On Tue, Jul 11, 2000, Segerlund, Lars wrote:
Anybody who knows if mod_ssl can handle 'step up' connections ?
In other words start a 40 bit and send a Thawte certificate wich makes the
browser renegotiate for 128 bit ? ( encryption key's ).
Yes, mod_ssl supports the step up of the Server
Hi,
I don't know why your servlet always prints that it is listening on port 80,
but yesterday I managed to remove port 80 from my server by changing the
httpd.conf file in the following manner:
8
#
# Port: The port to which the standalone
Hello,
I have installed apache with mod_ssl and it works well.
Now I create client certificates with openssl and want
to send them with "application/x-x509-user-cert" to the
browser. I tested DER, PEM and PKCS12 but nothing really
worked. Netscape says it doesn't know the corresponding
private
On Tue, Jul 11, 2000 at 08:32:09AM +0200, Thomas Barthel wrote:
Hello,
I have installed apache with mod_ssl and it works well.
Now I create client certificates with openssl and want
to send them with "application/x-x509-user-cert" to the
browser. I tested DER, PEM and PKCS12 but nothing
Hello all,
I have Apache 1.3.12 for Win NT running on my machine.
Now, I want to have secure web services and hence mod_ssl. But mod_ssl is
available only in source form.
I don't want to disturb my existing set-up.So please let me know from where
can I get the pre-complied binaries of mod-ssl for
On Mon, Jul 10, 2000 at 10:23:50PM -0600, george wrote:
[SNIP]
# /usr/local/apache/bin/apachectl configtest
Syntax OK
# /usr/local/apache/bin/apachectl startssl
Syntax error on line 1032 of /usr/local/apache/conf/httpd.conf
Invalid command 'SSLEnable', perhaps mis-spelled or defined by a
On Tue, Jul 11, 2000 at 03:49:15AM +, moses von wrote:
We have had modssl working for a very long time, and it worked
fine from BSDI 2.1 till 4.0.1. As soon as we installed
BSDI 4.1, our httpd server stopped working.. It starts up
but only a single process starts, and basically does
On Tue, Jul 11, 2000 at 09:16:34AM +0200, Thomas Barthel wrote:
Maybe I'm too new to this topic but isn't it true that PKCS12 contains both
the public and the private key?
Yes, the PKCS12 does support both keys. You however cannot download the
PKCS12 directly into the browser. You can only
Yes, the PKCS12 does support both keys. You however cannot download the
PKCS12 directly into the browser. You can only download it to a file
and then import it.
The direct download technique is only available for the cert (which only
contains the public key):
I've installed Apache + mod_ssl/OpenSSL + PHP3/MySQL by following
INSTALL.SSL file. It works well.
I've tried to install to do the same thing with the new release of php
: PHP4
I've made the following modifications in the file INSTALL.SSL
...
# configure PHP4 and apply it to the
Apache source
The following error messages are showing up in my apache error_logs.
Does anyone have an idea on what may be causing this, and if so how do I
fix the problem?
[Mon Jul 10 18:00:01 2000] [notice] SIGHUP received. Attempting to
restart
[Mon Jul 10 18:00:01 2000] [error] Cannot remove module
There seems to be a MIME-type for PKCS12 available:
http://www.crosswinds.net/san-marino/~jom/filex/mime.htm
.p12 application/pkcs-12
.p12 application/x-pkcs-12
I however don't know whether it is actually supported by Netscape.
(If it is, please inform us.)
thanks so far. I will
On Tue, Jul 11, 2000 at 11:15:20AM +0200, Lionel Mace wrote:
I've installed Apache + mod_ssl/OpenSSL + PHP3/MySQL by following
INSTALL.SSL file. It works well.
I've tried to install to do the same thing with the new release of php :
PHP4
I've made the following modifications in the file
On Tue, Jul 11, 2000 at 09:06:29AM -0400, Dave Reichard wrote:
The following error messages are showing up in my apache error_logs.
Does anyone have an idea on what may be causing this, and if so how do I
fix the problem?
[Mon Jul 10 18:00:01 2000] [notice] SIGHUP received. Attempting to
Hello,
I get this error message when i start apache after installing modssl :
"Failed to generate temporary 512 bit RSA private key"
I have looked in the archive and found people having the same problem... but
no answer.
How can I fix this ?
Thank you very much,
Laurent
--- Danilo Nascimento [EMAIL PROTECTED] wrote:
From: "Yu, Leo" [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: "'[EMAIL PROTECTED]'" [EMAIL PROTECTED]
CC: "Yu, Leo" [EMAIL PROTECTED]
Subject: which port ? 80 or 443
Date: Mon, 10 Jul 2000 12:30:40 -0700
Hi,
I configure a Linux
No, apache doesn't need to listen on port 80. Try this:
BindAddress 139.142.87.53
IfDefine SSL
Listen 443
/IfDefine
Start apache using 'apachectl startssl '.
Next, make sure all your users connect to the servlet using
https://yourdomain.com/servlets/test
I tried the getServerPort() under this
Thank you very much,
but we still couldn't make it work.
We made sure the PRNG has been seeded with at least 128 bits of randomness.
The error message is still there. How can we fix that ?
Thanks,
Laurent
- Original Message -
From: "Mads Toftum" [EMAIL PROTECTED]
To: [EMAIL
In looking at my configuration, I noticed that I did not have DSO
support enabled and I'm not sure that SSL is enabled correctly. I'm
thinking about reconfiguring and recompiling Apache with the following
parameters:
SSL_BASE="/usr/local/src/openssl-0.9.5a" \
Remember that when you do a "apachectl startssl", it adds the
argument -DSSL. So if you do a "httpd -DSSL -l", you should see ssl in
there.
-Dave
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Diana Moreland
Sent: Tuesday, July 11, 2000 8:07 AM
Thanks for the suggestion. However, when I did it, I got this:
httpd -DSSL -l
httpd: illegal option -- D
Usage: httpd [-d directory] [-f file] [-v] [-h] [-l]
-d directory : specify an alternate initial ServerRoot
-f file : specify an alternate ServerConfigFile
-v : show version number
-h : list
On Tue, Jul 11, 2000 at 11:52:32AM -0400, Silesky Marketing Inc, Support wrote:
Thank you very much,
but we still couldn't make it work.
We made sure the PRNG has been seeded with at least 128 bits of randomness.
The error message is still there. How can we fix that ?
Please make sure
The ssl_engine_log is empty
any idea ?
Thanks,
Laurent
- Original Message -
From: "Lutz Jaenicke" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, July 11, 2000 2:06 PM
Subject: Re: 2 - Failed to generate temporary 512 bit RSA private key
On Tue, Jul 11, 2000 at 11:52:32AM
Strange, what version of Apache are you using? (httpd -v)
-Dave
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Diana Moreland
Sent: Tuesday, July 11, 2000 10:45 AM
To: [EMAIL PROTECTED]
Subject: Re: SSL configuration with Apache
Thanks for
1.3.12
David Rees wrote:
Strange, what version of Apache are you using? (httpd -v)
-Dave
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Diana Moreland
Sent: Tuesday, July 11, 2000 10:45 AM
To: [EMAIL PROTECTED]
Subject: Re: SSL
Great idea! I tried it (after I downloaded and installed MM [thanks for the
tip]).
Everything seemed to go fine until I tried to start Apache. It didn't know
what to do with the SSLRandomseed directive, plus it threw up on a couple of
other ones.
When I did an httpd -l after this compile, the
Salut:
Arggg!
I have been mucking around with this error for quite some time and I
must be missing something!
[error] System: Permission denied (errno: 13)
[Tue Jul 11 13:52:18 2000] [error] mod_ssl: Child could not open
SSLMutex lockfile /django/opt/apache_1.3.12/logs/ssl_mutex.8681
as per
Do this:
chmod 755 /django/opt/apache_1.3.12/logs/ssl_mutex*
Or even better, shutdown Apache, delete all the ssl_mutex* files, and
restart.
The ssl_mutex files should be automatically created with the right
permissions.
Don't do a chmod -R +x apache_1.3.12, it's not a good idea.
-Dave
David Rees wrote:
Or even better, shutdown Apache, delete all the ssl_mutex* files, and
restart.
-Dave
David thanks,
I did what you advised with shutting down and restarting:
Before start:
drwxrwxrwx 2 1078 nobody 1024 Jul 11 14:34 .
drwxr-xr-x 13 1078 1078
Hmmm, I just checked one of my mod_ssl installations, and the ssl_mutex file
does not have execute permissions on it, but everything seems to be working
properly.
What is the exact error message again?
-Dave
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On
David Rees wrote:
Hmmm, I just checked one of my mod_ssl installations, and the ssl_mutex file
does not have execute permissions on it, but everything seems to be working
properly.
What is the exact error message again?
From error_log:
[Tue Jul 11 14:35:29 2000] [error] mod_ssl: Child
On Tue, Jul 11, 2000 at 02:16:11PM -0400, Silesky Marketing Inc, Support wrote:
The ssl_engine_log is empty
any idea ?
mod_ssl (2.6.5) will initialize the seed (ssl_engine_init.c:348), then
immediately call RSA_generate_key(). If this one fails, it will
die and log the contents of the error
[EMAIL PROTECTED] 07/11/00 03:00PM
[error] System: Permission denied (errno: 13)[Tue
Jul 11 13:52:18 2000] [error] mod_ssl: Child could not openSSLMutex
lockfile /django/opt/apache_1.3.12/logs/ssl_mutex.8681as per faq the
answer is:"This is usually caused by to restrictive permissions on
On Tue, Jul 11, 2000 at 03:07:23PM -0400, Diana Moreland wrote:
Great idea! I tried it (after I downloaded and installed MM [thanks for the
tip]).
Everything seemed to go fine until I tried to start Apache. It didn't know
what to do with the SSLRandomseed directive, plus it threw up on a
Full_Name: Doug Taylor
Version: 2.6.4-1.3.12
OS: Linux
Submission from: (NULL) (205.179.173.204)
Also using OpenSSL version 0.9.4 and Apache version 1.3.12.
I create a key pair (.key and .crt files) and update Apache to look for them.
No problem, Apache works, SSL works, all is well.
I then
35 matches
Mail list logo
