ik seem to fix it!
Big thanks (as far as I'm concerned) to Erik!
Christian.
_________
Christian Buysschaert mailto:[EMAIL PROTECTED]
GlobalSign nv-sa http://www.globalsign.net
Get Your FREE Class 1 Demo Certificate at
http://www.glo
GlobalSign SGC cert and runs Apache/mod_ssl and a later
build of OpenSSL than the official 0.9.4 release.
Good luck!
Christian.
_____
Christian Buysschaert mailto:[EMAIL PROTECTED]
GlobalSign nv-sa http://www.globalsign.net
Get Your FREE Class 1 Demo
d out more on Win32 for us?
I think I got it... the function definition uses X509_NAME while
in OpenSSL's x509.h you'll find the following lines:
#ifdef WIN32
/* Under Win32 this is defined in wincrypt.h */
#undef X509_NAME
#endif
Now, it's only a question of finding on how to reso
1077: 'cl.exe' : return code '0x2'
Stop.
NMAKE : fatal error U1077: '"D:\Program Files\Microsoft Visual
Studio\VC98\bin\N
MAKE.EXE"' : return code '0x2'
Stop.
Now, my C is a bit rusty but I couldn't find anything wrong with
line 96 in ssl
> Hmmm... yes, AFAIK OpenSSL doesn't cache the contents of files under
> SSLCARevocationPath, so this should work as a workaround. But, BTW, is it
> really a problem to do a graceful restart if a CRL changed?
Well, I'm not too familiar with a graceful restart... that is, what's the
effect
to a h
Hi,
I've seen some messages in the 'GlobalID problem' thread
which could explain a problem I have...
Some new CAs (apart from VeriSign have been allowed to
issue SGC certs: Thawte, GlobalSign - ourselves, etc.).
I am doing right now some tests on Apache/mod_ssl and as
Matthias Loepfe indicated,
Hi,
I've been experimenting a bit with the SSLCARevocationFile
directive. It does seem to work but when you update the
referenced file (with a new CRL) it is only 'reread'
when you restart Apache. Is this correct? Is there any
way around it? Perhaps using SSLCARevocationPath is
more flexible in
main name).
Christian.
--
ir. Christian Buysschaert - VP Engineering & Operations
GlobalSign nv-sa - http://www.globalsign.net
__
Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing
ny other browser (Opera, Netscape) and
also not when using the ISP proxy (I'm a cablesurfer ;-) )...
Christian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
__
Apache Inter
Christian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
__
Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL
generalization!
Christian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
__
Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List
cannot get it to happen on the index.html page, this
> threw me for a while.
On my machine NT4W SP4, IE5, I've been clicking refresh a couple
of times now (intervals of 2 to 3 minutes) and I haven't got any
error!!!
Christian.
--
ir. Christian Buysschaert - Technical Manager
Glob
cluding Netscape Communicator) have
been crippled in their cryptography for non-US (non-Canadian) citizens.
With normal secure server certificates, they just don't allow strong
encryption!
For your Netscape browser, you could use Fortify (www.fortify.net) to
patch your browser to allow stron
192.168.0.44/cgi-bin/cfml.exe?template=/test.cfm
(uses classic CGI scripting)
results in all the variables!
Strange, no?
Christian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[
SO situation. For getting the SSL_XXX variables
> from mod_perl all you've to do is to write an XS function which
> calls mod_ssl the same way mod_rewrite does it to resolve SSL
> variables."
>
> So, getting the guys at Allaire to compile a EAPI module would
> be the so
e same error on Linux with a somewhat somewhat different
config.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
Title: Untitled
Page 1
Title: Untitled
Page 2
httpd.conf
27; resulting in the "I/O error during the security
authorization",
I know got NO result at all (endless loop?) with EVERY form...
Christian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
__
the guys at Allaire to compile a EAPI module would be the
solution?
CHristian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
__
Apache Interface to SSLeay (mod_ssl) www.engelsc
ally but you
can use whatever dynamic page or even a .html where you normally you
should have 'POST method not allowed') on the mod_ssl 2.2.4 server:
Untitled
Page 2
The mod_ssl logfiles seem normal, even using debug level...
Anybody else having this problem?
Christian.
--
ir.
client 192.168.0.249, server
192.168.0.44:443) (System and OpenSSL library errors follow)
[error] System: Invalid argument (errno: 22)
[error] OpenSSL: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no
certificate returned
[info] Connection to child 8 closed (server 192.168.0.44:
ms to indicate chain length until the selfsigned
certificate and not until a certificate in SSLCACertificateFile?
Anybody can confirm this? Or did I (again ;-) ) overlooked something?
Christian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http:
Hello everybody,
Allaire finally recompiled their native Apache module
to work on Apache 1.3.4 with mod_ssl! It works flawlessly
in my first tests!
The link to download the module is at
http://www.allaire.com/Handlers/index.cfm?ID=3882&Method=Full
Christian.
--
ir. Christian Buyssch
path to the directory need to trailing slash at all.
Oops... (blush)
Thanks as always, Ralf!
Christian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
__
Apache Interface to SSLe
_pstrdup@8 could not be located in the dynamic link library
ApacheCore.dll'
I am not an Apache expert but did Allaire (the guys from ColdFusion)
compiled their code using a function from ApacheCore.dll? Is that
a good thing?
Thanks for any help...
Christian.
this one DID work...
...
SSLVerifyClient require
SSLVerifyDepth 1
# Select directory/file where CA certificates are stored (for client auth)
SSLCACertificateFile c:\Apache\conf\ssl.crt\ca.crt
(Removal of the #SSLCACertificatePath line)
Thanks for any feedback,
Christian.
--
ir. Christian Buyssc
l you should have to do is to replace ap_hook_register with
> ap_hook_register_I and ap_hook_unregister with ap_hook_unregister_I in the
> ApacheCore.def file. Will be fixed for mod_ssl 2.2.2.
Seems to work fine!
Thanks!
Christian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSig
try to take a closer look but if
you could help already that would be great! ;-)
Christian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
__
Apache Interface to SSLeay (mo
horough in the
following days. ;-)
Christian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
__
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Suppor
ops, my fault... I was under the impression that this was the case.
I'll check the new version of mod_ssl (2.1.8) with the Allaire module.
Christian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
thod. Not too fast,
but it works!
ChristiaN
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
__
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Off
e configured for required
client auth is .2. Everything was freshly compiled with VC5 and MASM6.13.
Anybody who could help me out here?
Christian.
--
ir. Christian Buysschaert - Technical Manager
GlobalSign nv-sa - http://www.globalsign.net
httpd.conf
ssl_engine.log
31 matches
Mail list logo