I'd remove the mailman CGI scripts, they have some security issues that
have been covered on the Bugtraq list.
Thanks,
Ron DuFresne
On Sun, 6 Jan 2002, David Gibbs wrote:
> Folks:
>
> I'm having a problem getting mod_ssl to work in my Apache server running
> Mailman CGI programs.
>
> I'm running RedHat 7.2, with Apache/1.3.22 & mod_ssl 2.8.4.
>
> I have self-signed the certificates and the system seems to work fine when
> using Netscape.
>
> For some reason, however, when I try to access the exact same pages with
> Internet Explorer (5.5), none of the cgi input is accepted ... it's just
> ignored.
>
> The mailman interface uses POST to submit the data to the server.
>
> I'm using the following SSL dirctives...
>
> SSLEngine on
> SSLCertificateFile /etc/httpd/conf/ssl.crt/lists.crt
> SSLCertificateKeyFile /etc/httpd/conf/ssl.key/lists.key
> CustomLog /var/log/httpd/mailman/ssl_request_log "%t %h
> %{SSL_PROTOCOL}x
> %{SSL_CIPHER}x \"%r\" %b"
> ScriptAlias /cgi-bin/ /home/mailman/cgi-bin/
> SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars
> +StrictRequire
>
> Any suggestions?
>
> Thanks!
>
> david
>
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior consultant: sysinfo.com
http://sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
