Re: [warn] RSA server certificate CommonName (CN) `yin.*' does NOT match server name!?

Hello Owen, After I have set ServerName in the ssl.conf file to yin.fokus.gmd.de, this error [warn] RSA server certificate CommonName (CN) `yin.fokus.gmd.de' does NOT match server name!?does not exist in file error_log. It seems that I can start HTTP secure server ... ( I think that I have

autosigning certificate

Hi all, I tried to use my own CA in order to sign the CSR previously produced. Following what I got: [naunx04:aspprod] /home/aspprod/aspapp/mySSL/openSSL/bin ./sign.sh server.csr CA signing: server.csr - server.crt: Using configuration from ca.config Enter pass phrase for ./ca.key: Check that the

Redirection on bad cert

Hello all, Is it possible to redirect user with bad cert to other page? As I understand, server doesn't return any error code after ssl error on expired cert. Therefore, ErrorDocument directive doesn,t work. Thank You Oleg Lebedev

Failed to enable Crypto Device API

Hello All, Please provide your thoughts on the problem I am facing. We use Apache 1.3.27 , mod_ssl 2.8.12 and OpenSSL 0.9.6h[engine]. The [engine] version is used because we use nCipher card as the hardware accelerator. The error that is baffling is: ./apachectl startssl ./apachectl startssl:

Re: Verifying enabled ciphers?

One more question regarding the SSLCipherSuite line. Our security auditor recommended that we change the line SSLCipherSuite HIGH:MEDIUM:!ADH to SSLCipherSuite HIGH:MEDIUM:-ADH:-aNULL What is the difference? openssl ciphers -v 'HIGH:MEDIUM:!ADH' and openssl ciphers -v

Re: Failed to enable Crypto Device API

* Anbuchezhian ([EMAIL PROTECTED]) wrote: Hello All, Please provide your thoughts on the problem I am facing. We use Apache 1.3.27 , mod_ssl 2.8.12 and OpenSSL 0.9.6h[engine]. The [engine] version is used because we use nCipher card as the hardware accelerator. The error that is baffling

Re: Verifying enabled ciphers?

On Thu, Jan 30, 2003 at 11:38:04AM -0700, Steve Chadsey wrote: One more question regarding the SSLCipherSuite line. Our security auditor recommended that we change the line SSLCipherSuite HIGH:MEDIUM:!ADH to SSLCipherSuite HIGH:MEDIUM:-ADH:-aNULL What is the difference? openssl

Can't get to Https but http://address:443 works?????

Hi guys, Just a quick question my server just fell, i can't get back to https://theaddress, only http://theaddress:443 works??? any thoughts? Vince __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org

Re: Can't get to Https but http://address:443 works?????

On Fri, 31 Jan 2003, Vince Montuoro wrote: i can't get back to https://theaddress, only http://theaddress:443 works??? You probably don't have SSLEngine on in your SSL vhost. Right now, the client and server are both speaking HTTP, not HTTPS... the fact that it's over port 443 and not port

RE: Can't get to Https but http://address:443 works?????

You are starting it with apachectl start instead of apachectl startssl ? Sounds like it's listening on 443 for http, not https connections. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Vince Montuoro Sent: Thursday, January 30, 2003 4:54 PM To: