certs/Makefile creates a dummy CA chain file when it creates a self-signed certificate .the documentation (should be both the Makefile and system-config-httpd) tells you what to do about the CA chain file when you create a self-signed certificate I also don't know how serious this bug is; I seem to have gotten around it by pointing the CA chain file to the default CA-bundle file, but I have no idea whether this is a reasonable solution or if I have just opened up a huge security hole.
*** Bug 179768 has been marked as a duplicate of this bug. ***
Last week i've released system-config-httpd-1.4.1 for FC5, FC6 as testing and put it in FC-devel as well. Please give it a shot and let me know if this is working for you now. Thanks, Read ya, Phil
The information we've requested above is required in order to review this problem report further and diagnose/fix the issue if it is still present. Since there have not been any updates to the report since thirty (30) days or more since we requested additional information, we're assuming the problem is either no longer present in the current Fedora release, or that there is no longer any interest in tracking the problem. Setting status to "INSUFFICIENT_DATA". If you still experience this problem after updating to our latest Fedora release and can provide the information previously requested, please feel free to reopen the bug report. Thank you in advance.
The default key installation in F8 obviates the need to make a key.