Is it possible to not force SSL on port:443?
I am helping someone develop a product, and for the next little bit he will need to access port 443 with out the communication being encrypted (aka he could telnet to it if he wanted). But in the very near future, he will want to make 443 encrypted.. Is it possible to not force encryption on port443? thanks! __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
Re: Is it possible to not force SSL on port:443?
On 10/14/05, Pigeon [EMAIL PROTECTED] wrote: I am helping someone develop a product, and for the next little bit he will need to access port 443 with out the communication being encrypted (aka he could telnet to it if he wanted). But in the very near future, he will want to make 443 encrypted.. Is it possible to not force encryption on port443? Sure... you just tell Apache to listen on that port and don't turn the SSLEngine on. :) Or are you asking how to make it *optional*? You can do that too -- as long as SSLRequireSSL isn't set, it should work. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
Fwd: How to allow only certain Certificates
Helps if I send this from the address that is actually subscribed to the list... resending -- Forwarded message -- From: Cliff Woolley Date: Oct 12, 2005 7:41 AM Subject: Re: How to allow only certain Certificates To: modssl-users@modssl.org On 10/12/05, Dr. Harry Knitter [EMAIL PROTECTED] wrote: how can I restrict access to my Apache to owners of certain individual certificates? Sounds like a good case for FakeBasicAuth combined with Require User. http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#ssloptions Hope this helps, Cliff __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
Re: Fwd: How to allow only certain Certificates
Am Freitag, 14. Oktober 2005 13:38 schrieb Cliff Woolley: Helps if I send this from the address that is actually subscribed to the list... resending -- Forwarded message -- From: Cliff Woolley Date: Oct 12, 2005 7:41 AM Subject: Re: How to allow only certain Certificates To: modssl-users@modssl.org On 10/12/05, Dr. Harry Knitter [EMAIL PROTECTED] wrote: how can I restrict access to my Apache to owners of certain individual certificates? Sounds like a good case for FakeBasicAuth combined with Require User. http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#ssloptions Hope this helps, Cliff Thanks, however, I´d prefer something like the Unique Subject Identifyer or perhaps the Fingerprints. DNs can be faked easy. Harry __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
Re: Fwd: How to allow only certain Certificates
On 10/14/05, Dr. Harry Knitter [EMAIL PROTECTED] wrote: Thanks, however, I´d prefer something like the Unique Subject Identifyer or perhaps the Fingerprints. DNs can be faked easy. Not if you require your own CA as the issuing authority using SSLCACertificateFile and SSLRequire, they can't... --Cliff __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]