Re: Apache-SSL Configuration

2000-08-30 Thread tk dev 

hi kai yin,

 we are using Apache + openssl + mod_ssl
 and i have installed all of stuff
 but i dont know how to activated it 
 if i have webpages wanted to run under ssl.
 
 i know that i should place pages in htdocs if such
 pages don't run
 ssl.

don't know what u meant by activating, do u mean u
want to run apache with ssl?
if that's the case then u can try 
/path/to/apachectl startssl (stop,start)
or u check your /usr/local/apache/bin/httpd file
make sure the following line is there:
startproc /usr/local/apache/bin/httpd -f \
/usr/local/apache/conf/httpd.conf -D SSL

if u've that it should automatically b started when u
start your linux. pls customize the directories
according to your setup. anor assumption is that your
apache is 'standalone', i.e. not started by inetd.

good luck!
tk

=
0Oo~~:o)
Smile! You'r Alive!!!

Q:What's peacefulness?
A:What's confusion? Peacefulness is the end of confusion.

o.0.Oo.o May there be peace in every step we take :o):tk

__
Do You Yahoo!?
Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: how do i know the version how to start https

2000-08-24 Thread tk dev 

hi,

i'm sorry if i've offended u so greatly...but i really
have no idea that i can find the source of this
trouble...
honestly i've used man openssl etc but there's an
error saying no such man page.

i'm also new with apache: yes i'm still striving,
thanks for your hint on what to read.

N.B. i apologize too to all those who find my ques -
irrelavant.

tk
--- [EMAIL PROTECTED] wrote:
 
 In order:
 Hi.
 Really, I would never have guessed. I thought you
 might have some insight
 (other than you're too lazy to read *massive* man
 pages) to contribute.
 1. Read up gasp on server-status - failing this:
 check your expletive
 deleted apache logs.
 2. Read up on the difference between static and
 dynamic linking. The
 version of the libraries Netscape is using may or
 may not be the latest and
 greatest version you have installed on your system.
 (Notice there is no
 sarcastic gasp on this answer because this is the
 only question you could
 not reasonably be expected to puzzle out for
 yourself before wasting the
 time of the participants on this mailing list.)
 3. RTF install document gasp.
 
 You are not welcome. Why, because you don't have to
 learn to read? If you
 had made *ANY* effort whatsoever it would be
 different.
 
 
 
 
 
 tk dev [EMAIL PROTECTED] on 08/24/2000 03:03:03 PM
 
 Please respond to [EMAIL PROTECTED]
 
 To:   modssluser [EMAIL PROTECTED],
 openssluser
   [EMAIL PROTECTED], suse
 [EMAIL PROTECTED],
   suse-security [EMAIL PROTECTED]
 cc:
 Subject:  how do i know the version  how to start
 https
 
 
 
 
 hi all
 
 i've some ques re modssl,openssl  apache-would b
 glad
 to hear from u all.
 (i'm using suse6.4,kernel2.2.16 - also installed
 modssl/2.62  openssl/0.95 together with suse6.4)
 
 1. how do i know the version for openssl  modssl
 that's running on my system?
 
 2.i've downloaded  installed openssl/0.95a,without
 any error message- yet when i open netscape
 communicator(for suse6.4 users = it'll show the
 apache
 version,openssl,modssl version etc)  the version
 shown
 is still 0.95!!
 what should i do so that i'm using the latest
 openssl?btw, how do i know that's it's running the
 latest version i've installed ?- should i delete the
 old version, how?
 
 3.as i know, modssl  apache-ssl is different.  how
 should i  start apache after i enabled ssl? should i
 stop the current apache? should i change/start/stop
 any daemon?
 
 pls advise  thanks in advance.  thanks also to all
 u've been so helpful  answered many of the ques in
 this list...one reason why i love linux/open system
 so
 much.
 
 cheers
 tk
 
 =
 0Oo~~:o)
 Smile! You'r Alive!!!
 
 Q:What's peacefulness?
 A:What's confusion? Peacefulness is the end of
 confusion.
 
 o.0.Oo.o May there be peace in every step we take
 :o):tk
 
 __
 Do You Yahoo!?
 Yahoo! Mail - Free email you can access from
 anywhere!
 http://mail.yahoo.com/

__
 Apache Interface to OpenSSL (mod_ssl)   
www.modssl.org
 User Support Mailing List 
 [EMAIL PROTECTED]
 Automated List Manager   
 [EMAIL PROTECTED]
 
 
 
 
 
 

**
 Important Note
 This email (including any attachments) contains
 information which is 
 confidential and may be subject to legal privilege. 
 If you are not 
 the intended recipient you must not use, distribute
 or copy this 
 email.  If you have received this email in error
 please notify the 
 sender immediately and delete this email. Any views
 expressed in this 
 email are not necessarily the views of AXA.   Thank
 you.

**

__
 Apache Interface to OpenSSL (mod_ssl)   
www.modssl.org
 User Support Mailing List 
 [EMAIL PROTECTED]
 Automated List Manager   
[EMAIL PROTECTED]


=
0Oo~~:o)
Smile! You'r Alive!!!

Q:What's peacefulness?
A:What's confusion? Peacefulness is the end of confusion.

o.0.Oo.o May there be peace in every step we take :o):tk

__
Do You Yahoo!?
Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

apache modssl

2000-08-24 Thread tk dev 

hi all

i've installed suse6.4 together with apache.
when i check the version 
#rpm -qa | grep apache
what i got was apache-1.3.12-15

the directories with apache are
/usr/lib/apache  : contains all mod.so
/usr/include/apache : files *.h
the binary is in /sbin/init.d/apache


my ques is :
when i configure mod_ssl with
./configure --with-apache=/usr/lib/apache (i've tried
all the above directories) i'd get an error message:
-cannot find apache 1.3 source tree.
what should i do? reinstall apache  recompile?
i don't understand why is it when i installed apache
with openssl/0.9.5  mod_ssl/2.6.2 nothing seemed to
work?(a lot of things is missing e.g. sign.sh etc -
that's why i'm forced to reinstall openssl  modssll-
now maybe even apache!)
Is Suse 6.4 with bug?


thanks for your answers.
tk

 

=
0Oo~~:o)
Smile! You'r Alive!!!

Q:What's peacefulness?
A:What's confusion? Peacefulness is the end of confusion.

o.0.Oo.o May there be peace in every step we take :o):tk

__
Do You Yahoo!?
Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

how do i generate CA/certs : esp with CA.pl

2000-08-23 Thread tk dev 

hi all

i've been trying to generate certificates - following
mod_ssl user manual. unfortunately i can't find
sign.sh to sign my server.csr.

p.s.
i'm using suse6.4,kernel2.2.16;installed with
mod_ssl/2.62  openssl/0.95.

anyway i've downloaded openssl/0.95a  install it. 
i've found CA.pl: as i know this is one program to
generate certificates.

but when i tried CA.pl -newca it only come up with a
dir (demoCA) with some .pem files inside. i want a
real SSL cert with names which i specify.  how do i go
about doing that?...the man page of CA.pl is so
massive  i don't know what to do to have -x509(just
like the one used by openssl).

pls advise me what to do with CA.pl/how to get other
scripts that enable me to create cert.

thanks a lot for your help.

tk

=
0Oo~~:o)
Smile! You'r Alive!!!

Q:What's peacefulness?
A:What's confusion? Peacefulness is the end of confusion.

o.0.Oo.o May there be peace in every step we take :o):tk

__
Do You Yahoo!?
Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

signing own ca(certificate authority)

2000-08-18 Thread tk dev 

hi all,

ust read the mod_ssl manual -faq section.
i'm referring to the ques:

how can i create and use my own certificate
authority(ca)?
- i can follow until step 2, which is creating a
self-signed ca.

unfortunately when it comes to step 3...which stated
that i need the 'sign.sh', i can't find this program.

so when i type in 'openssl ca' there's an error
message:

Using configuration from /usr/ssl/openssl.cnf
./demoCA/private/cakey.pem:No such file or directory
trying to load CA private key
436:error:02001002:system library:fopen:system
lib:bss_file.c:245:fopen('./demoCA/private/cakey.pem',
'r')
436:error:20074002:BIO routines:FILE_CTRL:system
lib:bss_file.c:247:


when i follow thru with step 4:
./sign.sh server.csr
not surprising the error:
./sign.sh:No such file or directory appeared.

n.b.
i'm using suse 6.4,kernel2.2.14.
during the installation i've installed
mod_ssl/2.6.2,openssl/0.95 as well as apache1.3.12

pls, how should i solve this problem.

thanks a million for your help.

cheers
tk



=
0Oo~~:o)
Smile! You'r Alive!!!

Q:What's peacefulness?
A:What's confusion? Peacefulness is the end of confusion.

o.0.Oo.o May there be peace in every step we take :o):tk

__
Do You Yahoo!?
Send instant messages  get email alerts with Yahoo! Messenger.
http://im.yahoo.com/
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]