23 April 2010, 6:42

post removed

16 January 2013, 16:10

I believe this is done with an openssl.cnf file, but I don't know anything about where that file lives, or what its contents should be. Google may have more answers!

[links removed]

30 September 2010, 2:22

Hello, I had the same problem "Could not generate a new SSL key. Are you sure that both openssl and the PHP module for openssl are installed on this machine? " I am running xampp on windows 2003 server. after installing an ssl certificate i was still getting this message the solution for me was to Add 2 Environmental variables (right clink my computer / Advanced : 

OPENSSL_CONF with value D:\xampp\apache\bin\openssl.cnf (or path to your openssl.cnf file)

and

SSLEAY_CONF with value D:\xampp\apache\bin\openssl.cnf (or path to your openssl.cnf file)

you should now see your public key in Networking in the Mahara admin.

if you are having a similar problem with Moodle add :

$CFG->opensslcnf ='D:\xampp\apache\bin\openssl.cnf';

to your moodle config.php 

Cheers

Dave.

11 October 2010, 9:19

In my case, Windows Server 2003, IIS6 + PHP5, properly defining the "OPENSSL_CONF" environment variable to the path to "openssl.cnf" (in my case, "c:\PHP\extras\openssl\openssl.cnf", solved both Moodle nor Mahara generating its public keys.

Greetings.

27 April 2011, 1:52

Hi,

on windows i try to modify in mahara script.. 

in [mahara_root]/api/xmlrpx/lib.php at line 1312,

change script

$config = array();        

$opensslcnf = get_config('opensslcnf');        

if ($opensslcnf) {            

   $config['config'] = $opensslcnf;      

 } else {

    $config = null;        

}

change to

$config = array();

 $config = array("config" => "[openssl_location]");

exp. [openssl_location] = c:\\xampp\apache\bin\openssl.cnf

hope that help.

sorry for my bad english

27 April 2011, 4:42

I believe the same can be achived by specifying

$cfg->opensslcnf ='D:\xampp\apache\bin\openssl.cnf';

in your mahara config.php

04 May 2011, 22:11

Ruslan I have been struggling with this for ages and following all sorts of tutorials to get openssl installed... broke my WAMP more than once... and that little line of code has worked wonders!

I had to edit it slightly to point at the location of my actual file, which is:

$cfg->opensslcnf ='C:\wamp\bin\apache\Apache2.2.17\conf\openssl.cnf';

But it worked a charm! Thank you!

12 September 2012, 9:38

It worked perfectly. Thank you so much!

31 August 2011, 9:12

I currently still have this problem.

It's on Ubuntu, OpenSSL and PHP support for OpenSSL have been installed from the official packages. I configured this stuff several times and the creation of root certificates definitely works, but I can't make that Mahara message disappear

The apache error.log when accessing Maharas networking page:

[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx] [WAR] 6d (api/xmlrpc/lib.php:1324) openssl_csr_new(): dn: add_entry_by_NID 17 -> Mahara for example.com (failed), referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx] Call stack (most recent first):, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx]   * log_message("openssl_csr_new(): dn: add_entry_by_NID 17 -> Maha...", 8, true, true, "/var/www/mahara/api/xmlrpc/lib.php", 1324) at /var/www/mahara/lib/errors.php:446, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx]   * error(2, "openssl_csr_new(): dn: add_entry_by_NID 17 -> Maha...", "/var/www/mahara/api/xmlrpc/lib.php", 1324, array(size 11)) at Unknown:0, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx]   * openssl_csr_new(array(size 7), resource(#22), array(size 1)) at /var/www/mahara/api/xmlrpc/lib.php:1324, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx]   * OpenSslRepo->generate_keypair() at /var/www/mahara/api/xmlrpc/lib.php:1238, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx]   * OpenSslRepo->get_keypair() at /var/www/mahara/api/xmlrpc/lib.php:1145, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx]   * OpenSslRepo->__construct() at /var/www/mahara/api/xmlrpc/lib.php:1131, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx]   * OpenSslRepo::singleton() at /var/www/mahara/admin/site/networking.php:56, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx] , referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx] [WAR] 6d (api/xmlrpc/lib.php:1328) Could not generate a new SSL key. Are you sure that both openssl and the PHP module for openssl are installed on this machine?, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx] Call stack (most recent first):, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx]   * OpenSslRepo->generate_keypair() at /var/www/mahara/api/xmlrpc/lib.php:1238, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx]   * OpenSslRepo->get_keypair() at /var/www/mahara/api/xmlrpc/lib.php:1145, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx]   * OpenSslRepo->__construct() at /var/www/mahara/api/xmlrpc/lib.php:1131, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx]   * OpenSslRepo::singleton() at /var/www/mahara/admin/site/networking.php:56, referer: http://example.com/mahara/admin/
[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx] , referer: http://example.com/mahara/admin/

The apache error.log when starting the server:

[Thu Aug 25 10:38:06 2011] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Aug 25 10:38:06 2011] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Aug 25 10:38:06 2011] [warn] Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
PHP Deprecated:  Comments starting with '#' are deprecated in /etc/php5/apache2/conf.d/imap.ini on line 1 in Unknown on line 0
[Thu Aug 25 10:38:06 2011] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Aug 25 10:38:06 2011] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Aug 25 10:38:06 2011] [warn] Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Thu Aug 25 10:38:06 2011] [notice] Apache/2.2.14 (Ubuntu) mod_ssl/2.2.14 OpenSSL/0.9.8k configured -- resuming normal operations

01 September 2011, 8:23

I just found the problem:

[Thu Aug 25 10:45:26 2011] [error] [client xx.xx.xx.xx] [WAR] 6d (api/xmlrpc/lib.php:1324) openssl_csr_new(): dn: add_entry_by_NID 17 -> Mahara for example.com (failed), referer: http://example.com/mahara/admin/

This was the issue. I set "Mahara for example.com" as the site name in the Mahara settings. After changing it to "example.com" it fitted with what was specified in the SSL configuration and the error disappeared.