Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

errors on currently configured webauth machine

Adam Lewenberg adamhl at
Thu Dec 10 18:36:35 PST 2015

On 12/10/2015 5:54 PM, Russ Allbery wrote:
> Thomas Carlson <tec at> writes:
>> [Thu Dec 10 16:28:20 2015] [error] mod_webauth: curl_easy_perform:
>> error(35): error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown
>> message digest algorithm
> mod_webauth is trying to get a webkdc-service token from the WebKDC, and
> that attempt is failing because your local SSL library doesn't like the
> message digest algorithm being used by the WebKDC server certificate.
> Why, I don't know.  I suspect either your SSL implementation is too old or
> the WebKDC certificate is too old.  If the
> certificate was recently changed, that would be the first thing I'd look
> at: what message digest algorithm was it using before, and what it is it
> using now, and what OpenSSL is your mod_webauth installation using?

The certificate was changed this morning (to one 
using SHA-2).


More information about the webauth-info mailing list