I installed openSSL with mod_ssl, and I can access
my site using https://blah.com and I get a
popup box telling me about a security issue and if I want to accept this. When I
have visited other sites that are secure, it dosent ask me to accept anything.
In my certificate it says its not
Mike,
The
reasoning behind that message is that you haven't purchased a certificate from a
valid certificate store. The bought my companies at
verisign.com.
If
youare not releasing thisweb app to the public you could simply
install thecertificate andyou shouldn't get the message
again.
Hi,
will there be a new version of mod_ssl for the security fixed openssl
0.9.6e and openssl-engine 0.9.6e or is it safe to use mod_ssl 2.8.10.
If there will be a new version: is there an expected release date/time?
Thanks for any answers!
Rainer Jung
kippdata informationstechnologie GmbH
On Wed, Jul 31, 2002 at 11:40:42AM +0200, Rainer Jung wrote:
Hi,
will there be a new version of mod_ssl for the security fixed openssl
0.9.6e and openssl-engine 0.9.6e or is it safe to use mod_ssl 2.8.10.
It should be safe to use mod_ssl 2.8.10. The API of openssl did not change
when
Greetings all,
I'm curious if anyone has come across issues with starting apache
using -
# $APACHE_HOME/bin/apachectl startssl
and then having apache hang when issuing this -
# $APACHE_HOME/bin/apachectl restart
I'm running 1.3.26 with the latest mod_ssl on Solaris 8. I don't get
any error
Hi,
yes, there is a new version of mm available on http://www.ossp.org/pkg/lib/mm/
( Status: Stable Version: 1.2.1 (28-Jul-2002) )
The advisory is here: http://www.openpkg.org/security/OpenPKG-SA-2002.007-mm.html
Kind regards,
Bert Courtin
-Original Message-
From: R.
But I did a self-signed cert for testing purposes. Shouldn't that work?
--
Matt
At 04:34 PM 7/31/2002 +1000, you wrote:
Mike,
The reasoning behind that message is that you haven't purchased a
certificate from a valid certificate store. The bought my companies at
verisign.com.
If you are
No, because your browser does not have the signing authority in its list of
trusted / root CAs. There are three options, but really only two are
practical. The first would be to just import the certificate the first time
you see this pop up and you can do that by clicking on View certificate
From: Sean M Alderman [mailto:[EMAIL PROTECTED]]
Greetings all,
I'm curious if anyone has come across issues with starting apache
using -
# $APACHE_HOME/bin/apachectl startssl
and then having apache hang when issuing this -
# $APACHE_HOME/bin/apachectl restart
I'm running 1.3.26 with the
From: Svein E. Seldal [mailto:[EMAIL PROTECTED]]
Hi guys,
I want to run a http server on port 81 which should only be
available to
the localnet, say 192.168.0.x/24 *and* on https with client
certificates
from the whole world. No passwords should be used in neither methodes.
Now I've got
But I'm never even getting a response on the browser, httpd is never even
starting due to this error. I thought I had it corrected this morning, the
log kept complaining about not finding the cert, I worked with that for a
while, then came back to the same error. Frustrating, but I'm not
From: Matt Nelson [mailto:[EMAIL PROTECTED]]
Now, the error I'm getting now that I can't seem to find any
help on, in
the error_log is:
OpenSSL: error:0D06B078:asn1 encoding routines:ASN1_get_object:header too long
Unusual.. Do you see anything in the browser? Also:
- What versions of
At 03:56 PM 7/31/2002 +0200, you wrote:
From: Matt Nelson [mailto:[EMAIL PROTECTED]]
Now, the error I'm getting now that I can't seem to find any
help on, in
the error_log is:
OpenSSL: error:0D06B078:asn1 encoding routines:ASN1_get_object:header
too long
Unusual.. Do you see
Well I may have figured this out, https is now running, cert was in the
wrong place, but https returns the default web page for the apache
installation, instead of the real site, which does come up with just
http. I think I can figure that out, but if anyone has pointer
thanks, and thanks
I thought it might be something like that, but typically when I've run
into this, I've made a change to a http virtual host, and all the other
virtual hosts ssl or not, are then not accessible. Maybe apache needs a
better way to reload configs for virtual hosts (such that it doesn't
bother
reloads dont work if your keys are encrypted - is this the case here?
i have happliy sent a sig USR1 to an ssl apache setup each night for two
years - and never a problem - only goes awry if a cert or key changes.
Sean M Alderman wrote:
I thought it might be something like that, but typically
See comments,
Rgds,
Owen Boyle
-Original Message-
From: Matt Nelson [mailto:[EMAIL PROTECTED]]
Sent: Mittwoch, 31. Juli 2002 17:01
To: [EMAIL PROTECTED]
Subject: RE: Error message help
Well I may have figured this out, https is now running, cert
was in the wrong place,
..or your
At 06:02 PM 7/31/2002 +0200, you wrote:
See comments,
Ditto,
Rgds,
Owen Boyle
-Original Message-
From: Matt Nelson [mailto:[EMAIL PROTECTED]]
Sent: Mittwoch, 31. Juli 2002 17:01
To: [EMAIL PROTECTED]
Subject: RE: Error message help
Well I may have figured this out, https is
I just installed the newest version of openssl and recompiled mm, mod_ssl,
mod_perl, and apache. Now when I start apache I get an error from my
httpd.conf file about the SSLSessionCache option. The error is:
SSLSessionCache: shared memory cache not useable on this platform
Well, it was with
configure mod_ssl --with-apache=../apache_1.3.26
Seems like you need to supply mod_ssl with all of the configure directives
you show below for apache, and then when it comes time to compile apache,
you just run the auto-generated config.status script. At least that worked
for me using the same
I'm an idiot. I set the EAPI_MM variable as MM_EAPI. Dyslexia gets you
every time.
Thanks
Dave
Dave Lowenstein
Programmer/Analyst
Instructional Technology Services
San Diego State University
(619)594-0270
http://www-rohan.sdsu.edu/dept/its
On Wed, 31 Jul 2002, David Wall wrote:
configure
I've had difficulties in the past recompiling apache, modssl and openSSL on a Windows
server, can someone please upload the new openSSL_0.9.6e,Mod_SSL_2.8.10, apache 1.26
aware zip please to modsll contribution page?
eg Apache_1.3.26-Mod_SSL_2.8.10-OpenSSL_0.9.6e-Win32.zip
(actually i think
To anyone -
I am attempting to setup Apache-SSL on a large server where most access
is thru normal
port 80 communications but I have three VirtualHosts that require port
443 SSL communications.
We have our certificate (via Thawte). I've tried the port and
SSLEnable/SSLDisable directives
inside
Hello everyone.
I just upgraded my OpenSSL yesterday from 9.6c to 9.6e, then recompiled my
mod_ssl-2.8.10-1.3.26 and Apache on OpenBSD 3.0. Everything seemed to go
fine, but now all my https request are unable to connect. According to all
the docs I've seen the error message suggest changing the
The htpasswd.exe utility in
Apache_2.0.39-Mod_SSL-OpenSSL-0.9.6d-Win32.zip aborts with an error message
when you try to add or update a password. It responds with The
process cannot access the file because it is being used by another
process. I thought perhaps that Apache had not closed
On Wed, Jul 31, 2002 at 12:59:20PM -0500, Cagle Larence G Contr 96 CG/SCTOA wrote:
The htpasswd.exe utility in Apache_2.0.39-Mod_SSL-OpenSSL-0.9.6d-Win32.zip
aborts with an error message when you try to add or update a password. It
responds with The process cannot access the file
26 matches
Mail list logo