SSL0115E: Initialization error, Error validating ASN fields in certificate

by Christoph Stoettner
Read in about 1 min · 162 words

Fountain pen and a notebook

Photo by Aaron Burden | Unsplash

Today I got a call that a IBM HTTP Server stopped working after a reboot. The service starts and ends again after some seconds. In the error_log of IBM HTTP we found following messages:

[notice] Bld version: 8.5.5
[notice] Bld date: Oct 30 2014, 11:44:02
[notice] Webserver: IBM_HTTP_Server
[notice] Using config file C:/IBM/HTTPServer/conf/httpd.conf
[notice] IBM_HTTP_Server/8.5.5.4 (Win32) configured -- resuming normal operations
[notice] Server built: Oct 20 2014 10:58:09
[notice] Disabled use of AcceptEx() WinSock2 API
[notice] Parent: Created child process 4004
[crit] Error 10 initializing SSL environment, aborting startup
[error] SSL0115E: Initialization error, Error validating ASN fields in certificate. Configuration Failed
[crit] (OS 1813)The specified resource type cannot be found in the image file.  : master_main: create child process failed. Exiting.
[notice] Parent: Forcing termination of child process 5

Good source found was:

https://developer.ibm.com/answers/questions/195652/why-is-the-ibm-http-server-8x-version-fails-to-sta.html

In our case the Stashfile was configured with a expiration date. So just open the keyfile, change password and check that the option expiration of stash is deactivated.

Author
Add a comment
Error
There was an error sending your comment, please try again.
Thank you!
Your comment has been submitted and will be published once it has been approved.

Your email address will not be published. Required fields are marked with *

Suggested Reading
Card image cap

The last days I analyzed an issue, that file uploads to HCL Connections via IBM HTTPServer stopped working on a fresh installed 6.5CR1.

Today I configured a Connections 7 and tried with it. I think that the official documentation is old in some important parts for the upload configuration.

First of all my IBM HTTPServer 8.5.5.18 is not 32-bit like the documentation tells us:

Read in about 5 min
Aaron Burden: Fountain pen and a notebook
You can log login errors within IBM Http Server. One way would be to get use SetEnvIf, but then you can’t get the querystring of the error page. When you type a wrong password the URL changes from https://connectionshost/application/login/ to https://connectionshost/application/login/?error=true. SetEnvIf Request_URI "/login$" log This set the environment variable to log, but when you read the Apache documentation you find: The resource requested on the HTTP request line — generally the portion of the URL following the scheme and host portion without the query string. See the RewriteCond directive of mod_rewrite for extra information on how to match your query string
Read in about 1 min
Aaron Burden: Fountain pen and a notebook
Preamble Before i begin with my securing article, i want to say something on security on IBM Connections. Mainly i don’t like the thing, that IBM only support very special versions of software. So we must use WebSphere 7.0.0.21, DB2 9.7.0.5, IHS 7.0.0.11 and so on. Each product had updates the last months and i think we won’t get support when we use other versions. So i have to chances. On the first side i can update my software to limit vulnerabilities and get perhaps no support, or i will have vulerable software with support. Just my 2 cent and i hope i will get answer, if i will get support with higher program versions.
Read in about 2 min