A Zero Byte SSL Key, is Never a Good Thing…

I’ve been working on a side project that exposes the Post Offices PAF data via a REST API.  While securing the site I was getting problems loading the Apache config, after a few seconds of investigation I spot a major problem…

A zero byte SSL key, is never a good thing:

root@jupiter:~/api.postcode.software_ssl# ls -la
total 12
drwxr-xr-x  2 root root 4096 Jan 21 17:23 .
drwx------ 10 root root 4096 Jan 22 11:18 ..
-rw-r--r--  1 root root 1119 Jan 21 17:23 api.postcode.software.csr
-rw-r--r--  1 root root    0 Jan 21 17:27 api.postcode.software.key

Time for a re-issue…

I wouldn’t be so annoyed if the key hadn’t only just been issued after a 12 hour wait.

I’ll post more on the project when its complete (as complete as a side project ever gets!) on this blog.