What Causes 0xc70 And How To Fix It

Only admnistrator owned posts can execute the [includeme] shortcode. This message is shown only to administrators.

In this blog post, we are going to describe some of the possible causes that 0xc70 might be generating and then provide possible solutions that you can try to resolve this issue.

From Bugzilla Helper:User Agent: Mozilla/5.0 (X11; Linux u; i686; en-US; rv:1.7.5)Gecko/20041111 Firefox/1.0Description of the problem:I'm trying to generate a home SSL certificate to verify mineA car. I use the following methods to generate my own key:Get rid of fake key lag with FC3rm -f /etc/httpd.conf/ssl.crt/server.crtn/etc/httpd.conf/ssl.key/server.keythen issue a new keycd /usr/share/ssl/certificates/make a genkeynow you need to create a certificatecd /usr/share/ssl/certificates/make a test certificateNow when i start better httpd service i get this httpd error:service startStart with httpd:apache/2.0.52 mod_ssl/2.0.52 (passphrase dialog)Some of your personal files are encrypted for security reasons.To read them, you must allow them to provide passwords.Server.domain.co.uk:443 (RSA)Enter your private trip phrase: Apache: mod_ssl: Error: Key not necessarily found.**Stopped[FAILED]I can't even enter a password.This will mean that the server.key house does not exist./etc/httpd/conf/ssl.key but I checked and it is./etc/httpd/conf.d/ssl.conf also points to this file.Rasthe position of my ssl_errors.log is:[Jan 05, 2005 2:33:45 PM] [Error] Initializing: Unable to read passphrase[Note: key taken or changed before reboot?][Jan 05, 2005 2:33:45 PM] [Error] SSL Library Error: 218710120Error: 0D094068: Asn1 encoding routines: d2i_ASN1_SET: Bad Jan tag[Wed 05 2005 2:33:45 PM] [Error] SSL Library Error: 218529960Error: 0D0680A8: Asn1 encoding routines: ASN1_CHECK_TLEN: Bad Jan tag[Wed 05 2005 2:33:45 PM] [Error] SSL Library Error: 218595386Error: 0D07803A: asn1 encoding routines: ASN1_ITEM_EX_D2I: nested asn1 error[Jan 05, 2005 2:33:45 PM] [Error] SSL Library Error: 218734605Error: 0D09A00D: asn1 encoding routines: d2i_PrivateKey: ASN1 libraryThere is probably also this output from dmesg:SELinux: initialized (dev 0:13, type nfs), use genfs_contextsaudit(1104934858.355:0): avc: getattr denied for pid=3695exe=/usr/sbin/httpd path=/etc/httpd/conf.d/ssl.conf dev=dm-0 ino=32789scontext=root:system_r:httpd_t tcontext=root:object_r:user_home_ttclass = fileaudit(1104934858.356:0): avc: says read because pid=3695exe=/usr/sbin/httpd name=ssl.conf dev=dm-0 ino=32789scontext=root:system_r:httpd_t tcontext=root:object_r:user_home_ttclass = fileaudit(1104934951.020:0): avc: getattr denied for creating path=/etc/httpd/conf pid=3708exe=/usr/sbin/httpd.d/ssl.conf dev=dm-0 ino=32789scontext=root:system_r:httpd_t tcontext=root:object_r:user_home_ttclass = fileaudit(1104934951.020:0): avc: Wanted denied pid=3708exe=/usr/sbin/httpd name=ssl.conf dev=dm-0 ino=32789scontext=root:system_r:httpd_t tcontext=root:object_r:user_home_ttclass = fileBut I also tested the test certificate from freessl.comthe same thing happens.The version number of the applicable specified version of the component:Kernel (if 2.6.9-1.724_FC, httpd-2.0.52-3.1, mod_ssl-2.0.52-3.1 andopensl-0.9.7a-4How reproducible:alwaysPlayback steps:1. Seriously remove +cert nowrm -f /etc/httpd.conf/ssl.crt/server.crtn/etc/httpd.conf/ssl.key/server.key2.Then create a new keycd /usr/share/ssl/certificates/make a genkey3. Create a progressiveCD certificate /usr/share/ssl/certs/make a test certificate4. Set up ApacheStart httpd service    Actual results: Running Apache/2 httpd:.0.52 mod_ssl/2.0.52 (passoffer dialogue)Some of your private version keys are encrypted for security reasons.In order to be able to read them, you will provide passwords.Server.domain.co.uk:443 (RSA)Enter Pass Private Phrase:Apache:mod_ssl:Error: key not found.**Stopped[FAILED]Expected results: Apache should start and run with the cipherreceiving ssl.Pages. Information:inOptional installation is an installation criterion. The ssl.conf file was notsomehow modified and not using accounts for server.keycontain special characters

0xc70

audit(1104934858.356:0): avc: disabled reading for pid=3695exe=/usr/sbin/httpd name=ssl.Dev=dm-0 conf ino=32789scontext=root:system_r:httpd_t tcontext=root:object_r:user_home_ttclass = filejust means that /etc/httpd/conf.d/ssl.conf is not markedright. You can try:Recovery in /etc/httpd/conf.d/ssl.conf
Only admnistrator owned posts can execute the [includeme] shortcode. This message is shown only to administrators.
I don't get any result when I run this influence, right?I tried starting the httpd startup service after I leftrestorecon /etc/httpd/conf.d/ssl.confand the same as before happens with the above errors
It just doesn't expect any output. What means :# mark vii /etc/httpd/conf -lz.d/ssl.confgive?
He presents back-rw-r--r-- root root system_u:object_r:httpd_config_t/etc/httpd/conf.d/ssl.conf
I have the same problem in the morning.Reduced as a new job to rotate a selinux application (setenforce 0 )PAllows me to start httpd and enter a passphrase. No audit messageappear in /var/log/messages to show what selinux is complaining aboutfor example, when administration is enabled.

Comment 5 Richards Day 02/16/2005 18:32:58 UTC
0xc70

Only admnistrator owned posts can execute the [includeme] shortcode. This message is shown only to administrators.

0xc70
0xc70
0xc70
0xc70
0xc70
0xc70
0xc70
0xc70
0xc70
0xc70
0xc70