Re: [Openca-Users] Top menu is not displayed under https!

Sat, 21 Aug 2010 07:51:36 -0700 

Hello Zaxary,

It is definitely an access config problem. It normally works with http/https.
What happens if you set the protocol to '*', can you access it via https ?
Have you checked the logs in PREFIX/var/openca/log/errlog ? Also, check the
Apache logs for the possible error (maybe it is an https config error there).

For the ra.xml configuration, the most liberal one for https is something
like the following:
<openca>
    <access_control>
        <channel>
            <type>mod_ssl</type>
            <protocol>ssl</protocol>
            <source>.*</source>
            <asymmetric_cipher>.*</asymmetric_cipher>
            <asymmetric_keylength>0</asymmetric_keylength>
            <symmetric_cipher>.*</symmetric_cipher>
            <symmetric_keylength>128</symmetric_keylength>
        </channel>
        ...

Does this works or do you still have issues ? Lat two usual questions:
- Which version of OpenCA are you using ?
- Have you installed all the patches for your version ?

Later,
Max

On 08/21/2010 03:58 AM, zaxary wrote:


Hi all,

I Installed OpenCA on a server with Apache 2 and it works correctly under
http for Public interface.
but RA is not works under https as the top menu is not displayed, but when I
changed the access_control/ra.xml file so it can work with http it works
correctly and there's no problem.

now I don't know what the cause of the problem is.
Is it the fault of apache's config or openca's config?

can anybody help me to solved the problem?

Regards,
Zaxary




--

Best Regards,

        Massimiliano Pala

--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager]                   ope...@acm.org
                                                 project.mana...@openca.org

Dartmouth Computer Science Dept               Home Phone: +1 (603) 369-9332
PKI/Trust Laboratory                          Work Phone: +1 (603) 646-8734
--o------------------------------------------------------------------------
People who think they know everything are a great annoyance to those of us
who do.
                                                           -- Isaac Asimov

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

------------------------------------------------------------------------------
This SF.net email is sponsored by 

Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev 
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to