Yep. Environment variables are being set. I've even tried including a SetEnv in the Apache config instead of setting the variables inside my code. I've written them to the log, and they're definitely being set. They're just being ignored. As I said before, the problem goes away if I just disable mod_ssl and connect to the server using regular HTTP (while continuing to use HTTPS to connect to Tomcat within my code). mod_ssl on => HTTPS_CA_FILE ignored (or the code that's executed by whatever reads the variable fails for some reason). mod_ssl off => HTTPS_CA_FILE gets used to validate Tomcat's certificate. I can only assume that some global variable is being set when mod_ssl is configured that causes the change to HTTPS_CA_FILE (or HTTPS_CA_DIR) to be ignored when they're used by code running within mod_perl. Two of us worked on it for hours and that's the only conclusion we could draw, though neither of would have thought that was the case before we saw it for ourselves. Rich Eggert Member of Technical Staff Proteus Technologies, LLC http://www.proteus-technologies.com
________________________________ From: [EMAIL PROTECTED] on behalf of Marko Asplund Sent: Mon 2/13/2006 2:13 PM To: openssl-users@openssl.org Subject: Re: [Crypt::SSLeay] mod_ssl overrides settings by mod_perl applications? Richard Eggert wrote: > ... > My best guess at what's happening is that mod_ssl is preloading libssl > and configuring it according to its own requirements (and mod_ssl > doesn't care about the certificates of other servers), and when my code > runs (later) under mod_perl, the variables I'm sending it are being > completely ignored. Apache/mod_ssl server configuration should not interfere with your libwww-perl/OpenSSL client configuration in any way. try to do some printf debugging and print the relevant environment variable values to a log file. do the variables have the correct values when the script is being run? br. aspa ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
<<winmail.dat>>