I have a legacy app that cannot (at present) be upgraded to 128 bit
encryption. In order to alleviate this problem I've gotten a reverse
proxy running. My present setup is as follows:
Ubuntu 6.0.6 LTS
Apache 2.0.55
Libapache2-mod-proxy-html 2.4.3-2
Openssl 0.9.8a
My problem is that I
Brian,
You'd better to redo a key file and crt file. Remove the pass phrase from
the key file. Good luck!
Xian
On 2/16/07, Brian Gordon [EMAIL PROTECTED] wrote:
I've been trying for ages to get my server running SSL successfully. I
don't need port 80 (unencrypted traffic) at all, just 411.
I
There is no pass phrase on the key file. I've redone the key and crt
several times; it always asks me for a passphrase at some point but I
think that at the end of the process nothing is encrypted
On 2/16/07, Xian Xian [EMAIL PROTECTED] wrote:
Brian,
You'd better to redo a key file and crt
I've been trying for ages to get my server running SSL successfully. I
don't need port 80 (unencrypted traffic) at all, just 411.
I have the module set up just fine, and apache runs fine unless I
define a valid cert and key:
SSLCertificateFile pw/my-server.cert
SSLCertificateKeyFile
I believe I have found the solution. Apparently, it was a bug
introduced in SP1 and now fixed in SP4 for windows 2000:
http://support.microsoft.com/default.aspx?kbid=305217
Thanks,
-R
R McIntosh wrote:
Hello OpenSSL and ModSSL users,
I am running apache-1.3.29, mod_ssl-2.8.16-1.3.29, and
Not much help to you but I'm also seeing this. One
client can hang up 100 apache children. User agent is
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0;
SD; .NET CLR 1.1.4322). Lasts for around 2-4 minutes.
(server timeout at 30).
Matt
--- R McIntosh [EMAIL PROTECTED] wrote:
Hello OpenSSL
Hello OpenSSL and ModSSL users,
I am running apache-1.3.29, mod_ssl-2.8.16-1.3.29, and openssl 0.9.7c.
Users at a specific lan on the internet accessing our cgi application
sometimes lock at some random place in our application. Once this
happens, it will lock up again at the same page if
THANK YOU!! I just missed it! It was still set to the default (450).
Should work much better now.
Thanks again to all who responded. I think this is the solution.
Won't know for sure until the next wave hits.
I guess I should be nominated for a bonehead award. ;)
I have Apache 1.3.27 compiled with mod SSL using openssl 0.9.6.g
OS=AIX 5.1.
The SSL site stops executing CGI scripts when load gets a little
high. I checked the process list and found 106 httpd servers running.
System loads at the UNIX level were nominal ( 0.8).
I get tons of the following
-Original Message-
From: Dale Weaver [mailto:[EMAIL PROTECTED]
I have Apache 1.3.27 compiled with mod SSL using openssl 0.9.6.g
OS=AIX 5.1.
The SSL site stops executing CGI scripts when load gets a little
high. I checked the process list and found 106 httpd servers running.
On Thu, 11 Dec 2003, Andreas Gietl wrote:
[Thu Dec 11 06:00:00 2003] [error] [client ] (11)Resource temporarily
unavailable: couldn't spawn child process: /usr/local/apache/sslcgi/navbar1
[Thu Dec 11 06:00:00 2003] [error] [client ] (11)Resource temporarily
unavailable: couldn't spawn
changing max proc per user might help, say to 1000
chdev -l sys0 -a maxuproc='1000'
for AIX 4.3.3.0
HTH
jorge
--- Boyle Owen [EMAIL PROTECTED] escribió:
-Original Message-
From: Dale Weaver
[mailto:[EMAIL PROTECTED]
I have Apache 1.3.27 compiled with mod SSL using
openssl
Hi all,
I need to migrate a web site from http to secure https. Mine is a Digital
UNIX V4.0F (Rev. 1229) server.
I downloaded following packages:
- openssl-0.9.7
- httpd-2.0.44
1) openssl installation - steps performed:
./config --prefix=/home/aspprod/aspapp/mySSL/openSSL
make
I
At this point I have to customize http.conf and ssl.conf files.
Could you send me an example of such files already modified? I need to
understand what I must change.
You can take a look at
http://apacheworld.org/ty24/site.chapter17.html
for building instructions and example minimal
-Original Message-
From: rmck [mailto:[EMAIL PROTECTED]]
Whats the benefit of mod_ssl compared to Apache-SSL???
One has got mod in its name and the other hasn't :-)
I am not expert enough to comment on the two implementations of SSL
technology so I restrict myself to the useability
Whats the benefit of mod_ssl compared to Apache-SSL???
Thanks
Rob
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager
Whats the benefit of mod_ssl compared to Apache-SSL???
mod_ssl is derived originally from Apache SSL
mod_ssl is more widely used than Apache SSL
Apache SSL supports Apache 1.x
mod_ssl supports Apache 1.x and 2.x
Cheers
Daniel
--
Teach Yourself Apache 2 -- http://apacheworld.org/ty24
On Wed, 22 Jan 2003, rmck wrote:
Whats the benefit of mod_ssl compared to Apache-SSL???
Bells and whistles that you may or may not need. Suggest you look over
the list of supported configuration directives for each to see which one
better fits your site.
Note that Apache 2.0 includes mod_ssl
High to th ML,
I got a pb:
I'll work with a compagny which has develloped its own https client, and i
would like to know which ssl could be the answer, apache-ssl or mod-ssl.
The skills of the https clients are the following:
HTTP OVer TLS.
(SSL v3!/TLS)
And the X509 Certificates.
Does anyone
Your assert popped on the line that I prefixed with --. Try
changing your vhosts to not use _default_. I forget exactly which
configuration combination causes that error, but it's definitely been
seen before.
Hi
I've replaced _default_ in ssl.conf and all now working.
Thanks
Hi All,
Does anyone know how to get round this problem when starting-up Apache
SSL :
I have,/usr/local/bin/prngd /var/spool/prngd/pool, running so not
sure what's wrong ?
[Fri May 3 15:55:06 2002] [error] mod_ssl: Init: Failed to generate
temporary 512 bit RSA private key (OpenSSL
those
that wait may bethe things left by those who got there
first."
- Original Message -
From:
Kevin
Smith
To: [EMAIL PROTECTED]
Sent: Friday, May 03, 2002 10:16 AM
Subject: Apache SSL
Hi All,
Does anyone know how to
another caveat that i've found to be problematic is when going
from http to https (or the other way round) you can lose state
as you go from one machien to the other. The load balancers do
a pretty good job of the work, however, we've definitely seen
jumpage from aol and webtv clients, as
Does anyone have information about how to build redundant apache web site
with SSL?
Thanks
- Ming Yu
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List
, not a technical reason, but I'm not sure)
It is possible to sync the session cache over different hosts with things
like Splash http://anoncvs.aldigital.co.uk/splash/ but I haven't found an
implementation with mod_ssl (only Apache-SSL)
I would be gratefull if someone has a clean solution
with things
like Splash http://anoncvs.aldigital.co.uk/splash/ but I haven't found an
implementation with mod_ssl (only Apache-SSL)
I would be gratefull if someone has a clean solution or if there is someone
with experience on trying to accomplish this.
On 24-01-2002 23:34, Yu, Ming [EMAIL
, not a technical reason, but I'm not sure)
Not technical reason whatsoever.
It is possible to sync the session cache over different hosts with things
like Splash http://anoncvs.aldigital.co.uk/splash/ but I haven't found an
implementation with mod_ssl (only Apache-SSL)
IIRC mod_ssl has
Mads Toftum wrote:
On Fri, Jan 25, 2002 at 02:41:46PM +0100, Thierry Coopman wrote:
[snip]
Now, what ahppens on a failure?
- The server(s) that still exist can take over the ip address of the failing
server
- The LoadBalancing system detects it and doesn't use the machine any more.
an
implementation with mod_ssl (only Apache-SSL)
hrm... dunno.
I would be gratefull if someone has a clean solution or if there is someone
with experience on trying to accomplish this.
another caveat that i've found to be problematic is when going from http to https (or
the other way round) you can lose
]
Sent: Friday, December 14, 2001 7:41 AM
Subject: RE: Apache-SSL: System: Connection reset by peer IE 4 error
Does anyone know how to turn off directory browsing with Apache web
server?
thanks
-Original Message-
From: Robert Monical [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 13
Does anyone know how to turn off directory browsing with Apache web server?
thanks
-Original Message-
From: Robert Monical [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 13, 2001 1:35 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; Steve Hanberg; Lisa Foster
Subject: Apache-SSL
A little more information from my recent experience.
The FAQ pretty much says it all.
http://www.modssl.org/docs/2.8/ssl_faq.html#ToC49
One particular client experienced this problem against one of our servers
but not another.
Apache 1.3.12, modssl: 2.6.2-1.3.12.
The primary difference between
Hello,
I have installed the Apache server SSL-enabled and
I've got errors in handshake
I have tested the server with the openssl s_client
command
The following output shows the error
openssl s_client -connect
localhost:443CONNECTED(0003)depth=0
-signed with openssl x509 utility
The certificate is on /opt/apache/ssl/certs
IPAHU016 ll /opt/apache/ssl/certs
total 32
-rw-rw-rw- 1 root sys 1237 Dec 3 15:06 ca.crt
drwxrwxrwx 2 root sys 96 Dec 3 15:36 ca.db.certs
-rw-rw-rw- 1 root sys 0
Hello Owen,
below some answers to your questions
Thanks a lot for your time
Regards
Dario Prester
- Original Message -
From: Owen Boyle [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, December 04, 2001 11:45 AM
Subject: Re: R: Apache SSL doesn't work
Dario Prester wrote:
I
The adversary has root. If the private key is encrypted, they must
also break that passphrase to get the key.
But if an adversary gets root without rebooting your machine then the
unencrypted private keys are just sitting around in memory. The
passphrase is only protecting them between the
But if an adversary gets root without rebooting your machine
Right, but I wasn't talking about that. I believe the case I described
is a common situation, and worth defense.
/r$
--
Zolera Systems, Securing web services (XML, SOAP, Signatures,
Encryption)
http://www.zolera.com
Of course, you forget to mention the most common cause of server reboots
running UNIX based systems. Power failures.
Unh, no, that's why I talked about bribing operators and mysterious
reboots.
Obviously, these are occasions when a server goes down, which is why it is
preferable to have it
-Original Message-
From: Mark J Cox [mailto:[EMAIL PROTECTED]]
Sent: 30 November 2001 12:07
To: [EMAIL PROTECTED]
Subject: Re: Apache SSL Private Keys
The adversary has root. If the private key is encrypted, they must
also break that passphrase to get the key.
But if an adversary
Therefore, the passphrase only protects the key if it is removed from your
server, but as has been shown, being able to remove the key requires (or
should require) root privileges. QED.
No, the passphrase protects the key during the time when root may have
access to the machine *any time your
[EMAIL PROTECTED] wrote:
Build a Script which provide mod_ssl with a passphrase.
maybe its possible to modify apachectl for build and delete this script
if necessary.
http://www.modssl.org/docs/2.8/ssl_reference.html#ToC2
A lot of people do this but I wonder whether it is worth the
perhaps if the script was on another machine the far side of a one-way
firewall ?
Owen Boyle wrote:
[EMAIL PROTECTED] wrote:
Build a Script which provide mod_ssl with a passphrase.
maybe its possible to modify apachectl for build and delete this script
if necessary.
My idea is to build a apachectl which ask the first time for the
passphrase and stores it in a temporarily file.
After all servers are startet, it deletes the file (e.g . via at-job
after 5-10 minutes).
So there is no script with a stored passphrase on disk (exept the cache
or memory ;-(
For
ok i see where you're coming from...
the fire wall is one way so requests won't work...
the second machine just monitors and on reboot, it logs in via ssh... so
if i understand it correctly the hacker then has to subvert sshd (or if
it is a serial console - then getty?) knowing specifically
Owen Boyle wrote:
Sneaky... But I'm a root-privileged hacker on the web-server, remember.
So all I have to do is make the same request of your pass-phrase
server that the web-server makes when it boots then get the pass-phrase
from the reply.
in this case, you can fake also the passphrase
[EMAIL PROTECTED] wrote:
If you have a root privileged hacker on your machine you are lost
anyway!
Exactly. Pass-phrases give a warm, comfortable feeling but not much
else...
__
Apache Interface to OpenSSL (mod_ssl)
Well, it would mabe be smart to put all the certs and a startup script with
passphrases on an encrypted disk, where you have to manually mount the
encrypted disk, then run the script. Or you could leave the certs in
unencrypted space, and just have the script encrypted. Then unmount the
Are Hoel wrote:
Well, it would mabe be smart to put all the certs and a startup script with
passphrases on an encrypted disk, where you have to manually mount the
encrypted disk, then run the script. Or you could leave the certs in
unencrypted space, and just have the script encrypted. Then
The difference is that with a passphrase the rooter must be an active
attacker with an active compromise on your machine, as opposed to a
non-pass phrase which can be a passive attacker trying to snarf a single
file. More than just warm fuzzy; the first is just downright harder.
/r$
--
-Original Message-
From: Rich Salz [mailto:[EMAIL PROTECTED]]
Sent: 29 November 2001 12:12
To: Owen Boyle
Cc: [EMAIL PROTECTED]
Subject: Re: Apache SSL Private Keys
The difference is that with a passphrase the rooter must be an active
attacker with an active compromise on your machine
It's not a joke, it's a fact. And in my opinion it's MUCH better to use a
small encrypted partition so store a startupcript with passphrases then to
just have the script lying around on the server. If you have a better
solution I'd like to see it.
You will have to enter the console to enter
Are Hoel wrote:
It's not a joke, it's a fact.
I know, I know - my tongue was in my cheek :)
And in my opinion it's MUCH better to use a
small encrypted partition so store a startupcript with passphrases then to
just have the script lying around on the server. If you have a better
Hi,
Im sorry if this has already been covered, but I have searched and failed to
turn up anything on the subject (although Im new to this sort of thing so
not 100% sure on where to look).
I am running Apache/1.3.20 (Unix) PHP/4.0.6 mod_ssl/2.8.4 OpenSSL/0.9.6a on
FreeBSD 4.4-STABLE and am
Hi,
Im sorry if this has already been covered, but I have searched and failed to
turn up anything on the subject (although Im new to this sort of thing so
not 100% sure on where to look).
I am running Apache/1.3.20 (Unix) PHP/4.0.6 mod_ssl/2.8.4 OpenSSL/0.9.6a on
FreeBSD 4.4-STABLE and am
It's not a joke, it's a fact. And in my opinion it's MUCH better to use a
small encrypted partition so store a startupcript with passphrases then to
just have the script lying around on the server. If you have a better
solution I'd like to see it.
To be honest it doesn't really matter
Stuart Butcher wrote:
I am running Apache/1.3.20 (Unix) PHP/4.0.6 mod_ssl/2.8.4 OpenSSL/0.9.6a on
FreeBSD 4.4-STABLE and am having problems with a secure site Im running.
Most of the time it works fine, but sometimes IE (versions 4, 5, 5.5, 5.5
Sp2 and 6) returns a 'Page not found' error,
nCipher is one of many hardware crypto makers -- was there a particular
reason why you picked them out? I know they can spool keys out to
disk (under 3DES protection I believe), but most h/w crypto accelerators
have similar provisions.
BTW, perhaps you can convince management that your email
Hi Folks:
I've been testing Apache (1.3.19) with mod_ssl (2.8.3.1.3.19) and
openssl (0.9.6a) on Windows 98 2000. On one Window 98 machine I get
this error in my browser:
This program has performed illegal operation and will be shut down.
and the error.log says this:
[Mon Nov 26 13:53:29
Thanks for this, I have added to my httpd.conf file, and wait and see :)
Much appreciated,
Stu
-Original Message-
From: Owen Boyle [mailto:[EMAIL PROTECTED]]
Sent: 29 November 2001 14:43
To: [EMAIL PROTECTED]
Subject: Re: Apache-SSL, IE Connection Reset By Peer errors
Stuart
Adding passphrases to the keys or storing them in a encrypted partition
doesn't really get you any additional level of security.
Perhaps in the specific case that started this thread, but in the
general case, this is wrong.
Let's consider a common co-location scenario. Or where the MIS/IT
Alternatively, I have found I can create a private key without a pass
phrase to avoid this issue I wrote about earlier. That doesn't seem
like a good alternative to me.
Is that how you guys are avoiding the tons of questions on restart?
-Kyle
Kyle wrote:
Hi, I've got a large group of web
Build a Script which provide mod_ssl with a passphrase.
maybe its possible to modify apachectl for build and delete this script
if necessary.
http://www.modssl.org/docs/2.8/ssl_reference.html#ToC2
- Wolfgang
Kyle wrote:
Alternatively, I have found I can create a private key without a pass
Try this:
CFLAGS=-DEAPI \
./configure --with...
-Original Message-
From: Deluca, Kevin [SMTP:[EMAIL PROTECTED]]
Sent: Friday, August 10, 2001 19:53
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: compiling Apache/SSL - EAPI warnings
John,
As it says, you need
i've never built apache with or without ssl so it's all new to me...
i don't have any ca$h so i'm not using VC++ which is most likely my problem, but, what
can you do about it?
i used GNU's make to compile OpenSSL which resulted in 4 .a files. these are:
libcrypto.a, libeay32.a, libssl.a and
ably have to go back and re-do
this step.
-Original Message-From: Deepak
[mailto:[EMAIL PROTECTED]]Sent: Monday, May 21, 2001 4:11
AMTo: [EMAIL PROTECTED]Subject: Apache SSL
MOD
I have installed apache server and openssl on
linux server.I want to create CA ce
Allen Chan wrote:
Apache - SSL - Jserv on Unix (Sun)
flex -Pssl_expr_yy -s -B ssl_expr_scan.l
make[4]: flex: Command not found
Is flex (fast lexical analyzer generator) on the path? Check with:
$ which flex
Make sure it is on the path of the shell which does the compilation.
Rgds,
Owen
Allen Chan [EMAIL PROTECTED] wrote:
I'm not sure if this is the right address to ask. I'm trying to
download a preconfigured apache with SSL and Jserv from
www.modssl.org/contrib/ web site. But all of the binaries
are in .rpm extension. Anyone knows how to extract the
files. Appreciate
Hi:
I'm not sure if this is the right address to ask. I'm
trying to
download a preconfigured apache with SSL and
Jservfrom
www.modssl.org/contrib/ web
site. But all of the binaries
are in .rpm extension. Anyone knows how to extract
the
files. Appreciate your help.
Thanks.
Hi:
I'm wondering if anyone out there has configured this setup:
Apache - SSL - Jserv on Unix (Sun)
If you have a pre-compiled version of the whole thing,
can you give me a pointer to it. If you have a working
instruction that I can follow, that'd be great too.
I found this instruction
On Fri, Mar 02, 2001, [EMAIL PROTECTED] wrote:
[...]
In my opinion, this is one of the best support lists I've ever seen,
although I think it would be safe to say that it is very difficult to elicit
a response from Ralf (I've never had a reply regarding removing broken RPMs
from the ftp
-Original Message-
From: Robert Covell [mailto:[EMAIL PROTECTED]]
Sent: 01 March 2001 16:57
To: [EMAIL PROTECTED]
Subject: mod_ssl vs Apache-SSL
A few questions on mod_ssl vs Apache-SSL. Just to say up
front that email
this is not intended to start a Flame War on the two SSL
A few questions on mod_ssl vs Apache-SSL. Just to say up front that email
this is not intended to start a Flame War on the two SSL implementations.
We just want to make an educated decision now for the future.
Our current setup is on Stronghold and want to migrate to either a mod_ssl
or Apache
On Thu, Mar 01, 2001 at 10:56:36AM -0600, Robert Covell wrote:
A few questions on mod_ssl vs Apache-SSL. Just to say up front that email
this is not intended to start a Flame War on the two SSL implementations.
We just want to make an educated decision now for the future.
Our current setup
A few questions on mod_ssl vs Apache-SSL. Just to say up front that email
this is not intended to start a Flame War on the two SSL implementations.
We just want to make an educated decision now for the future.
this may or may not effect you, but apache-ssl doesn't seem to
integrate very well
PROTECTED] wrote:
On Thu, Mar 01, 2001 at 10:56:36AM -0600, Robert Covell wrote:
A few questions on mod_ssl vs Apache-SSL. Just to say up front that email
this is not intended to start a Flame War on the two SSL implementations.
We just want to make an educated decision now for the future
|
|| |
|+-
|
||
| To: [EMAIL PROTECTED] |
| cc: (bcc: Tim Power/LON/GB/Reuters) |
| Subject: Can't start Apache-SSL again
Hi
How can I install apache that uses SSL without compiling it with EAPI?
(Is there is a option to do it?).
I need to compile it with API only because it creating a cores with my
application.
Thanks
Shalom
Hello master,
i'm one of the web developers from
Austraila.
i installed Apache + SSL in my Linux server and is
working
fine. After read your official site document, i am
trying to create a real SSL server certificate,
i used the following script to create
server.csr
$ openssl genrsa -des3
Hi
I have tried to install apache with ssl on my computer (it AIX 4.3.3).
I have installed the openssl-0.9.6 with a success.
When I have tried to configure the mod_ssl for apache 1.3.12 it succeed.
But when I tried to make , it asked for a patch for the AIX
Hi
When I have checked the error log of the apache I have seen the
following error message:
] (System error follows)
[Thu Dec 28 16:54:54 2000] [error] System: Connection reset by peer
(errno: 73)
[Thu Dec 28 16:54:55 2000] [error] mod_ssl: SSL handshake interrupted by
system
I'm using
daemon path/to/apachectl startssl
Do you think it's better to move to httpd -DSSL ??? Is there
any difference??
thanks.
Hi,
If you don't have httpd file in /etc/rc.d/init.d/ then
add httpd service using ntsysv and you should get it
Nope... I wish this problem was as simple as this but it is not...
It seems you have two versions of Httpd installed. One
that is working correctly and one that you compiled.
NKN
__
Apache Interface to
On Wed, Nov 29, 2000 at 07:56:06AM -0200, Marcus Andree wrote:
I'm using
daemon path/to/apachectl startssl
why use daemon? the usual way is just to do a
/path/to/apachectl startssl
Do you think it's better to move to httpd -DSSL ??? Is there
any
Hi guys,
I'm with this odd problem on a Redhat 6.2 Linux system:
after booting the computer, a init script is used to fire up
httpd, but the process starts and then suddenly dies. I've tried a lot
of things to address this issue, but with no success.
It's weird
On Tue, Nov 28, 2000 at 01:31:45PM -0200, Marcus Andree wrote:
I'm with this odd problem on a Redhat 6.2 Linux system:
after booting the computer, a init script is used to fire up
httpd, but the process starts and then suddenly dies. I've tried a lot
of things to address this
On Tue, Nov 28, 2000 at 01:31:45PM -0200, Marcus Andree wrote:
I'm with this odd problem on a Redhat 6.2 Linux system:
after booting the computer, a init script is used to fire up
httpd, but the process starts and then suddenly dies. I've tried a lot
of things to address
On Tue, Nov 28, 2000 at 03:12:43PM -0200, Marcus Andree wrote:
On Tue, Nov 28, 2000 at 01:31:45PM -0200, Marcus Andree wrote:
I'm with this odd problem on a Redhat 6.2 Linux system:
after booting the computer, a init script is used to fire up
httpd, but the process starts
Hi,
If you don't have httpd file in /etc/rc.d/init.d/ then
add httpd service using ntsysv and you should get it
there.
Edit this httpd file and where you have
"daemon httpd" write "daemon httpd -DSSL"
That should be it.
Naresh
--- Marcus Andree [EMAIL PROTECTED] wrote:
Hi guys,
It seems you have two versions of Httpd installed. One
that is working correctly and one that you compiled.
NKN
Yes. I'm 100% sure. Here's another puzzling
situation. On a shell,
I used the `at` programa to schedule a
/etc/rc.d/init.d/httpd stop and
a /etc/rc.d/init.d/httpd start
Hello,
I have a big problem :
I must manage the CRL files on a secure site (apache, mod-ssl)
All's working but i must update the crl every day.
And when i replace the crl file, apache don't reload the crl !
( SSLCARevocationFile /opt/Applications/apache_1.3.12/conf/test_crl/crl.pem
)
and so,
BERWART Thierry wrote:
All's working but i must update the crl every day.
And when i replace the crl file, apache don't reload the crl !
and so, i must restart apache :(
I'm not sure what your problem actually is!
I assume you mean that something external to apache makes you update the
crl
ok ! i'll restart apache :/
thanks you for your answer !
Thierry
-Message d'origine-
De: Owen Boyle [mailto:[EMAIL PROTECTED]]
Date: lundi 13 novembre 2000 14:10
À: [EMAIL PROTECTED]
Objet: Re: Apache, SSL and CRL Managing !
BERWART Thierry wrote:
All's working but i must update
Call Rainbow Tech Support.
Austin
Original Message
On 10/31/00, 8:55:56 PM, mod_ssl_cn [EMAIL PROTECTED] wrote regarding
hwo to force apache+ssl use CryptoSwift:
Hi
I have installed openssl_engine_0.9.6 , mod_ssl , apache_1.3.14 in my
linux platform .
I have installed hardware crypto
Hi
I have installed openssl_engine_0.9.6 , mod_ssl , apache_1.3.14 in my linux platform .
I have installed hardware crypto device : CryptoSwift and it's driver
I have test it by openssl0.9.3 + swift_patch + mod_ssl.
It works normal.
How can I force the apache_1.3.14 + openssl_engine_0.9.6
Hello,
Iam using apache with mod-ssl.
And i want to use a CRL check.
I see that i must use the "SSLCARevocationFile" command.
Example : SSLCARevocationFile
/usr/local/apache/conf/ssl.crl/ca-bundle-client.crl
My CRL file is updated every 45 minutes and my question is how
apache/mod-ssl manage
I played with this for a while, our (commercial) CA writes a new CRL every 24
hours - and they only last for 24hours, 5minutes.
We had a cron job that was synchronised to pull the crl from an LDAP, massage
it, place it into .../ssl.crl/ca-bundle-client.crl (overwriting the old one).
This
://openssl.org/support/faq.html
Elke
-Ursprüngliche Nachricht-
Von: Kavitha Srinivasan [mailto:[EMAIL PROTECTED]]
Gesendet am: Freitag, 13. Oktober 2000 18:10
An: [EMAIL PROTECTED]
Betreff: Re: AW: apache-ssl on Windows-NT
Hi Elke,
Thank you for your mail.
I have installed opensa version
Hi,
anybody have examples configuration file or steps description how start
HTTPS whit apache 1.3.14 + ssl
Tanks
Adinolfi Giovanni
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing
On Mon, Oct 16, 2000, Adinolfi Giovanni wrote:
anybody have examples configuration file or steps description how start
HTTPS whit apache 1.3.14 + ssl
If you install Apache+mod_ssl as described in mod_ssl's INSTALL
document, you will result with a correctly pre-configured httpd.conf
file. Use
: Kavitha Srinivasan [mailto:[EMAIL PROTECTED]]
Gesendet am: Dienstag, 10. Oktober 2000 16:29
An: [EMAIL PROTECTED]
Betreff: apache-ssl on Windows-NT
Hello,
Could someone pl let me know if there is a windows executable available (US
user) for Apache with SSL?
I do realize this is not a great
1 - 100 of 168 matches
Mail list logo