1-Feb-00 13:11 you wrote:
I saw some discussions about configuration of "lightweight"
mod_proxy+mod_ssl server and mod_perl server.
But, sorry, I can't call mod_proxy+mod_ssl "light" server. Mod_ssl adds a 1
Meg to size of process.
Who cares ? 1MiB or 20MiBs - no matter. It's just shared
3-Aug-99 23:15 you wrote:
Either your gzip is broken or (what I think is more true) you downloaded
incorrectly. Perhaps via FTP but without Binary mode or via HTTP and your
If you downloaded via http/netscape, try rename the file to {file}.gz
and then gunzip it ... My netscape messes things
3-Aug-99 22:37 you wrote:
"Holdich, Kristian" wrote:
why don't you build a 1.3.6 apache with mod_ssl and mod_proxy / mod_rewrite,
run it on port 80 and proxy the connection to the old version of apache?
This works nicely for us.
Kristian
how's the speed with this setup? i found apache
30-Jul-99 18:29 you wrote:
First, I apologize if this is a FAQ, I did a search on the archive
but didn't find anything useful.
Here's my setup:
RedHat 6.0 with all updates
apache-1.3.6-7 rpm
I've downloaded and compiled openssl-0.9.3a
I've also downloaded modssl-2.3.10-1.3.6
Here's
28-Jul-99 13:14 you wrote:
On Wed, Jul 28, 1999, Simon Weijgers wrote:
I can't seem to find a configure option to enable ipc semaphore support
in modssl. Does this mean it isn't stable yet?
From the user manual under "SSLMutex":
(http://www.modssl.org/docs/2.3/ssl_reference.html)
o sem
22-Jul-99 16:41 you wrote:
Hi,
I just want to ask whether we can secure apache web server on NT using
mod-ssl and openssl. Are the installations steps given fr win32 applicable
for NT also. If not can any one give me the outline of the steps or any
website from where i can follow the steps.
22-Jul-99 20:35 you wrote:
Full_Name: Marco Teunissen van Manen
Version: 2.3.6
OS: Linux (Slackware 3.5)
Submission from: n16152.telekabel.nl (212.142.16.152)
After configuring and setting up mod_ssl for module use with apache 1.3.6,
I got a message stating that an error was detected on
23-Jul-99 09:31 you wrote:
Full_Name: Laurent FAILLIE
Version: mod_ssl-2.3.6-1.3.6
OS: HP-UX 10.20
Submission from: gk-fr2.michelin.com (195.115.130.37)
When I try to compile mod_ssl-2.3.6-1.3.6 on my HP-UX 10.20 box,
the compilation fail because some files (like ssl_expr_yy) needs flex
23-Jul-99 09:03 you wrote:
Hi Ralf,
it's me again. I don't understand the use of ap_hook_use and how it would
solve my problem. In my modules "URI to filename translation" phase I'd like
to call the ssl's module handler "ssl_hook_fixup" which is setting up all
SSL variables so the would be
19-Jul-99 08:57 you wrote:
Hi, answering my own question.. had thought that mod_ssl would would use my
already intalled apache but found I needed to dl and unpack a fresh copy
for mod_ssl to work with.
Now can't find the source tree for OpenSSl, even though the entire
directory in right
19-Jul-99 20:52 you wrote:
well my configuration:
linux-2.2.10
pgcc-1.1.3-3mdk
openssl-0.9.3a-3
Perl 5.005.03
What I see:
=== src/modules/ssl
gcc -c -I../../os/unix -I../../include -DLINUX=2 -DMOD_SSL=203106
-DUSE_HSREGEX -DEAPI `../../apaci` -DSSL_COMPAT
16-Jul-99 08:17 you wrote:
Holger Reif wrote:
Has the ssl_enginge_log told you that all servers have been configured
already? Are you perhaps using /dev/random and temp key generation is
somehow slowly?
YES! THAT WAS IT!!!
I really thank you for pointing me to this! But why did this work
14-Jul-99 17:55 you wrote:
On Tue, Jul 06, 1999, [EMAIL PROTECTED] wrote:
We're running Debian Linux (kernel 2.2.7, glibc 2.1), apache 1.3.6 mod_ssl
2.3.5.
Unless we manually chown the ssl_scache.dir and ssl_scache.pag files, we
get:
Can't open SSLSessionCache DBM file for writing
12-Jul-99 19:25 you wrote:
Hi, I've already installed modssl with tar.gz package, but,
some others modules cause problemes. Now, I have to install
mod_ssl on a rpm_based apache.
It's not possible. End of story.
I can't uninstall everything and redo all from the beginning.
I must install it
12-Jul-99 15:36 you wrote:
On Mon, Jul 12, 1999, Jeffrey Burgoyne wrote:
Any idea of what performance gain to expect? We get about 15000 real hits
a day, about 6 total (including graphics). About 10% of those are SSL.
I need to justify why we want to make the change to the web server and
12-Jul-99 11:30 you wrote:
So what (besides using shared memory) is the solution for other distros
using Glibc 2.1 and building mod_ssl from source?
In fact mod_ssl will work with GLibC 2.1: since the only thing from db.h
used in ndbm.h is definition of type "DB" and the only way this type is
11-Jul-99 22:51 you wrote:
Dear List Members,
We have successfully installed Apache 1.3.6 with openssl 0.9.3a, and mod_ssl
2.3.3-1.3.6. We are using a httpd.conf file little changed from the one
created by the installation. Having experimented, read the mail list archives,
and read the
In [EMAIL PROTECTED] Jeffrey Burgoyne
([EMAIL PROTECTED]) wrote:
JB On Mon, 12 Jul 1999, Khimenko Victor wrote:
12-Jul-99 08:13 you wrote:
After experienceing some "brownouts" in Stronghold SSL, I changed our web
server to modssl last week. We saw a huge increase in p
12-Jul-99 08:13 you wrote:
After experienceing some "brownouts" in Stronghold SSL, I changed our web
server to modssl last week. We saw a huge increase in performance (of
course, the brownouts really dragged down the stats I expect) in the range
of 50 to 80 percent.
Since our site is a
8-Jul-99 09:40 you wrote:
Hello,
I've been playing around with mod-ssl. I wonder about the following
entries in the general error.log:
[Thu Jul 8 09:12:05 1999] [error] mod_ssl: Cannot open SSLSessionCache
DBM file `/var/run/ssl.dbm' for writing (store) (System error follows)
[Thu Jul
8-Jul-99 15:20 you wrote:
call this a stupid question:
i have installed apache 1.3.6 with mod_ssl 2.3.5 and i am using OpenSSL
0.9.3a.
i am unclear of how to have a different certificate for each virtual
domain. i am able to assign a certificate, but that certificate is the
same for all
8-Jul-99 13:32 you wrote:
I'm trying to compile mod_ssl 2.3.5 for Apache 1.3.6 on AIX 4.3 but get
stuck at the following:
flex -Pssl_expr_yy -s -B ssl_expr_scan.l
make: flex: Command not found
make: *** [ssl_expr_scan.c] Error 127
I didn't notice flex being a prerequisite in the INSTALL
9-Jul-99 16:06 you wrote:
There was a discussion about DBM extension/permission under
GLIBC 2.1 some times ago.
In fact even attached patch is not correct :-/ Since you can not just
"#include db1/ndbm.h" and be happy ... db1/ndbm.h will include
db.h instead of db1/db.h so some defines still
9-Jul-99 14:03 you wrote:
I sent this out with no response. Can some one comment?
Am looking for some Perl CGI script that can proccess Netscape and
Microsoft Clients Certificate Request Automatiquely for mod_ssl-2.3.5
+ openssl_0_9_3a. The scrript must completely automate the process,
6-Jul-99 13:10 you wrote:
Well I have tried just about everything. I am now just trying to get Apache
1.3.6, mod_ssl 2.3.5, and OpenSSL working. Basically it seems to work
somewhat during the first request by returning some or sometimes all the
data requested by the browser. I have tried
5-Jul-99 13:28 you wrote:
I built apache_1.3.6/mod_perl-1.20/mod_ssl-2.3.5-1.3.6/openssl-0.9.3a
for Solaris 2.5.1.
When I start the server without -DSSL, any children serving location
/server-status, configured with
ExtendedStatus On
Location /server-status
SetHandler server-status
5-Jul-99 10:20 you wrote:
Hello!
I want to install the module for the "Sercure Socket Layer". I have an
apache www-server and i want to install a module. The php3 module was easy
to install as an module. But the module for ssl is realy hard.
Yes, it should be :-)) Blame US goverment, not
1-Jul-99 12:28 you wrote:
May I politely point out that Win2K is _BETA_.
If something's b0rken, go back to a known, stable platform.
And then you'll stuck at the same step 6 :-)) No, beta status of W2K is not as
issue here...
-dsp
-Original Message-
From: [EMAIL PROTECTED] [EMAIL
1-Jul-99 15:14 you wrote:
Hi,
how do people build SSL systems which do not require the client to
accept certificates? E.g. if you want to order a book at www.amazon.de
and you are using the SSL connection, users do not have to accept the
certificates, although the certificate of the website
-time configuration directives".
sincerely
sun
--
From: Khimenko Victor[SMTP:[EMAIL PROTECTED]]
Reply To: [EMAIL PROTECTED]
Sent: Wednesday, June 30, 1999 2:23 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: Question on upgrading from Stronghold
29
30-Jun-99 16:50 you wrote:
hi,all:
when I do "apachectl startssl" , it would ask me password, I think it will
be not convenient , anyway to pass this?
Huh. Read message there :-) You have some keys encrypted. Just use unencrypted
ones (make certificate usually asks you if you want encrypted
29-Jun-99 12:15 you wrote:
I'm having a bit of problem with the authentication in changing over from
Stronghold to mod_ssl. In my new conf file I have added :
Directory /usr/secure-docs/secure
AuthType Basic
AuthName Strategis
AuthDBMUserFile /rz6c/stronghold/pw/level1
require valid-user
30-May-99 23:31 you wrote:
I have installed the latest OpenSSL and ModSSL for Apache package.
The system works as for passing the security Certificate. When I then
go to view a secure Web page by typing the URL again with the https
directive I get a Secure Library error.
The error states
11-Mar-99 14:06 you wrote:
Sorry, but it's really nasty when people don't want to _READ_!
The gid-mkcert.sh script looks like:
| :
| ## ssleay ... get it from ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/
| ## ca-fix ... get it from http://www.drh-consultancy.demon.co.uk/ca-fix.html
| ##
2-Mar-99 10:28 you wrote:
A note about php. If you choose to integrate database access for example to
mysql in the php install, then mysqld must be running for apache to start.
This is not very nice and means you must insure that upon a restart or cold
start that the database daemon is up
2-Mar-99 06:14 you wrote:
This seems like a popular combination, perhaps it would be worth someone
doing up an rpm combining these particular modules (but might be a lot of work
keeping a package with all the latest versions after each upgrade).
That sounds like it'd be a nightmare for whoever
In [EMAIL PROTECTED] User Rick ([EMAIL PROTECTED]) wrote:
2-Mar-99 10:28 you wrote:
A note about php. If you choose to integrate database access for example to
mysql in the php install, then mysqld must be running for apache to start.
This is not very nice and means you must insure that
15-Jan-99 18:35 you wrote:
We've already recognized that on some not-such-smart platforms Apache+mod_ssl
can dump core under the DSO situation. I've already traced it down and the
problem has to do with the fact that Apache _reloads_ the DSOs at startup-time
and that some dangling references
4-Jan-99 17:20 you wrote:
Thanks for your reply,
I'll then get the sources for apache 1.3.3 ;-)
But have to disagree with you about the solution you gave for the SSL_BASE
variable. Here is the problem:
(first, I wiped the test for the EAPI flag, otherwise, I cannot get further
;-)
-
29-Dec-98 00:15 you wrote:
Full_Name: Christian Buysschaert
Version: 2.1.4-1.3.3
OS: NT
Submission from: eagle.tvd.be (195.162.196.13)
I believe I followed the instruction correctly but I am unable
to compile Apache, more specifically ApacheModuleSSL.dll.
The error indicate he couldn't
12-Dec-98 10:16 you wrote:
On Fri, Dec 11, 1998, Bruce B. Platt wrote:
I have a port 80, non-SSL site created for my family which has user
authentication configured as follows in access.conf:
AuthName "Restricted Access"
AuthType Basic
AuthUserFile /usr/local/apache/etc/athorized-users
3-Dec-98 19:19 you wrote:
Ops, seems like I was too slow or you too fast. Last weekend I've added full
APXS support to the distribution. I think this would make your life easier.
When you're interesting you can test my APXS support. I've still not comitted
it for mod_ssl 2.1.x because it's
17-Nov-98 13:47 you wrote:
On Tue, Nov 17, 1998, Khimenko Victor wrote:
17-Nov-98 11:37 you wrote:
2) in Makefile.nt you invoke mod_ssl's makefile with
nmake /nologo CFG="mod_ssl - Win32 %LONG%" -f Makefile
nmake /nologo CFG="mod_ssl - Win32 %LONG%&quo
14-Nov-98 15:01 you wrote:
The last days I spent a lot of time to create the new User Manual for the
forthcoming 2.1.0 release. The current state is that all chapters except for
Chapter 4 (Compatibility) are now finished (at least IMHO ;-). So you now can
have a preview under
Changes from patch4: return types and declined values support (API changed)
Changes from patch5: use of 'inline' for C++ (API not changed)
SYNOPSIS
Main Setup:
void ap_hook_init (void);
void ap_hook_kill (void);
Hook Configuration and Registration:
/*
* SYNOPSIS
*
*Main Setup:
* void ap_hook_init (void);
* void ap_hook_kill (void);
*
*Hook Configuration and Registration:
* ap_hook_define_client(hook_name,hook_parameters,hook_call);
* int ap_hook_configure_hook_name(ap_hook_mode modeid);
* int
12-Nov-98 08:48 you wrote:
On Thu, Nov 12, 1998 at 12:52:10AM +0300, Khimenko Victor wrote:
No more hacks in mod_so. Instead all modules unregister hooks before unload.
Also some slightly non portable defines (still ANSI compliant AFAIK) moved
in few separate defines in top of ap_hook.h
In [EMAIL PROTECTED] [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
r In [EMAIL PROTECTED] Ralf S. Engelschall
([EMAIL PROTECTED]) wrote:
RE Hello mod_ssl hackers,
RE I've prepared the new mod_ssl distribution layout (actually I wrote new
RE programs which generate it for me ;_), incorporated
8-Nov-98 12:03 you wrote:
On Sun, Nov 08, 1998, Khimenko Victor wrote:
EAPI = bloatware ? Of I'm just confused ...
grin Not intentionally bloatware, of course. More the result of trying to
combine three major requirements: portability (full ANSI C compliant),
functionality (works
EAPI = bloatware ? Of I'm just confused ...
After look on EAPI I'm could not understood why it's designed to be so bloat
and slow. Why other (MUCH more simpler) design is unacceptable:
#define hook_define(hook_name,hook_signature,hook_params)\
extern struct hook_struct_##hook_name {
24-Oct-98 18:14 you wrote:
Now with DSO you're happy: You can combine 1.) and 2.). Why? Because
you just make one Apache installation with mod_ssl as a DSO. And
then you you an additional
IfDefine SSL
LoadModule ssl_module libexec/libssl.so
/IfDefine
in your httpd.conf file.
28-Sep-98 13:20 you wrote:
On Mon, 28 Sep 1998, Ralf S. Engelschall wrote:
Interesting is also that it seems that it's only occuring in combination with
mod_perl. Hmmm... how do you build mod_perl? As a DSO or statically?
I use mod_perl 1.15_01 as DSO and have exactly the same problem
28-Sep-98 03:43 you wrote:
While testing binary version of apache for KSI-Linux I'm found nasty error
with mod_perl (1.15_01) and mod_ssl (2.0.11) under apache 1.3.2.
This version
-- cut --
AddModule mod_perl.c
...
AddModule mod_ssl.c
-- cut --
will be ok, while this version
-- cut --
24-Sep-98 19:04 you wrote:
At 18:04 1998-09-24 +0200, I wrote:
Thanks. It worked finally.
The building, that is.
Starting with apachectl
$ sbin/apachectl start
sbin/apachectl start: httpd could not be started
$ cat var/log/error_log:
[Thu Sep 24 18:52:21 1998] [error] mod_ssl:
21-Sep-98 18:17 you wrote:
Sorry for interfering in the middle of tarball-rolling;
I'm in no hurry, but install-integration between mod_perl
and mod_ssl ought to be easier.
At 09:45 1998-09-21 +0200, Ralf S. Engelschall wrote:
And here are the examples:
$ gzip -d -c
55 matches
Mail list logo