subject:"Yup, SSL question"

Re: Yup, SSL question

2001-10-18 Thread Steve Best




Nevermind, I have found the keystore and have 
imported the certificate. I believe my problems now have to do with our 
clustering/load balancing configuration. We are currently using an Alteon 
Acedirector 3 for our load balancer. We are also using clustering to 
maintain sessions. I think the error I have been getting:

"Error listening to SSLServerSocket: No available 
certificate corresponds to the SSL cipher suites which are 
enabled."

is because our certificate is for our virtual IP, 
and not for our local machine, and therefore Orion is unable to load the 
certificate correctly because it isnt for the local host. The question is, 
how do I configure Orion to load a certificate for our virtual site? Here 
is my configuration, with some entries modified to protect the 
innocent:

web-site host="localhost.simpledevices.com" 
port="8443" cluster-island="1" secure="true" display-name="SMS 
WebSite" default-web-app 
application="sms" name="sms-web" 
shared="true" 
load-on-startup="false" / 
ssl-config keystore="../keys/keystore" keystore-password="123456" 
/ frontend 
host="virtual.simpledevices.com" 
port="443"/ access-log 
path="../log/sms-web-access.log" //web-site

I have tried setting the web-site host="[ALL]", but 
I get an error saying I cannot cluster with that configuration. Though I 
no longer get the SSLServerSocket error.

Thanks for any help,
Steve


  - Original Message - 
  From: 
  Steve 
  Best 
  To: Orion-Interest 
  Sent: Wednesday, October 17, 2001 3:43 
  PM
  Subject: Yup, SSL question
  
  So, I do not have the original keystore file 
  generated during the certificate request, but I have the original certificate 
  request private key file, as well as the certificate file from Thawte. 
  How do I get them both into a working keystore? 
  
  Steve

RE: Yup, SSL question

2001-10-18 Thread The elephantwalker




use a 
virtual-hosts attribute in your web-site tag...I also use the EXACT ip address 
in host:

web-site host="localhost.simpledevices.com" port="8443" 
cluster-island="1" secure="true" virtual-host="secure.simpledevices.com or 
whatever the ssl certificate supports" display-name="SMS 
WebSite"


regards,

the 
elephantwalker
www.elephantwalker.com

.ps I 
am glad your Alteonloadbalancer works, because the orion loadbalancer.jar 
can't use ssl ;(...its broken in 1.5.2. My main question is ... aren't you using 
Alteon as you ssl accelerator...and if so, why are the backends in 
ssl?


  -Original Message-From: 
  [EMAIL PROTECTED] 
  [mailto:[EMAIL PROTECTED]]On Behalf Of Steve 
  BestSent: Thursday, October 18, 2001 11:36 AMTo: 
  Orion-InterestSubject: Re: Yup, SSL question
  Nevermind, I have found the keystore and have 
  imported the certificate. I believe my problems now have to do with our 
  clustering/load balancing configuration. We are currently using an 
  Alteon Acedirector 3 for our load balancer. We are also using clustering 
  to maintain sessions. I think the error I have been 
getting:
  
  "Error listening to SSLServerSocket: No available 
  certificate corresponds to the SSL cipher suites which are 
  enabled."
  
  is because our certificate is for our virtual IP, 
  and not for our local machine, and therefore Orion is unable to load the 
  certificate correctly because it isnt for the local host. The question 
  is, how do I configure Orion to load a certificate for our virtual site? 
  Here is my configuration, with some entries modified to protect the 
  innocent:
  
  web-site host="localhost.simpledevices.com" 
  port="8443" cluster-island="1" secure="true" display-name="SMS 
  WebSite" default-web-app 
  application="sms" name="sms-web" 
  shared="true" 
  load-on-startup="false" / 
  ssl-config keystore="../keys/keystore" keystore-password="123456" 
  / frontend 
  host="virtual.simpledevices.com" 
  port="443"/ access-log 
  path="../log/sms-web-access.log" //web-site
  
  I have tried setting the web-site host="[ALL]", 
  but I get an error saying I cannot cluster with that configuration. 
  Though I no longer get the SSLServerSocket error.
  
  Thanks for any help,
  Steve
  
  
- Original Message - 
From: 
Steve 
Best 
To: Orion-Interest 
Sent: Wednesday, October 17, 2001 3:43 
PM
Subject: Yup, SSL question

So, I do not have the original keystore file 
generated during the certificate request, but I have the original 
certificate request private key file, as well as the certificate file from 
Thawte. How do I get them both into a working keystore? 


Steve

Fw: Yup, SSL question

2001-10-18 Thread Steve Best

- Original Message - 
From: Steve 
Best 
To: Orion-Interest 
Sent: Thursday, October 18, 2001 11:35 AM
Subject: Re: Yup, SSL question

Nevermind, I have found the keystore and have 
imported the certificate. I believe my problems now have to do with our 
clustering/load balancing configuration. We are currently using an Alteon 
Acedirector 3 for our load balancer. We are also using clustering to 
maintain sessions. I think the error I have been getting:

"Error listening to SSLServerSocket: No available 
certificate corresponds to the SSL cipher suites which are 
enabled."

is because our certificate is for our virtual IP, 
and not for our local machine, and therefore Orion is unable to load the 
certificate correctly because it isnt for the local host. The question is, 
how do I configure Orion to load a certificate for our virtual site? Here 
is my configuration, with some entries modified to protect the 
innocent:

web-site host="localhost.simpledevices.com" 
port="8443" cluster-island="1" secure="true" display-name="SMS 
WebSite" default-web-app 
application="sms" name="sms-web" 
shared="true" 
load-on-startup="false" / 
ssl-config keystore="../keys/keystore" keystore-password="123456" 
/ frontend 
host="virtual.simpledevices.com" 
port="443"/ access-log 
path="../log/sms-web-access.log" //web-site

I have tried setting the web-site host="[ALL]", but 
I get an error saying I cannot cluster with that configuration. Though I 
no longer get the SSLServerSocket error.

Thanks for any help,
Steve

  - Original Message - 
  From: 
  Steve 
  Best 
  To: Orion-Interest 
  Sent: Wednesday, October 17, 2001 3:43 
  PM
  Subject: Yup, SSL question

  So, I do not have the original keystore file 
  generated during the certificate request, but I have the original certificate 
  request private key file, as well as the certificate file from Thawte. 
  How do I get them both into a working keystore? 

  Steve

Re: Yup, SSL question

2001-10-18 Thread Greg Matthews




sorry if i'm off track here??, but last time i 
checked, orion couldn't cluster + SSL at the same time.

ithink it's orion bugzilla defect 525 from 
memory, since i spent some time investigating it. i think elephantwalker is a 
bit of an expert on this particular issue.

you can cluster, and you can setup SSL, but just 
not at the same time.


  - Original Message - 
  From: 
  Steve 
  Best 
  To: Orion-Interest 
  Sent: Friday, October 19, 2001 4:35 
  AM
  Subject: Re: Yup, SSL question
  
  Nevermind, I have found the keystore and have 
  imported the certificate. I believe my problems now have to do with our 
  clustering/load balancing configuration. We are currently using an 
  Alteon Acedirector 3 for our load balancer. We are also using clustering 
  to maintain sessions. I think the error I have been 
getting:
  
  "Error listening to SSLServerSocket: No available 
  certificate corresponds to the SSL cipher suites which are 
  enabled."
  
  is because our certificate is for our virtual IP, 
  and not for our local machine, and therefore Orion is unable to load the 
  certificate correctly because it isnt for the local host. The question 
  is, how do I configure Orion to load a certificate for our virtual site? 
  Here is my configuration, with some entries modified to protect the 
  innocent:
  
  web-site host="localhost.simpledevices.com" 
  port="8443" cluster-island="1" secure="true" display-name="SMS 
  WebSite" default-web-app 
  application="sms" name="sms-web" 
  shared="true" 
  load-on-startup="false" / 
  ssl-config keystore="../keys/keystore" keystore-password="123456" 
  / frontend 
  host="virtual.simpledevices.com" 
  port="443"/ access-log 
  path="../log/sms-web-access.log" //web-site
  
  I have tried setting the web-site host="[ALL]", 
  but I get an error saying I cannot cluster with that configuration. 
  Though I no longer get the SSLServerSocket error.
  
  Thanks for any help,
  Steve
  
  
    - Original Message - 
From: 
Steve 
Best 
To: Orion-Interest 
Sent: Wednesday, October 17, 2001 3:43 
PM
Subject: Yup, SSL question

So, I do not have the original keystore file 
generated during the certificate request, but I have the original 
certificate request private key file, as well as the certificate file from 
Thawte. How do I get them both into a working keystore? 


Steve

Yup, SSL question

2001-10-17 Thread Steve Best




So, I do not have the original keystore file 
generated during the certificate request, but I have the original certificate 
request private key file, as well as the certificate file from Thawte. How 
do I get them both into a working keystore? 

Steve

Re: Yup, SSL question

RE: Yup, SSL question

Fw: Yup, SSL question

Re: Yup, SSL question

Yup, SSL question

5 matches

Site Navigation

Mail list logo

Footer information