Re: problem compiling on windows
I suggest you follow the procedure in the openssl source package (install.w32) instead of using the perl commands in the apache httpd documentation. This worked fine for me. HTH michael -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von b h Gesendet: Freitag, 3. Juni 2005 00:34 An: modssl-users@modssl.org Betreff: problem compiling on windows Hi to begin, platform winxp pro, visual studio 6 I downloaded and extracted httpd-2.0.54-win32-src.zip, openssl-0.9.7g.tar.gz from their respective websites. And I was following http://httpd.apache.org/docs-2.0/platform/win_compiling.html I placed awk.exe in the path, extracted all the openssl files into srclib/openssl, ran all the perl lines configuring, and nmaking in the srclib/openssl directory (and they seemed to work without any error)... but then when running nmake /f Makefile.win _apacher after a couple minutes I end up with fatal errors: see last few lines before the error following... - Creating library .\Release\mod_proxy.lib and object .\Release\mod_proxy.exp NMAKE -nologo -f mod_proxy_connect.mak CFG=mod_proxy_connect - Win32 Release RECURSE=0 tempfile.bat cl.exe @C:\DOCUME~1\brad\LOCALS~1\Temp\nma00480. proxy_connect.c link.exe @C:\DOCUME~1\brad\LOCALS~1\Temp\nmb00480. Creating library .\Release\mod_proxy_connect.lib and object .\Release\mod_proxy_connect.exp NMAKE -nologo -f mod_proxy_ftp.mak CFG=mod_proxy_ftp - Win32 Release RECURSE=0 tempfile.bat cl.exe @C:\DOCUME~1\brad\LOCALS~1\Temp\nma03996. proxy_ftp.c link.exe @C:\DOCUME~1\brad\LOCALS~1\Temp\nmb03996. Creating library .\Release\mod_proxy_ftp.lib and object .\Release\mod_proxy_ftp.exp NMAKE -nologo -f mod_proxy_http.mak CFG=mod_proxy_http - Win32 Release RECURSE=0 tempfile.bat cl.exe @C:\DOCUME~1\brad\LOCALS~1\Temp\nma01708. proxy_http.c link.exe @C:\DOCUME~1\brad\LOCALS~1\Temp\nmb01708. Creating library .\Release\mod_proxy_http.lib and object .\Release\mod_proxy_http.exp cd ..\.. cd modules\ssl NMAKE -nologo -f mod_ssl.mak CFG=mod_ssl - Win32 Release RECURSE=0 .\Release\mod_ssl.so NMAKE : fatal error U1073: don't know how to make '..\..\srclib\openssl\inc32\openssl\asn1.h' Stop. NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio\VC98\bin\NMAKE.EXE' : return code '0x2' Stop. NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio\VC98\bin\NMAKE.EXE' : return code '0x2' Stop. C:\Documents and Settings\brad\Desktop\httpd-2.0.54 everything was working perfectly and I thought I was following all the instructions properly. What did I forget to do or can anyone tell me what is wrong? I ask here because it seems to be in the mod_ssl portion at that time. Please let me know if there is a more appropriate place to ask. (And I know it's rude to ask, but please cc me in any responses) thanks b. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
AW: SSLSessionCaching on Win32
...depends on your configuration. SSLSessionCache works fine with my apache 1.3.27, but I had some problems with apache 2. with 2.0.39, session cache was not honoured on win32 (bugzilla 10170), but this may have changed in the meantime. rgds michael -Ursprüngliche Nachricht- Von: Wilkins, Craig [mailto:[EMAIL PROTECTED]] Gesendet: Montag, 13. Januar 2003 17:09 An: '[EMAIL PROTECTED]' Betreff: SSLSessionCaching on Win32 I am having trouble getting the SSLSessionCache directive working on Win NT and have been unable to find any examples or information where others have been able to implement this. Does anyone know if this directive is supported on Win32? __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: mod ssl for windows
...this _does_ work with mod_jserv, as long as it's compiled with -DEAPI. binaries are available in the modssl contributions section. rgds michael -Ursprungliche Nachricht- Von: Noah White [mailto:[EMAIL PROTECTED]] Gesendet: Donnerstag, 11. Juli 2002 16:40 An: '[EMAIL PROTECTED]' Betreff: RE: mod ssl for windows Just as an FYI. This does not work with mod_jserv. -Original Message- From: JOURDAIN Philippe [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 11, 2002 10:41 AM To: [EMAIL PROTECTED] Subject: RE: mod ssl for windows http://www.modssl.org/contrib/Apache_1.3.26-Mod_SSL_2.8.10-Ope nSSL_0.9.6d- Wi n32.zip __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
AW: mod ssl for windows
Hi Currently have a system working fine under Apache 1.3.19 on NT but cannot find a version of mod_ssl.so for NT that will work with 1.3.26. Does one exist? Any info gratefully received Alex http://www.modssl.org/contrib/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Apache 2.0.37-dev +mod_ssl win32 binaries
for testing purposes, i have compiled a 2.0.37-dev snapshot on NT. as there doesn't seem to be any apache 2 binaries with mod_ssl around, i have put them in the modssl user contribution area. they are not intended to be used in a production environment, of course ;-) regards michael __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Apache 2.0.37-dev +mod_ssl win32 binaries
for testing purposes, i have compiled a 2.0.37-dev snapshot on NT. as there doesn't seem to be any apache 2 binaries with mod_ssl around, i have put them in the modssl user contribution area. they are not intended to be used in a production environment, of course ;-) regards michael __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
AW: Re: WIN32-apache 1.3.x (windows NT) problem of serving concurrent https requests
-Ursprüngliche Nachricht- Von: Johannes Bertscheit [mailto:[EMAIL PROTECTED]] Gesendet: Samstag, 4. Mai 2002 19:27 An: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Betreff: Re: Re: WIN32-apache 1.3.x (windows NT) problem of serving concurrent https requests (cut) Are there any people out there - stating that they have a apache mod_ssl running on windows NT RELIABLE ??? johannes hmm.. now this calls for an answer. we are running ssl-enabled apache on NT since end 99, first ibm http server 1.3.6.2 with 56bit ssl encryption, since december 01 Apache/1.3.22 (Win32) mod_jk/1.2.0 ApacheJServ/1.1.2 mod_ssl/2.8.5 OpenSSL/0.9.6b. there were some crashes with mod_ssl in the beginning, but none since i set KeepAlive Off in httpd.conf. average hits per day on the webserver are 100k. availability ist 99.97% over the past 2 months, the remaining 0.03% are caused by hardware changes. the only unplanned reboot since start of production on this machine in may 99 was due to someone pulling out the power cable between server and ups. michael -Ursprüngliche Nachricht- Von: Johannes Bertscheit [mailto:[EMAIL PROTECTED]] Gesendet: Samstag, 4. Mai 2002 19:27 An: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Betreff: Re: Re: WIN32-apache 1.3.x (windows NT) problem of serving concurrent https requests (cut) Are there any people out there - stating that they have a apache mod_ssl running on windows NT RELIABLE ??? johannes __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: How to install mod_ssl + mod_webapp?
i did compile a post-1.1.2 EAPI version of mod_jserv which works fine - and without warnings - with my configuration (apache 1.3.22/mod_ssl 2.8.5): http://www.modssl.org/contrib/mod_jserv-1.1.3-dev-eapi-WIN32.zip ...had to set KeepAlive Off in httpd.conf however (BUG #569) to get production quality. michael -Ursprungliche Nachricht- Von: Will Guaraldi [mailto:[EMAIL PROTECTED]] Gesendet: Freitag, 22. Februar 2002 15:36 An: [EMAIL PROTECTED] Betreff: RE: How to install mod_ssl + mod_webapp? For the record, we're running Apache 1.3.20/mod_ssl 2.8.4 with ApacheJServer 1.1.2 and we get the same warning when it loads JServ that you get with mod_webapp.c and our application works fine. So you might not have to recompile the mod_webapp module with -DEAPI. /will -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Wes Barris Sent: Thursday, February 21, 2002 5:21 PM To: modssl list Subject: How to install mod_ssl + mod_webapp? We are currently using Jakarta-tomcat-4.0.1 with Apache httpd 1.3.22 (binary distributions for linux downloaded from the www.apache.org website). I also have mod_webapp installed (downloaded from the same website). Now, I want to add mod_ssl functionality to this mix. From what I gather from the www.modssl.org website, I must throw away what I have and compile from sources in order to use mod_ssl. I followed the instructions on this page: http://www.modssl.org/example/ and everything seemed to build properly. After copying mod_ssl.so to the new ./libexec directory and adding the following two lines to ./conf/httpd.conf: LoadModule webapp_module libexec/mod_webapp.so AddModule mod_webapp.c I get this error message: root@redhat# /usr/local/apache-ssl/bin/apachectl configtest [Wed Feb 20 15:59:04 2002] [warn] Loaded DSO libexec/mod_webapp.so uses plain Apache 1.3 API, this module might crash under EAPI! (please recompile it with -DEAPI) [Wed Feb 20 15:59:04 2002] [warn] module mod_webapp.c is already added, skipping Syntax OK I can read the words but I don't really know what to do. It seems to be saying that I have to compile mod_webapp using -DEAPI. Can anyone provide some guidance? -- Wes Barris E-Mail: [EMAIL PROTECTED] Phone: 07-3346-2504 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
AW: Connection hangs when using SSL
habe you set Listen 443 in your conf? -Ursprungliche Nachricht- Von: Ken Tune [mailto:[EMAIL PROTECTED]] Gesendet: Montag, 4. Februar 2002 19:03 An: '[EMAIL PROTECTED]' Betreff: Connection hangs when using SSL I'm trying to get Apache up and running on WinNT, with SSL I'm using Apache/1.3.19 (Win32) mod_ssl/2.8.3 OpenSSL/0.9.6a My Apache config is as follows ... SSLMutex sem SSLRandomSeed startup builtin SSLRandomSeed connect builtin SSLSessionCache none SSLLog logs/SSL.log SSLLogLevel debug VirtualHost MY_HOST:443 ServerName MY_HOST SSLEngine on SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile D:/apache/ssl/my-server.cert SSLCertificateKeyFile D:/apache/ssl/my-server.key SetEnvIf User-Agent .*MSIE.* \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_request_log combined /VirtualHost My problem is that when I issue https://MY_HOST through the browser the browser simply hangs - there's no response from apache. If I try and connect to 443 directly using openssl I get $ openssl s_client -connect MY_HOST:443 -state -debug CONNECTED(0003) SSL_connect:before/connect initialization write to 0A01ED48 [0A01F788] (130 bytes = 130 (0x82)) - 80 80 01 03 01 00 57 00-00 00 20 00 00 16 00 00 ..W... . 0010 - 13 00 00 0a 07 00 c0 00-00 66 00 00 07 00 00 05 .f.. 0020 - 00 00 04 05 00 80 03 00-80 01 00 80 08 00 80 00 0030 - 00 65 00 00 64 00 00 63-00 00 62 00 00 61 00 00 .e..d..c..b..a.. 0040 - 60 00 00 15 00 00 12 00-00 09 06 00 40 00 00 14 `...@... 0050 - 00 00 11 00 00 08 00 00-06 00 00 03 04 00 80 02 0060 - 00 80 46 fe 76 0c 2a 63-8a 04 72 25 77 e3 3c 15 ..F.v.*c..r%w.. 0070 - 22 77 46 a4 69 b9 20 85-03 7d 7b ad 85 b9 db ed wF.i. ..}{. 0080 - b6 1c .. SSL_connect:SSLv2/v3 write client hello A ... and nothing more. I've tried using the -ssl2 and -ssl3 flags, but get the same result. I've tried connecting using telnet and trying to speak http to the port and that doesn't work so that's not the issue. Furthermore, when I try and connect I get an entry in my ssl.log ... [04/Feb/2002 17:01:01 00193] [info] Connection to child 4 established (server MY_HOST:443, client MY_IP) Any suggestions gratefully received Regards Ken Tune __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Apache modssl last release ...
[ Falk Großwig ] wrote: Hello, i just installed the mod_ssl for Apache. First it workes fine, but i cant tell how, the Apache shuts down the mod_ssl ... i cant reach the mod_ssl url if i open a new browser window. VirtualHost ssl.design-4-you.ath.cx ServerAdmin [EMAIL PROTECTED] ServerName design-4-you DocumentRoot E:/Server/secure/ ErrorLog E:/Server/logs/secure.design-4-you.ath.cx-error_log CustomLog E:/Server/logs/secure.design-4-you.ath.cx-access_log common SSLEngine On SSLCertificateFile conf/ssl/www.design-4-you.ath.cx.cert SSLCertificateKeyFile conf/ssl/www.design-4-you.ath.cx.key /VirtualHost So this is your SSL VH? First, you need: Listen 443 before the VH so apache listens to port 443, which is where SSL works. Second, you need to define port 443 in the VH, i.e. VirtualHost ssl.design-4-you.ath.cx:443 Third, you need to start apache with SSL. In unix, the command is: # apachectl startssl or (more primitively) # ./httpd -DSSL check the docs for the appropriate command under windows. ...which would be apache -D SSL Fourth, your apache needs to be compiled with the -EAPI flag, otherwise mod_ssl will not work. if you use a binary distribution, this is most probably not the case. AFAIK there is no such distribution for 1.3.22 /win32. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
mutex warnings
Hi Group I'm running the following: Apache/1.3.22 (Win32) mod_jk/1.1.0 tomcat/1.0 mod_ssl/2.8.5 OpenSSL/0.9.6b with the standard settings for win32. everything fine with this, except that I get a lot (up to 7 per second) warnings: [10/Dez/2001 09:23:45 00393] [warn] Failed to release global mutex lock could anybody explain what this means, and if there's anything that can be done about it - besides setting log level to error;-) thanks Michael __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: [BugDB] Configuration problems (PR#640)
the following conf might work: ... ... # restrict general server conf to localhost BindAddress 127.0.0.1 ... ... IfDefine HAVE_SSL Listen 80 Listen 443 /IfDefine IfDefine HAVE_SSL ## ## SSL Virtual Host Context ## VirtualHost 20.30.70.40:443 ... ... /VirtualHost VirtualHost 20.30.70.40:80 ... ... /VirtualHost VirtualHost 20.30.70.48:443 ... ... /VirtualHost VirtualHost 20.30.70.48:80 ... ... /VirtualHost /IfDefine -Ursprungliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Gesendet: Montag, 10. Dezember 2001 22:52 An: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Betreff: [BugDB] Configuration problems (PR#640) Full_Name: Version: 2.8.5 OS: Linux Submission from: (NULL) (216.72.177.4) I have defined 2 domains in one server, based on IP address my etc/hosts file is like: 20.30.70.40server_namewww.domain_A domain_A 20.30.70.48 server_name www.domain_B domain_B my httpd.conf is like .. .. .. Listen 80 NameVirtualHost 20.30.70.40 VirtualHost 20.30.70.40 ServerAdmin admin@domain_A DocumentRoot /home/httpd/file_A/www ServerName Domain_A Directory Index htm html cgi ### Directory /home/httpd/file_A/www/ order allow,deny Options Indexes Includes FollowSymLinks ExecCGI deny from all /Directory ErrorLog logs/Domain_A-error_log CustomLog /var/log/httpd/Domain_A-access_log common /VirtualHost VirtualHost 20.30.70.48 DocumentRoot /home/httpd/domain_B ServerName www.domain_B ServerAdmin admin@domain_B ErrorLog /var/log/httpd/domain_B-error_log CustomLog /var/log/httpd/domain_B-access_log common DirectoryIndex index.htm index.html Directory /home/httpd/domain_B AllowOverride None Options Indexes Includes FollowSymLinks ExecCGI Order allow,deny Allow from all /Directory /VirtualHost IfDefine HAVE_SSL ## ## SSL Virtual Host Context ## Listen 443 VirtualHost 20.30.70.40:443 DocumentRoot /home/httpd/domain_A/www ServerName www.domain_A SSLEngine on SSLProtocol all -SSLv3 # Server Certificate: SSLCertificateFile /etc/httpd/conf/propio/certisur_A.crt # Server Private Key: SSLCertificateKeyFile /etc/httpd/conf/propio/server_A.key Files ~ \.(cgi|shtml)$ SSLOptions +StdEnvVars /Files Directory /var/www/cgi-bin SSLOptions +StdEnvVars /Directory SetEnvIf User-Agent .*MSIE.* nokeepalive ssl-unclean-shutdown CustomLog /var/log/httpd/ssl_request_log \ %t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \%r\ %b /VirtualHost VirtualHost 20.30.70.48:443 ServerName www.Domain_B DocumentRoot /home/httpd/domain_B Directory /home/httpd/domain_B AllowOverride None Options Indexes Includes FollowSymLinks ExecCGI Order allow,deny Allow from all /Directory SSLEngine on SSLProtocol all -SSLv3 SSLCertificateFile /etc/httpd/conf/mallgallery/certisur_B.crt SSLCertificateKeyFile /etc/httpd/conf/mallgallery/server_B.key Files ~ \.(cgi|shtml)$ SSLOptions +StdEnvVars /Files Directory /var/www/cgi-bin SSLOptions +StdEnvVars /Directory CustomLog /var/log/httpd/ssl_request_log \ %t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \%r\ %b /VirtualHost /IfDefine If I call Domain_A or Domain_B in non secure operation(hhttp) I haven't problems, but if in secure conditions (https) the server only respond to Domain_A calls I waiting for some comments please __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]