Are Hoel wrote:
That's the chicken and egg problem, you need a different IP
for each SSL-based VirtualHost:
http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47
I have actually managed to get this working with only one IP :)
That depends what you mean by working... What is happening with your
Hi,
This is may not relate to this list. I am looking for the rfc's on http
protocol. I know where to find http 1.0 which is rfc1945. But where is
http 1.1...
Sorry for the disturbance.
Thank you.
Regards
Alan
__
Apache
Hi all,
I have a dummy question about sub-Certified CA and so on.
After having created my Root CA to sign users' certificate.
I want now to sign Sub-CA certificate to accreditate this one
for signing (possibly another Sub-CA certificate) users' certificate.
Could someone give me an example of
Hi,
I've installed OpenSA 1.0b3 on Windows 2000 Server. Everything in
http://localhost/cgi-bin/private need client authentication to access. When I use the
POST method to post some form data to a CGI program
http://localhost/cgi-bin/private/examine.pl I got the following error:
---
405
You find nearly all what you need at w3.org!
HTTP 1.1: http://www.w3.org/Protocols/rfc2616/rfc2616.html
GreetingX,
Alex
--- Alan Kong [EMAIL PROTECTED] schrieb: Hi,
This is may not relate to this list. I am looking for the rfc's on http
protocol. I know where to find http 1.0 which is
Here's where to go to search/view RFCs:
http://www.cis.ohio-state.edu/Services/rfc/index.html
Searching there for the keyword http I found this one:
http://www.cis.ohio-state.edu/Services/rfc/rfc-text/rfc2616.txt
--On Friday, September 07, 2001 5:57 PM +0800 Alan Kong
[EMAIL PROTECTED] wrote:
According to RFC 2400, it is RFC 2068.
-
John Airey
Internet systems support officer, ITCSD, Royal National Institute for the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED]
-Original Message-
From: Alan Kong
Is this a ModSSL-Question?
In Apache there is a directive called Limit where you can allow or disallow
GET, POST, HEAD, ...
As the Credentials are sent to .../examine.pl, because you have authenticated
yourself successfully at .../private/, there should be no problem!
GreetingX,
Alex
---
Gurus,
We use Apache+modssl server to provide https support, most of browsers work
fine with that except palm browsers(Avantgo,Eudoraweb,Blazer), the https
request is interrupted at the first step - handshake.
Client browser displays Unable to securely verify identity of Host site
and the
On Fri, Sep 07, 2001 at 09:52:42AM -0700, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
wrote:
If my understanding is correct, the current logic for
SSLSessionCacheTimeout (in mod_ssl) is to mark the time when the first
request was received, and then, irrespective of how long the connection
Lutz,
Thanks for that feedback.. When I meant reset the timeout, I certainly
did not mean to do it for ever.. There has to be a limit - either the number
of times the reset is done or the time limit - or both. The timeout that I
was thinking of is some thing like
(10 * SSLSessionCacheTimeOut
Hi there,
On Fri, 7 Sep 2001, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:
If my understanding is correct, the current logic for
SSLSessionCacheTimeout (in mod_ssl) is to mark the time when the first
request was received, and then, irrespective of how long the connection has
been
The timeout on a session is also a concept subject to much
misunderstanding.
I've always though TTL, TimeToLive, was a better name.
/r$
--
Zolera Systems, Securing web services (XML, SOAP, Signatures,
Encryption)
http://www.zolera.com
Lutz,
Thanks for that feedback.. When I meant reset the timeout, I certainly
did not mean to do it for ever.. There has to be a limit - either the number
of times the reset is done or the time limit - or both. The timeout that I
was thinking of is some thing like
(10 * SSLSessionCacheTimeOut
Geoff,
Thanks for the detailed explaination - it does make a lot of sense..
As you've pointed out in case of SHMHT, if a server is lightly loaded, the
session id will be cached for a time greater than the expiry time - but a
session is NOT resumed based on this session-id. So, I guess
Hi,
If my understanding is correct, the current logic for
SSLSessionCacheTimeout (in mod_ssl) is to mark the time when the first
request was received, and then, irrespective of how long the connection has
been active/inactive, remove the session identifier from the cache after the
timeout
16 matches
Mail list logo
