** Reply to note from Mads Toftum [EMAIL PROTECTED] Tue, 27 Jun 2000 13:44:45 +0200
On Tue, Jun 27, 2000 at 07:34:48AM -0400, Keith Kwiatek wrote:
Hello,
My apache modssl server certificate expired. I read the FAQ for creating the
certificate, but how do I install it into apache?
I understand that I need to compile mod_jrun with
-DEAPI, but how do I do that?
I successfully installed Apache with mod_ssl. I then
ran the Allaire JRUN connector wizard to install the
Apache connector. That automatically modified the
Apache httpd.conf file accordingly. However, the JRUN
hi,
We're using mod_ssl + apache for encrypting stuff on our site. Our problem
is
that it only works with 128-bit versions of IE4+ and the newest versions of
Netscape.
Before I got the cert back from Verisign, I signed my 1024-bit key myself
for testing, and it worked fine. 56-bit browsers
Apache DSO (Dynamic Shared Objects) do not work for 100% in combination with
Mod_ssl. When I start Apache I get something like "EAPI's could be instable,
compile modules with option -DAPI". I neat to run Apache with Mod_ssl and
PHP4 as a DSO. Any advises?
Regards,
Jeffrey Barendse
Did you set: SSLVerifyClient require
in your httpd.conf?
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing
dear author
i am using apache_1.3.12 +mod_ssl-2.6.4-1.3.12 +open_ssl-.0.9.5a
and using serverid of verisign freee trial version
and it has been successfully installed
also having verisign test CA certificate for the browser and is installed and
showing in the security--certificates--signers
Installed modssl, ran make certificate TYPE=test with default values
instead of changing any of the fields. Got no errors on any of the
makes but httpd will not start. I get this error in the error log:
0] [error] mod_ssl: Init: Failed to generate temporary 512 bit RSA
private key
Any
You need to use the apxs tool to build the mod_jrun module like this:
/path-to-apache/bin/apxs -c /path-to-jrun/connectors/apache/src/*.c
It should place mod_jrun.so in /path-to-apache/libexec/mod_jrun.so.
Then modify your httpd.conf file as usual.
This has been working great for me on
I've run across a conflict between the mod_ssl FAQ
and the configuration which the distribution seems to actually
install. The FAQ recommends the following as a workaround for
problems with MSIE:
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
However, the configuration
The difference of course is that the former hits *all* MSIE browsers,
including recent ones which seem to get along fine without the
workaround. Also, closing the connection each time, as mandated in
the FAQ, has a considerable performance cost, to the point that one
site which I'm involved
On Thu, Jun 29, 2000 at 01:04:34PM -0400, Diana Moreland wrote:
Installed modssl, ran make certificate TYPE=test with default values
instead of changing any of the fields. Got no errors on any of the
makes but httpd will not start. I get this error in the error log:
0] [error] mod_ssl:
As I continue to draft a clear a security statement for our website
Talking to my CA this morning, I was looking to clear up in my mind how
this all works. I understand how authentication with the certificate is
to work, and I thought I understood about what is encrypted and how it
is
I read the FAQ once but I obviously missed the clue I was looking for.
Thanks! It worked!
Mads Toftum wrote:
On Thu, Jun 29, 2000 at 01:04:34PM -0400, Diana Moreland wrote:
Installed modssl, ran make certificate TYPE=test with default values
instead of changing any of the fields. Got no
ok - I used the SSLRandomSeed directive with the built in seeding source.
Now, httpd will start with SSL but when I test it, I find that there is
not enough entropy for random number generation. I do not have
/dev/random on my system.
Bear with me --- I've only been working with this stuff for
Hi
I have one little problem. I want to ship one product to the market that has
apache with mod_ssl and openssl.
My problem is USA Patents.
I'm building openssl with option no-rsa. this is supposed to remove rsa code
from openssl and now i can use mod_ssl in a valid form inside usa without
Full_Name: Dennis Norgord
Version: mod_ssl-2.6.4-1.3.12
OS: Linux 6.1
Submission from: (NULL) (158.222.45.105)
When modssl is built as a shared object and apache is sent a SIGHUP or a SIGUSR1
signal, modssl leaks memory when it unloads and reloads.
In ssl_engine_init.c, I've taken a stab at
Hi there,
it's time to recollect the state of the world around crypto patents,
isn't it?
RSA:
AFAIK, the RSA patent runs out in fall 2000. So, any product that is
shipped after Fall 2000 will be able to finally forget about this RSA
patent issue. So, no more RSAref hacks, etc.
Am I right
On Thu, 29 Jun 2000, Schaefer,Lorrayne J. wrote:
Running openssl x509 -text -in on the CA certificate looks fine (CA has
CA:TRUE, pathlen:0 in the x509v3 basic constraints section). Would
appreciate any pointers.
Sazli,
Your pathlength should be set at a minimum to 1 for your CA.
on 30/6/00 9:24 AM, Syahrul Sazli Shaharir at [EMAIL PROTECTED] wrote:
Sorry, I got mixed up with another CA cert. The actual CA I am using has
the following:-
X509v3 extensions:
X509v3 Authority Key Identifier:
keyid:44:31:30:32:34:30:30:31
X509v3 Subject Key Identifier:
Hi there,
I am trying to configure a server so that a client
certificate is required to access a directory. Although it
denies access without a proper certificate if I use
SSLVerifyClient globally, it won't work for a directory
only. That means after accessing the main dir (without
client
Hello,
I am using openssl-0.9.5a on Windows 2000 and am having a difficult time
generating a signed server.crt file for use with mod_ssl and Apache.
Following the steps from the mod_ssl FAQ chapter 6 I get to the "openssl ca"
step and die as stated in the fact.
I then try to use the CA.pl
21 matches
Mail list logo