----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, January 29, 2000 11:50 AM
Subject: Re: mod_ssl errors
> Hi -
>
> Does anyone on this list know what could be used to encrypt/decrypt
> streaming files on the fly? I understand that public key encryption could
> probably be used for encrypting a small key that would unlock the larger
> file.
>
> Regards, Jeff
>
> On Sat, 29 Jan 2000, Eckard Wille wrote:
>
> > jay wrote:
> > >
> > > [28/Jan/2000 15:54:06 12886] [error] OpenSSL: error:140890C7:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
[Hint: No CAs known to server for verification?]
> >
> > Your browser does not present a client cert (at least no cert issued
> > by a CA your server knows), but you enabled client verification. If
> > you set "SSLVerifyClient none" in your httpd.conf, everything should
> > work fine. If you really need client cert verification, you have to
> > get||install a client cert in your browser.
> >
> > Eckard
> > ______________________________________________________________________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
> >
>
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
Since SSL is a session based protocol, it is difficult to use it for file
encryption. It is based on a secret, that is established during the
handshake phase. Once the session is terminated, the secret cannot be
recovered. To encrypt files, s/mime surely can be used.
Cheers
Lin Geng
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
