Mod_ssl includes very good documentation how install apache and
its modules.
Salvatore Ilardo
http://www.rokeby.com
[EMAIL PROTECTED]
-----Original Message-----
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On
Behalf Of Jeff Gelina
Sent: Monday, July 17, 2000 4:16 PM
To:
[EMAIL PROTECTED]
Subject: Re: msie AGAIN
SP would be a good
idea except that this is Linux 6.2.
I'm about to install a new apache
server, does anyone have any good
documentation on the best way to
install apache, ssl, php, and frontpage????
Also, where do I go from here
on my ie problem. I have pretty detailed
information in my
error_engine_ssl log. However, I am not sure what it
means. Who
knows who would understand this stuff?
Jeff Gelina
ISP "Little Blade
of Grass"
Colorado Information Technologies
----- Original Message
-----
From: "David Leeson" <[EMAIL PROTECTED]>
To:
<[EMAIL PROTECTED]>
Sent: Monday, July 17, 2000 3:24
AM
Subject: Re: msie AGAIN
> Jeff,
>
> I'm unlikely
to be much help on the SSL side (I'm still a newbie to this).
>
> I
can get through on https://www.colosoft.com and
https://www.coloinfotech.com
> using MS IE
5.01/128.
>
> How about revisiting the IE installations. Have any
service packs undone
> anything - or do you need to reinstall service
packs - I would always
avoid
> reapplying SPs as it always breaks
something to do with security. For
> example I
> have to reinstall
Entrust Desktop and IE5/128 each time I reapply SP5
> (no version control
checks seemingly being done at installation).
>
> At 12:34 16/07/00
-0600, you wrote:
> >hey all,
> > if i tell
ie to not use sslv3 or tlsv1 in the advanced options
> >(theorizing
that it would then use sslv2, which was enabled) I still do
not
>
>connect, however I get very different errors in the ssl_engine_log
than
what
> >I was getting when trying to connect via sslv3. I can
post those errors
if
> >needed.
> >----- Original Message
-----
> >From: "Jeff Gelina" <[EMAIL PROTECTED]>
> >To:
<[EMAIL PROTECTED]>
> >Sent: Sunday, July 16, 2000 12:28
PM
> >Subject: Re: msie AGAIN
> >
> >
>
>> Ok, when I put it in debug mode with the new configuration I found
that
> >one
> >> log file and only one file changes when i
try to access the https site
> >with
> >> IE. That
file is ssl_engine_log and here is what changes minus the
bio
>
>> dumps which were just a bunch of hex.
> >>
> >>
[16/Jul/2000 11:18:25 15029] [info] Seeding PRNG with 1160 bytes
of
> >entropy
> >> [16/Jul/2000 11:18:25 15029] [trace]
OpenSSL: Handshake: start
> >> [16/Jul/2000 11:18:25 15029] [trace]
OpenSSL: Loop: before/accept
> >> initialization
> >>
[16/Jul/2000 11:18:25 15029] [debug] OpenSSL: read 11/11 bytes from
>
>> BIO#080F4AA8
> >> [mem: 080FA1F0] (BIO dump
follows)
> >> [16/Jul/2000 11:18:25 15029] [trace] Inter-Process
Session Cache:
> >> request=GET st
> >>
atus=MISSED
> >>
id=309590E9D2CA6A50F56AC3475AF55D91F0436BB996781DECB16C18A37AB60355
>
>> (session renewal)
> >> [16/Jul/2000 11:18:25 15029] [trace]
OpenSSL: Loop: SSLv3 read client
> >hello
> >> A
>
>> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 write
server
> >hello
> >> A
> >> [16/Jul/2000
11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 write
>
>certificate
> >> A
> >> [16/Jul/2000 11:18:25 15029]
[trace] OpenSSL: Loop: SSLv3 write server
> >done
> >>
A
> >> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: write 876/876
bytes to
> >> BIO#080F4AA
> >> 8 [mem: 08107688] (BIO
dump follows)
> >> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL:
Loop: SSLv3 flush data
> >> [16/Jul/2000 11:18:25 15029] [debug]
OpenSSL: read 5/5 bytes from
> >> BIO#080F4AA8 [
> >>
mem: 080FA1F0] (BIO dump follows)
> >> [16/Jul/2000 11:18:25 15029]
[debug] OpenSSL: read 134/134 bytes from
> >> BIO#080F4A
>
>> A8 [mem: 080FA1F5] (BIO dump follows)
> >> [16/Jul/2000
11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 read client
key
> >>
exchan
> >> ge A
> >> [16/Jul/2000 11:18:25 15029]
[debug] OpenSSL: read 5/5 bytes from
> >> BIO#080F4AA8 [
>
>> mem: 080FA1F0] (BIO dump follows)
> >> [16/Jul/2000
11:18:25 15029] [debug] OpenSSL: read 1/1 bytes from
> >>
BIO#080F4AA8 [
> >> mem: 080FA1F5] (BIO dump follows)
>
>> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: read 5/5 bytes
from
> >> BIO#080F4AA8 [
> >> mem: 080FA1F0] (BIO dump
follows)
> >> [16/Jul/2000 11:18:25 15029] [debug] OpenSSL: read
36/36 bytes from
> >> BIO#080F4AA8
> >> [mem:
080FA1F5] (BIO dump follows)
> >> [16/Jul/2000 11:18:25 15029]
[trace] OpenSSL: Loop: SSLv3 read finished
A
> >> [16/Jul/2000
11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 write change
> >>
cipher sp
> >> ec A
> >> [16/Jul/2000 11:18:25 15029]
[trace] OpenSSL: Loop: SSLv3 write
finished A
> >> [16/Jul/2000
11:18:25 15029] [debug] OpenSSL: write 47/47 bytes to
> >>
BIO#080F4AA8
> >> [mem: 08107688] (BIO dump follows)
>
>> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Loop: SSLv3 flush
data
> >> [16/Jul/2000 11:18:25 15029] [trace] Inter-Process Session
Cache:
> >> request=SET st
> >> atus=OK
>
>id=95F69C732CD78360E18A4C3E7786223C9117E932FB7848875B0892B06210F8A8
>
>> time
> >> out=300s (session caching)
> >>
[16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Handshake: done
> >>
[16/Jul/2000 11:18:25 15029] [info] Connection: Client
IP:
209.12.32.66,
> >> Protoc
> >> ol: TLSv1, Cipher:
EXP1024-RC4-SHA (56/128 bits)
> >> [16/Jul/2000 11:18:25 15029]
[debug] OpenSSL: read 0/18437 bytes from
> >> BIO#080F4A
>
>> A8 [mem: 080FA1F0] (BIO dump follows)
> >> [16/Jul/2000
11:18:25 15029] [debug] OpenSSL: write 27/27 bytes to
> >>
BIO#080F4AA8
> >> [mem: 08102A00] (BIO dump follows)
>
>> [16/Jul/2000 11:18:25 15029] [trace] OpenSSL: Write: SSL
negotiation
> >> finished su
> >> ccessfully
>
>> [16/Jul/2000 11:18:25 15029] [info] Connection to child 0 closed
with
> >> standard
> >> shutdown (server
minnesota.coinfotech.com:443, client 209.12.32.66)
> >>
>
>> Can you decipher this???
> >>
> >> -----
Original Message -----
> >> From: "Martin Lichtin"
<[EMAIL PROTECTED]>
> >> To: <[EMAIL PROTECTED]>
>
>> Sent: Saturday, July 15, 2000 7:18 PM
> >> Subject: Re:
msie AGAIN
> >>
> >>
> >> > > Ok, I
have done as you have requested (it was a pain in the butt)
you
>
>> will
> >> > > see the new page at http://minnesota.coinfotech.com but you
will
not
> >> be
> >> > > able to access the
https with any ie browser. Netscape will see it
> >just
>
>> > > fine. Hence, same problem.
> >>
>
> >> > What messages do you see in the ssl.log when you
increase the debug
> >level?
> >> > Try
> >>
> SSLLog ssl.log
> >>
> SSLLogLevel debug
>
>> >
> >>
> >>
______________________________________________________________________
>
>> Apache Interface to OpenSSL
(mod_ssl)
www.modssl.org
> >> User Support Mailing
List
[EMAIL PROTECTED]
> >> Automated List
Manager
[EMAIL PROTECTED]
> >>
> >
>
>______________________________________________________________________
>
>Apache Interface to OpenSSL
(mod_ssl)
www.modssl.org
> >User Support Mailing
List
[EMAIL PROTECTED]
> >Automated List
Manager
[EMAIL PROTECTED]
> >
> regards
>
>
-david
>
> --------------------
> Technical Director (CTO) mailto:[EMAIL PROTECTED]
>
Carvel Solutions Ltd. http://www.carvel.co.uk
> Software, Internet &
E-Commerce Solutions
> Vindolanda, Abbeytown, Carlisle, Cumbria, CA5 4RG,
UK.
> Tel/Fax: +44 16973 61173
> Mobile: +44 411
125307
>
> "Never be afraid to try something new. Remember, amateurs
built the Ark;
> professionals built the Titanic."
>
>
______________________________________________________________________
>
Apache Interface to OpenSSL
(mod_ssl)
www.modssl.org
> User Support Mailing
List
[EMAIL PROTECTED]
> Automated List
Manager
[EMAIL PROTECTED]
>
______________________________________________________________________
Apache
Interface to OpenSSL
(mod_ssl)
www.modssl.org
User Support Mailing
List
[EMAIL PROTECTED]
Automated List
Manager
[EMAIL PROTECTED]
