Netscape 6 : User Notes
Whelp, I figured it out on my own :) And heres a couple tips for the mailing list when struggling with NS6... 1. NS6 doesn't like it when you multi-home a domain (Assign multiple IP's i.e. 1 for SSL vhost, 1 for apache vhost). Instead only use 1 IP, which you should anyway, err..well I should have hehee. 2. NS is kind of like the old grandparent to me as a web developer. Its always in the way!! 3. Be careful when passing data between pages with php when using ssl (i.e. storing data in sessions). More than likely your going to lose that data if you use the :443 extension with the https://. I suppose this is the case always unless you've enabled transid's. Ok thats what i've found out, if someone wants to add cool! newest mod_ssl freak, - Brendon _ Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: upgrading an ancient version
On Fri, Dec 01, 2000 at 04:52:22PM -0800, Robert L. Yelvington wrote: I am very familiar configuring mod_ssl / openssl / apache. Can someone advise as to the pitfalls I might encounter, if there are any, and how to overcome them when upgrading from the following versions of software to the latest on a FREEBSD box? OS: 3.2-STABLE FreeBSD 3.2-STABLE #2 i386 (not a chance of upgrading this to latest...yet!) APACHE: 1.3.9 MODSSL: mod_ssl/2.4.0 OPENSSL: OpenSSL/0.9.4 What I am really worried about is my vhost's certs. Will they still work if I upgrade modssl and openssl? Yep, there shouldn't be any problems with that. There's even an option to mod_ssl's configure if you want to point to existing certs. You could probably even use the same httpd.conf. Will they still work if I just upgrade apache and mod_ssl (do I even need to upgrade openssl at all?) I would recommend upgrading openssl for performance and other fixes, but you probably don't really have to. OR Can I just upgrade apache and keep the current versions of modssl and openssl...? No. You must have the correct version of mod_ssl to fit the Apache. There is also quite a lot that have happened to mod_ssl that will make an upgrade worth the trouble. vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Please Ignore Test
Forgive me for sending tests they annoy me as well, but I have been trying to send for a week now unsuccessfully. Cross your fingers :-) __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
virtualhost name does NOT match server name
Hello on solaris 2.6 Server: Apache/1.3.14, Interface: mod_ssl/2.7.1, Library: OpenSSL/0.9.6 On our server corbu.gamsau.archi.fr I want to secure a virtual host sympa.archi.fr on two ways : the standard way on port 80 with cookies and the SSL way on port 443 httpd.conf VirtualHost sympa.archi.fr:80 Port 80 SSLDisable ServerAdmin [EMAIL PROTECTED] DocumentRoot /export/home/sympa ServerName sympa.archi.fr ... /VirtualHost VirtualHost sympa.archi.fr:443 Port 443 ServerAdmin [EMAIL PROTECTED] DocumentRoot /export/home/sympa ServerName sympa.archi.fr User sympa Group listserv UserDir disabled ScriptAlias /wws /export/home/sympa/bin/wwsympa.fcgi ErrorLog /export/home0/apache/gamsau/logs/wwsympa443_error TransferLog /export/home0/apache/gamsau/logs/wwsympa443_access DirectoryIndex wws SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt SSLVerifyClient 0 SSLVerifyDepth 10 ... /VirtualHost [02/Dec/2000 15:59:45 04465] [info] Init: Initializing (virtual) servers for SSL [02/Dec/2000 15:59:45 04465] [info] Init: Configuring server 127.0.0.1:443 forSSL protocol [02/Dec/2000 15:59:45 04465] [trace] Init: (127.0.0.1:443) Creating new SSL context (protocols: SSLv2, SSLv3, TLSv1) [02/Dec/2000 15:59:45 04465] [trace] Init: (127.0.0.1:443) Configuring permitted SSL ciphers [ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL] [02/Dec/2000 15:59:45 04465] [trace] Init: (127.0.0.1:443) Configuring RSA server certificate [02/Dec/2000 15:59:45 04465] [warn] Init: (127.0.0.1:443) RSA server certificate CommonName (CN) `sympa.archi.fr' does NOT match server name!? [02/Dec/2000 15:59:45 04465] [trace] Init: (127.0.0.1:443) Configuring RSA server private key [02/Dec/2000 15:59:45 04465] [warn] Init: (sympa.archi.fr:443) You configured HTTP(80) on the standard HTTPS(443) port! Any advice for generating the certificate or for the httpd.conf file? Thanks in advance -- Anne DURAND GAMSAU - MAP UMR CNRS-MCC n° 694 "Modèles et simulations pour l'Architecture, l'urbanisme et le Paysage" Ecole d'Architecture de Marseille 184 av de Luminy 13288 Marseille Cedex 09 tel : 04 91 82 71 62/70 - fax : 04 91 82 71 71 mel : [EMAIL PROTECTED] http : www.map.archi.fr __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]