I'm trying to setup an apache 2 server that offers SSL using anonymous DH, and does not offer any certificate at all. Presently, my virtual host configuration is as follows:
<VirtualHost *:443> ServerName testbed GnuTLSEnable on GnuTLSPriorities NORMAL:+ANON-DH DocumentRoot /web </VirtualHost> Unfortunately, apache 2 refuses to start, with the error: [GnuTLS] - Host 'testbed:0' is missing a Certificate File! But that, of course, is exactly what I want. If I provide a X.509 certificate to satisfy mod_gnutls, it is delivered to clients, even if I add "-CTYPE-X.509" to the priorities. I can get approximately the right thing by providing an OpenPGP certificate instead - it, too, is sent to clients, but nothing in the world understands it, so it is simply ignored and the connection falls back to ANON-DH mode as I desire. Please tell me there's a better way? -- -Julian Blake Kongslie If this is a mailing list, please CC me on replies. vim: set ft=text :
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Modules mailing list Modules@lists.outoforder.cc http://lists.outoforder.cc/mailman/listinfo/modules