Now after finishing the DSO support for the 2.1 development branch I found time to incorporate and backport stuff to the stable 2.0 branch. The detailed CHANGES entries are appended. The most noticeable change (especially for package maintainers) is the fact that `make certificate TYPE=dummy' works again as expected. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com Changes with mod_ssl 2.0.14 (09-Oct-1998 to 01-Nov-1998) *) Backport from 2.1 branch: Renamed snakeoil.{crt,key} to snakeoil-ca.{crt,key} and created a real dummy server certificate/key pair as snakeoil.{crt,key} which is now used under `make certificate TYPE=dummy'. This fixes the recently occured problem where Netscape rejected the dummy certificates because they had the CA flag set. *) Upgraded to included Thawte Strong Extranet sources (ssl.contrib/sxnet/) from version 1.2.2 to the current 1.2.3. *) Backport from Apache-SSL: Incorporation of recent Base64 (uuencode) encoding bugfixes. *) Backport from 2.1 branch: Fixed the "SSLVerifyType optional_no_ca" situation: The situation has to be checked against more SSLeay errors, because under SSLv3 certificate chain loading leads to the presentation of the client CA certs, too. Here SSLeay gives different errors. *) Fixed documentation of SSL_CLIENT_I<x509> and SSL_SERVER_I<x509> environment variables. *) Fixed mod_proxy source for the situation where no --enable-module=ssl is used. *) Make sure the stand-alone ssl_gcache program compiles correctly even under SunOS where no strerror() exists. *) Backport from 2.1 branch: Fix "uchar" redefinition problem under AIX. ______________________________________________________________________ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]