Richard Rose wrote:
Hi all,
I'm having a bit of trouble with Apache+mod_ssl, since I want (uhm, have
been instructed) to use it in a wholly bizarre way. What I need to do is
to use a separate Apache+mod_ssl for 4 different servers, running on the
same host, but different ports. Like so:
However, I think the questioner wants to get by with only ONE external
IP address but many internal SSL hosts. This cannot work because there
is no way to differentiate packets destined for different internal hosts
at the SSL level.
what about using stunnel to listen on 443 and then forward
Full_Name: John Douglass
Version: mod_ssl/2.7.1
OS: Solaris 2.7
Submission from: (NULL) (128.61.2.35)
I'm playing around with client certificate authentication.
Software used:
OpenSSL 0.9.6
Apache 1.3.14
Mod_SSL 2.7.1
My .htaccess file looks like:
SSLRequireSSL
SSLOptions
You're really using OAS in productive environment?
You are doomed!
The alternatives are:
1) Upgrade to iAS.
It uses Apache listener and mod_ssl instead of the very unstable sypglass
listener.
But I have to tell you that mod_plsql has some restrictions.
2) Use Apache and mod_owa, if you
Hi all,
This has to be the slowest response time I've been guilty of for ... well
... quite possibly *ever*. Sorry. I'm not on the mod_ssl list(s) so I have
no idea what (if any) follow up discussion there might have been on all
this.
That cache code was written during my time at C2Net,
I found this same problem being mentioned by Steve Hay
in Auguest. But the hack doesn't work for me.
My guess is that when running as an NT service, there
is not stdin/stdout/stderr assoicated with the process
(correct me if I am wrong.) So dup/dup2 redirection
failed to work and thus
Hi,
am a novice with linux. Appreciate all the help.
I have RH 6.2, install without Apache, Apache 1.3.14 with modSSL, i need
to use the option
--enable-module=so
so that I can use LoadModule to load a so file.
after recompile, apache is running, but it says
Loaded DSO
Hi, I'm new here but I did check the docs and the list archive first.
On 24 Oct 2000, Merton Campbell Crockett wrote:
On Mon, 23 Oct 2000, Panon, Paul-Andre wrote:
I am trying to use multiple name-based virtual hosts with mod_ssl.
. . .
Both mod_ssl and its predecessor ssleay can support
Full_Name: Ian Lunam
Version: 2.7.1
OS: linux RedHat 6.2
Submission from: (NULL) (210.48.81.139)
The System: RedHat 6.2, Apache 1.3.14, openSSL 0.9.6, tomcat 3.1, mod_ssl 2.7.1.
The machine is accessable via a firewall pinhole from the web. From the web it
is refered to as hostname.mydomain.com
Sorry for the currently occuring delayed postings to modssl-users. They were
filed without my notice to the wrong admin mailbox because of changes a few
weeks ago. I've nevertheless approved them today. So don't be confused by if
the date of the postings is 2-4 weeks old.
This is my setup:
Apache/1.3.12 (Unix) (Red Hat/Linux) mod_ssl/2.6.6 OpenSSL/0.9.5a
Customers are complaining that they can't access secure pages. I see no
pattern to the complaints (browser wise) and it works fine for me in IE and
NS. They have a thawte cert. Here are some entries from the
Full_Name: Frikkie Thirion
Version: openssl 0.9.6
OS: Suse Linux 6.4
Submission from: (NULL) (196.34.250.6)
Output of Apache 1.3.14 configuration script:
ssl_module uses ConfigStart/End
+ SSL interface: mod_ssl/2.7.1
+ SSL interface build type: OBJ
+ SSL interface
This is my setup:
Apache/1.3.12 (Unix) (Red Hat/Linux) mod_ssl/2.6.6 OpenSSL/0.9.5a
Customers are complaining that they can't access secure pages. I see no
pattern to the complaints (browser wise) and it works fine for me in IE and
NS. They have a thawte cert. Here are some entries from the
Hi,
I've got the following error message in running the make command (step
3of Build and install the SSL-aware Apache) specified in
http://www.modssl.org/example.
cc -c -I../../os/unix -I../../include -DHPUX11 -Aa -Ae -D_HPUX_SOURCE
-DMOD_SSL=207101 -DUSE_HSREGEX -DEAPI -DUSE_EXPAT
I installed mm-1.1.3 and build and install apache with mm
support. However, when I type apachectl start, it fails with the following
messages:
===
Ouch! ap_mm_create(1048576, "/tmp/apache/logs/httpd.mm.29219") failed
Error: MM:
Addressed to: [EMAIL PROTECTED]
[EMAIL PROTECTED]
** Reply to note from [EMAIL PROTECTED] Sat, 02 Dec 2000 22:14:51 EST
Debian-2.2.17 Perl-5.6.0 --prefix=/opt apache_1.3.14 mod_perl-1.24_01
mod_ssl-2.7.1-1.3.14 openssl-0.9.6 rsaref-2.0 from
Hi, is there a way to display secure and unsecure
items in the same frame with netscape browser? For
example, I want to show a page with customer name, and
order status which are texts as secure items, but an
image for "OK" button as nonsecure item. The
motivation is to not use ssl for images, so
Hi !
I use an web framework that can be accessed over three virtual hosts:
1. http://host:80/ insecure
2. https://host:443/ssl anonymous, no user auth. "SSLVerifyClient none"
3. https://host:444/only valid users "SSLVerifyClient require" (own CA)
Problem: When switching from
Full_Name: Hans Schuell
Version: 2.7.1
OS: NT
Submission from: (NULL) (194.138.37.41)
To get mod_ssl 2.7.1 running with Apache 1.3.14 under NT,
I had to change some minor things:
in configure.bat:
- the Makefile for NT is named "makefile.win" in apache_1.3.14/src.
In configure.bat
Addressed to: [EMAIL PROTECTED]
"Niklas Fondberg" [EMAIL PROTECTED]
** Reply to note from "Niklas Fondberg" [EMAIL PROTECTED] Wed, 6 Dec 2000 10:19:49
+0100
How do one proceed to generate a new key? I have only the (bogus?)
key generated at compile time.
See:
Owen Boyle wrote:
Michael wrote:
Is there any reason to pay for Verisigned keys or does setting up our
companies own CA work equally well?
Technically, a self-signed certificate will work perfectly well.
However, the browser will "inform" the user that it doesn't recognise
the
Michael [EMAIL PROTECTED] writes:
Any other reason browsers would favor a bigname ripoff CA over companies
owns? Are their any CA's that charge a more reasonable rate (like $10) for
the puny task of running a short program over data already provided them
and emailing it back?
The issue isn't
Full_Name: Walter Jahn
Version: mod_ssl-2.6.4-1.3.12
OS: SOLARIS 2.6
Submission from: (NULL) (194.121.102.41)
Hallo,
when I try to start the Apache-Webserver then I get the error-message:
[Thu Dec 7 21:14:46 2000] [error] mod_ssl: Init: Unable to read server
certific
ate from file
From: [EMAIL PROTECTED]
John.Airey This is the diff between my file and the old file. If I
John.Airey have this the wrong way round please let me know!
Actually, your file is much more different from the "standard" one
than you showed us. It seems to contain a lot of tweaks to make sure
old
We were getting the "page could not be displayed" error when connecting
to our SGC-enabled mod_ssl-2.6.6-1.3.12 server using MS Internet
Explorer 5.0 or 5.5 with 40-bit encryption. The problem went away
immediately when I changed EXP56 to EXPORT56.
--Avi
I have compiled OpenSSL sucessfully, and when I try to compile
mod_ssl, I receive the following error:
+ checking sizeof various data types
+ doing sanity check on compiler and options
** A test compilation with your Makefile configuration
** failed. The below error output from the
all,
I am compiling mod_ssl 2.7.1 with apache 1.3.14 on NT4.0 with vc++ 6.0.
First, I did compile and install openSSL-0.9.6 successfully.
Second, I run this command:
configure.bat --with-apache=..\apache_1.3.14 --with-ssl=d:\openssl
result seems to be ok . at the end of email is a typical
hi
i try to install mod_ssl via apxs .
all seems fine , but when i want to active httpd server
i' ve a problem with de dbm_firstkey symbol ..
i'm on a debian potato 2.2 , the programs apache mod_ssl open_ssl are
tarball tgz .
i install the debain'package libgdbm , but no result ...
the
Dear sir,
I've upgraded my servers to apache 1.3.14/modssl 271/openssl096, but I
lost some environment variables, like SSL_*.
I setup the configuration file with
SSLOptions +ExportCertData +StdEnvVars
but with no sensible changes ... it seems that exportcertdata is not
executed...
Thanks
I installed ssl aware apache on Digital Unix, by following the instructions
from http://www.modssl.org/example I was able to do make certificate, but
when I start apache withapachectl startssl, it returns
httpd could not be started and the following error in the error_log
Hello,
i have a small question...:
I will make follow function with my Apache Proxy (Server) within mod_ssl.
[CLIENT (my)] http:80 --- [Proxy (my)] - https:443 [Secure
Server (Internet)]
I dont want does my clients have any "client certificatĀ“s" i will install
the client cert on
Hello master,
i'm one of the web developers from
Austraila.
i installed Apache + SSL in my Linux server and is
working
fine. After read your official site document, i am
trying to create a real SSL server certificate,
i used the following script to create
server.csr
$ openssl genrsa -des3
Hello everyone,
I'm new to mod_ssl/open_ssl, just have my first Apache/mod_perl/mod_ssl
server running. I'm still reading books about ssl, certificate and trying to
figure out how to do things. I have two questions I cannot find answers so
far, hope someone can point me to the right direction.
Hi. I want to support strong encryption for multiple domain names, all of
which will be mapped to the same server by my load balancer. My
understanding is that I will need a separate server certificate for each
different domain name. Is this something that I can do using Apache/mod_ssl
- i.e.
Full_Name: Paul W
Version: mod_ssl-2.7.1
OS: Sun Solaris
Submission from: (NULL) (204.112.101.47)
Hi,
I'm using openssl 0.9.6, and apache 1.3.14, and I get Seg faults at runtime
when trying to use mod_ssl. I've tried compiling open ssl both normally and
with the -fPIC option, all to no avail.
Hi,
"Schwartz, Mark" wrote:
When using MM, is the semaphore file location hard-coded at compile time? I
am trying to build a binary of apache which can be distributed across
multiple servers and installed in different directories. When I put it in a
different directory, I get the following
Jason Xue wrote:
Third, i run nmake /f Makefile.win from apache1.3.14\src directory
it seems to have no errors only a few warning. it ends after compile
modules\proxy. doesn't seems to compile modules\ssl.
For some reason Makefile.win (or one of the underlying) isn't properly
updated by
Ralf and company,
I've been working with the EAPI patch for CovalentSSL, and discovered
two issues that will greatly improve EAPI compatibility for everyone!
One aspect, the exported symbols, can be remedied once and for all,
assuring some level of compatibility from version 1.3.15 forward
Matthias Loepfe wrote:
Hi
Hello,
If there is anybody listening from CertCo: Are you willing to send me
the OCSP patch for mod_ssl (wellcome for any version)?
Rich Salz wrote:
Nobody ever expressed *any* interest, so I let it drop. I am no longer at
CertCo, and I doubt they have the
Full_Name:
Version:
OS:
Submission from: (NULL) (216.34.162.219)
While creating CSR file using the fallowing command C:\openssl req -new -key
server.key -out server.csr
the fallowing error ocured : Using configuration from
d:\MYDOCU~1\working\Apache\build4\openssl\ssl/openssl.cnf
Hi,
reported the same error for about a month ago, three times.
No reaction what so ever, not even questions.
I use RH 6.2 and we do not target windows users only
with our web site. Maybe this is not a problem to others...
/Hans
-Original Message-
From: [EMAIL PROTECTED]
To: [EMAIL
Dear Mark,
I ran across your posting (below) in the mod_ssl maillist archive below.
I am experiencing the same problem and the fixes suggested in the FAQ
also failed to correct it for me without using:
SSLProtocol all -SSLv3
I have just implemented this and wonder if you can tell me if you
Full_Name: Jean-Etienne SCHWARTZ
Version: 2.7.1
OS: AIX 4.3
Submission from: (NULL) (192.90.68.7)
How to export a server certificat (and, of course, it's private key) from a
NetscapeServer and import it into an Apache/mod_ssl server ?
Thanks
Hello!
Ive had Apache/1.3.14 with mod_ssl, php4 and frontpage extensions
running under FreeBSD 4.2-STABLE for a while, and other then a few fp
related problems, it has worked well.
A few days ago, I cvsup'ed my sources and rebuild the system, and since
then I can not start Apache with ssl
Full_Name: Vern Staats
Version: mod_ssl-2.7.1-1.3.14
OS: Solaris
Submission from: (NULL) (129.48.244.114)
The SSLRequire %{ENV:variable} eq "..." syntax fails to parse
because T_ID does not allow ':'. I fixed this in pkg.sslmod/
ssl_expr_scan.l as:
--- 232,238
/*
* Identifiers
Full_Name: JF Guindon
Version: 2.6.1
OS: Win NT
Submission from: (NULL) (207.96.218.232)
We use
Apache/1.3.12 (Win32) tomcat/1.0 mod_ssl/2.6.1 OpenSSL/0.9.5
We get
SSL handshake interrupted by system
[Hint: Stop button pressed in browser?!] (System error follows)
in the log file when a
On 6 Dec 2000, Eric Rescorla wrote:
Michael [EMAIL PROTECTED] writes:
Any other reason browsers would favor a bigname ripoff CA over companies
owns? Are their any CA's that charge a more reasonable rate (like $10) for
the puny task of running a short program over data already provided
I have a similar problem...hopefully someone has as good an answer.
I've got a bunch of virtual hosts running on port 80 just fine. I also have
a single HTTPS running on 443. I'd like to have multiple SSL hosts. So far
all my attempts have ended either with all traffic going to
Hi all,
A technical question: I am trying to use ssl_session_id inside a cgi
script. I am getting most of the ssl_* variables, but not "SSL_SESSION_ID"
I am using
httpd -v
Server version: Apache/1.3.12 (Unix) (Red Hat/Linux)
Server built: Mar 1 2000 13:37:34
with rpm versions of
Wojciech Wasowicz [EMAIL PROTECTED] writes:
Is URL sended from client to server encrypted?
Problem is - can I send secure arguments in URL.
This is not a very good idea. The problem is that requests
made from the returned page may contain the Referrer
header, which would reveal the URL. If you
Full_Name: David Sanders
Version: mod_ssl-2.6.6-1.3.12
OS: red hat 6.2
Submission from: (NULL) (195.99.110.2)
I upgraded to openSSL 0.9.6 (coming from 0.9.5a) which I installed
after that I rebuild mod_ssl and if I restart my apache server I get the
following message:
Cannot load
Hello,
My Webserver environment is like this: Apache/1.3.12 (Unix)
mod_perl/1.21_03 mod_ssl/2.6.6 OpenSSL/0.9.6. I was having problems getting
the SSL VirtualHost to start.
Within httpd.conf, I've found that IfDefine SSL does not work, but
IfModule mod_ssl.c works.
Has any one seen
Hi
Could you please help me how can I implement client authentication if there is
multiple certificate chain. I am usnig Apache_1.3.12+ Ben's SSL_1.40(Linux) and
certificate chain looks like following:
CERTIFICATE CHAIN HIERARCHY
Root Certificate
The modssl manual describes how to do this using openssl.
From: Anuradha Ratnaweera [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: starting apache without passphrase
Date: Sat, 23 Dec 2000 10:45:50 +0600 (LKT)
Hi all,
I have obtained a server certificate and the
I am running asun netra OS 5.7 and
using apache 1.3.9, modssl 2.4.10 for apache 1.3.9 and openssl 0.9.5a ( i also
tried 5 and 6 ) as well as the rsaref 2.0 library.I am
using GCC 2.95. i also tried 2.95.2 .Then i tried using
apache 1.3.6 and the appripriate modssl. I still
get the below
Yeh Win IE5.5 works... Mac IE5.0 (OS X) generates the error u mention, Mac NS
4.7 (OS X Carbon) works perfectly.
|+---
|| Eric Wood|
|| eric@interpl|
|| as.com |
|| |
|
Hi,
I'm playing around with an apache server on my linux workstation, and I was
interrested in the ssl-stuff... I want to check it out, see what it does,
and perhaps use this stuff on certain areas of my website. I know my site
runs on linux apache too, so if I can get the stuf to work on my
At 09:59 AM 12/28/00 +, Jon Hedges wrote:
Now I was wondering: how does one go by getting the certificates? I assume
the snake-oil certs are not supposed for prime-time use, so where can I
get a decent certificate, and how much is it gonna cost me?
Hi Jon,
What's the problem with
From: "Leland V. Lammert" [EMAIL PROTECTED]
lvl At 09:59 AM 12/28/00 +, Jon Hedges wrote:
lvl
lvl Now I was wondering: how does one go by getting the
lvl certificates? I assume the snake-oil certs are not supposed for
lvl prime-time use, so where can I get a decent certificate, and how
lvl
Hi
I have tried to install apache with ssl on my computer (it AIX 4.3.3).
I have installed the openssl-0.9.6 with a success.
When I have tried to configure the mod_ssl for apache 1.3.12 it succeed.
But when I tried to make , it asked for a patch for the AIX
Hi
When I have checked the error log of the apache I have seen the
following error message:
] (System error follows)
[Thu Dec 28 16:54:54 2000] [error] System: Connection reset by peer
(errno: 73)
[Thu Dec 28 16:54:55 2000] [error] mod_ssl: SSL handshake interrupted by
system
It sounds like the gnu flex utility is missing, get it and install it before
re-attempting to compile,
Parag
On Friday 01 December 2000 23:11, you wrote:
Hi,
I've got the following error message in running the make command (step
3of Build and install the SSL-aware Apache) specified in
I do not believe anybody from CertCo is on this list.
If you would like CertCo to donate the mod_ssl/OCSP diffs, I suggest you
contact
Mark Horvath, [EMAIL PROTECTED]
Good luck.
/r$
__
Apache Interface to OpenSSL
63 matches
Mail list logo