> Of course ;^) Our web app is built around PHP+CPDF+GD+Openlink, to get
> everything to compile without errors I can't use bleeding edge
> releases. I'm
> running Apache 1.2.13 and PHP 4.0.0 because they are rock solid
> for me. CPDF
> and GD compile best against PHP 4.0.0, and Openlink compiles best against
> Slack 7.0 (actually, kernel 2.2.13).
>
> As to mod_ssl and openssl, well they were current when I started
> this......
> I've also discovered that staying one version behind (provided it has no
> major flaws) greatly increases ones chance of finding info in
> FAQ, mail list
> archives, etc.
>
> Is there a known problem with either of these versions? Jeeez I hope I
> didn't miss a message.
Well, PHP 4.0.0 has known security holes, so you might want to avoid that.
Upgrading to PHP 4.0.5 is recommended, although this shouldn't have any
affect on your particular problem.
You also really should be using a version of OpenSSL which matches Apache, I
didn't even know that modssl-2.6.6-1.3.12 would work against Apache 1.2.13.
I would at the very least upgrade to Apache 1.3.12. Upgrading to Apache
1.3.20 is also recommended because of some security holes found in older
releases as well.
If you really want to use modssl 2.6.6, you probably should stick with
OpenSSL 0.9.5a which was available at the time of release of 2.6.6. OpenSSL
0.9.6 wasn't released until Sep 24, a month after modssl 2.6.6.
-Dave
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
