We are using the Sun crypto boards with openssl 0.96a. I just did the speed
test and got similar results to yours. I think there must be something
wrong with the tests. We aren't using them to speed up SSL so much as to
off load the CPU, since it was running at 100% utilization. We don't need
I need to require client certificates for all but 2 locations. I've tried
the following in my httpd.conf:
SSLVerifyClient require
SSLVerifyDepth 10
SSLVerifyClient none
SSLVerifyDepth 10
SSLVerifyClient none
SSLVerifyDepth 10
This works, but Netscape prompts me for my certificate on
I need to trust client certifcates issued by Netscape Certifcate Management
Server 4.2. It has 2 options for use by a server:
1. Display the CA certificate chain in PKCS#7 for importing into a server
2. Display certificates in the CA certificate chain for importing
individually into a server
I'm using Apache 1.3.14 with modssl 2.7.1, and I'm having problems with URL
based look ahead in a rewrite condition.
We have a custom HTTP header set in our authentication process. If it is
empty, I need to redirect the user to a specific page. To do this, I use a
rewrite condition like the fol
> -Original Message-
> From: Colin Devine [mailto:[EMAIL PROTECTED]]
>
> No. We are using the builtin options. Is there a good way to get
> /dev/random or /dev/urandom onto a solaris box.
Just so you know, we are running Apache 1.3.14, mod-ssl 2.7.1, openssl
0.9.6, and mm 1.1.3 on an U
> -Original Message-
> From: David Rees [mailto:[EMAIL PROTECTED]]
>
> Have you tried what's in this post as Dan suggested?
>
> http://marc.theaimsgroup.com/?l=apache-modssl&m=97430424603650&w=2
>
> I'd be curious to know if it helps or not.
I missed that post. I'll give it a shot, bu
> -Original Message-
> From: David Rees [mailto:[EMAIL PROTECTED]]
>
> There's a FAQ for your problem:
>
> http://www.modssl.org/docs/2.7/ssl_faq.html#ToC48
>
> Which other people have mentioned before. This fixed all
> problems with
> buggy MSIE 56-bit browsers for me.
Hasn't worked
> -Original Message-
> From: Brendon Maragia [mailto:[EMAIL PROTECTED]]
>
> thats something i'd be interested in knowing, am i the only
> person whose
> having trouble getting apache/mod_ssl to work with MSIE5.x browsers?
I have never gotten IE 5.x browsers with 56-bit encryption work
> -Original Message-
> From: Paul McGarry [mailto:[EMAIL PROTECTED]]
>
> Can you run your app in straight http mode to check that SSL is
> really involved in causing the problem?
The app was originally developed without SSL support, and no one had this
problem. Also, we are using client
First off, I'd like to thank everyone that offered help with the load
balancing question. The ssl3 sticky sessions on the LocalDirectors should
do the trick for us.
Now, on to my new question, and I hope I can explain it without thoroughly
confusing everyone:
We have modssl configured with an S
> -Original Message-
> From: Balázs Nagy [mailto:[EMAIL PROTECTED]]
>
> the current proven approach is not to share the session cache, but
> to inspect the packets, and route them to the same server for a
> given session.
I've done a bit more research, and here is what I've found:
If it
We have a server running mod_ssl that requires client certificates. I would
like implement some sort of load balancing for this site. I've done this
before for sites without client certificates, but it occurs to me that I
will run into problems since the SSLSessionCache will need to be shared
so
12 matches
Mail list logo