tion.)
The problem seems to be with the certificates which do carry public information,
so that you could post them so that other people can investigate
them and report.
Even better: if the problem can be reproduce with openssl alone, do post
your problem to the [EMAIL PROTECTED] mailing list.
Bes
any idea what could be going wrong?
The error message indicates, that the contents of the certificate cannot
be correctly parsed. You should be able to verify this with the
openssl command line tool:
openssl x509 -in /etc/httpd/ssl.key/royal.crt -text
If the certificate is ok, you should see its
does support an option to change this behaviour such that
the server's preferences are used, but to my best knowledge there is no
switch in mod_ssl to set this flag.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/
mous DH ciphers are the only aNULL
ciphers supported. If at any point in the future an anonymous cipher
without DH would be added (does such thing exist?), it might make
a difference.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.a
BC3-SHA
> IDEA-CBC-SHA
> RC4-MD5
> RC4-SHA
See above :-)
> The following gave me 'illegal parameter':
> DES-CBC3-MD5
> DES-CBC-MD5
> IDEA-CBC-MD5
> RC2-CBC-MD5
> RC4-64-MD5
These ciphers are SSLv2 ciphers.
Best regards,
Lutz
--
Lutz Jaenicke
sl s_client -connect hostname:443 -cipher ADH-DES-CBC-SHA
to see, if it really succeeds. With respect to your seetings it
better should not.
Unfortunately the server-info handler does not list the enabled ciphers
for crosschecking. The SSLv3/TLSv1 specification says that the client
has to list its sup
andom
But you didn't read carefully enough. If you are using an EGD style device,
you must explicitely tell:
SSLRandomSeed startup egd:/var/run/egd-pool
SSLRandomSeed connect egd:/var/run/egd-pool
(Your path of course is different...)
Best,
Lutz
--
Lutz Jaenicke
ied automatically starting with OpenSSL 0.9.7.
For 0.9.6x you have to enter the appropriate path using the SSLRandomSeed
directive in httpd.conf. Details are found in the manual.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/p
_CTX_set_options().
However: as far as I am aware, mod_ssl does not yet have a httpd.conf option
to enable this flag.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus
t regard,
Lutz
PS. OpenSSl team member Mark Cox is actually working for Redhat...
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsp
change
when upgrading from 0.9.6d to 0.9.6e, so no update for mod_ssl is
required.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-0
y will spend the time
to adapt GNU ld for HP.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universit
ompiled with gcc.
Thus, 2 possible solutions:
* Add -L/path/to/where/libgcc/is/ -lgcc after -lcrypto, maybe at the end of
the list. (I think this is what GNU ld makes automatically.)
* Recompile every component using HP's compiler. That's how I do it.
Works fine for me :-)
Best
On Mon, Jul 15, 2002 at 10:05:33AM +0930, Glen Vallance wrote:
> This problem doesn't sound like it should be that uncommon, but I can't find
> any information on it.
Once you saw the solution you will find, that the mailing list is full
of problems like these.
> read from 0808D4C0 [080A4000] (7
not appear.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
___
add-ons do you use? I know that there is at least
one interaction between php4 and mod_ssl: child processes do not correctly
shut down, when both modules are used.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaeni
strsep'
Has been corrected in OpenSSL-0.9.7-beta2.
> >+ mod_ssl-2.8.8-1.3.24
> >ssl_engine_vars.c:410: `NID_uniqueIdentifier' undeclared here (not in a
> >function)
Has been adjusted in mod_ssl-2.8.9-1.3.26
Best regards,
Lutz
--
Lutz Jaenicke
http://www.aet.tu-cottbus.de/rt2/NoAuth/Buglist.html
and more specifically Ticket #82
http://www.aet.tu-cottbus.de/rt2/Ticket/Display.html?id=82
(guest account is "guest"/"guest").
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http:/
know for sure, whether some internal interface was
changed. I would thus recommend to recompile.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetspla
rong defines SN_xyz
being discussed around April 02 -- April 10 on openssl-dev and other
threads short thereafter.
(This does not help with your mod_ssl problem, as it requires an
adjustment of mod_ssl, though.)
Best regards,
Lutz
--
Lutz Jaenicke
random without a problem,
>and using PRNGD's suggested ways of testing things (via egc.pl) shows no errors.
You must specify the correct protocol to be used:
SSLRandomSeed startup egd:/path/to/egd-socket ...
^^^
Best regards,
Lutz
--
Lutz Jaenicke
cate (search for
"server gated cryptography").
BTW: for netscape new versions are all shipped with full strength
encryption. Isn't the same available for IE?
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.a
o this problem I also don't see a simple
idea how to solve this problem by an extension to OpenSSL (it would not
be difficult to add a second timeout value and to update sessions that
are reused automatically), but keeping this synchronized with the external
session cache would complicate t
timeout value (at the cost of needing more entries in the session
database).
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Te
ure.)
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4
er verify,
whether the data came in wrong or whether it was modified after arrival.
* If you find out that local data was modified, immediatly turn on a
memory debugger like efence to help catching buffer overruns...
(If you have a PC with memory without parity, there is always another
possibl
Stop button pressed in browser?!] (System error follows)
> [Mon Jul 16 18:56:58 2001] [error] System: Broken pipe (errno: 32)
Your client closed the TCP connection or crashed.
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU
N
(fully qualified domain name) of your server: Use it with
mv newkey.pem server_key.pem
mv newcert.pem server_cert.pem
SSLCertificateFile /path/to/server_cert.pem
SSLCertificateKeyFile /path/to/server_key.pem
* The client key. You already put it into iestuff.p12...
Best regards,
Lut
it is already
to late. The session stays active even though deleted from the cache
until the next connection is opened.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allg
heir information from their session cache.
- The OpenSSL session cache does not store intermediate (and root) CA
certificates, only the peer's certificate, so when a session is re-used,
this information is not available.
- If you must examine the certificate chain, you only can do it
fraid that in the case given I would compile the whole thing
with debugger support and set the breakpoint to SSL_CTX_use_certificate_chain()
in ssl_util_ssl.c to see where the failure occurs. No better idea, sorry.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PRO
pca.dfn.de/dfnpca/certify/ssl/pca-key.html
(I also have not initialized the trusted CA storage for openssl s_client,
which correspondingly complains about "self signed certificate in
certificate chain").
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PR
intermediate and a root CA
certificate. Both are concatenated together into the chain file.
With respect to the error message, mod_ssl can write more messages
than that into e.g. an ssl_engine_log. Did you check all possible
logfiles?
Best regards,
Lutz
--
Lutz Jaenicke
ession cache can not cache the session,
childs can not exchange the session data, so if a new connection to another
child is opened, a new session will be negotiated (with new cert request).
Of course in this case the browser will drop all other old sessions
for this site.
Best regards,
Lut
works fine. If there is no special requirement for
having mod_ssl dynamically loaded, simply compile it in statically.
You won't note it unless you activate the SSL functionality.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus
omatically set when using --enable-shared...
I see another problem (which I assume to be the real problem) in that
you link against -lgcc when building the shared library. -lgcc will
reference libgcc.a, of which no shared version exists and the modules
of which are normally not compiled relocatable
to be your problem.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus
ly, but it's a no-go so far.
The automatic usage is brand new and only included in the version to
become 0.9.7 one fine day. If you have <=0.9.6 you have to explicitly
specify the place in httpd.conf
SSLRandomSeed startup egd:/var/run/egd-pool
Best regards,
Lutz
--
Lutz Jaenicke
N-PCA/CN=DFN Top Level Certification
[EMAIL PROTECTED]
...
X509v3 Subject Alternative Name:
email:[EMAIL PROTECTED]
So with all of the extenions in it it may well exceed the limit. I have
been using self-issued certificates for quite some time without this
problem, but they did not contain th
but how shall the server know that it should speak https on port 443?
...
SSLEngine on
...
Please check out the example httpd.conf file.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/pe
bly the server is not configured to provide SSL service https on port 443
but does provide normal http service. Of course s_client does not understand
the original http protocol.
Use a sniffer to confirm this theory and check out the logfiles on the
server.
Best,
Lutz
--
Lutz Jaenicke
ng does not work or is
not configured, you have new handshake for every request.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik
P's patches for things like "ANSI C cumulative patch"
or "pxdb patch".
Good luck,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotech
ssl implementation to just answer it blindly, I would have
to work myself through the source.
If you are willing to spend some minutes, get ssldump from
www.rtfm.com/ssldump
It will analyse the the communication for you and probably give you the
right hint on the problem.
Best regards,
h
shared libraries it uses and where they should be located. On Linux (and Sun?)
the command is ldd. There is also a command to have the dynamic loader
recheck the library paths (ldconfig -a?) on Linux, don't ask me for Sun...
--
Lutz Jaenicke [EMAIL
On Mon, Jan 15, 2001 at 04:19:57PM +0100, [EMAIL PROTECTED] wrote:
> On Mon, Jan 15, 2001 at 14:54pm +0100 Lutz Jaenicke <
> [EMAIL PROTECTED]> wrote:
>
> > It is in my ssl_engine_log, as of httpd.conf:
> >SSLLog /var/local/apache/log/ssl_engine_log
>
> I s
On Mon, Jan 15, 2001 at 04:19:57PM +0100, [EMAIL PROTECTED] wrote:
> On Mon, Jan 15, 2001 at 14:54pm +0100 Lutz Jaenicke <
> [EMAIL PROTECTED]> wrote:
>
> > It is in my ssl_engine_log, as of httpd.conf:
> >SSLLog /var/local/apache/log/ssl_engine_log
>
> I s
conf:
SSLLog /var/local/apache/log/ssl_engine_log
> |+->
> | | Lutz Jaenicke |
> || <[EMAIL PROTECTED]|
> || ottbus.DE> |
> ||
you can check the SSL_CLIENT_VERIFY environment variable
to retrieve the verification result.
For a self signed certificate (or one not issued by a trusted CA) you
should find the "self signed certificate in chain" verification error
(as long as the maximum allowed chain length i
orthy information in form of the trusted CAs.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsp
4] [info] Init: Configuring server
www.aet.tu-cottbus.de:443 for SSL protocol
What is your "Seeding PRNG with" information?
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jae
ifference.
>
> Anyone tell me how I get these two to link together, or why apache can't find
> the egd routine when it tries to start up?
Did you think of pointing apache to the socket of your already running egd
in httpd.conf?
...
SSLRandomSeed startup egd:/var/run/egd-pool
...
Best
On Wed, Jan 10, 2001 at 03:53:52PM +0100, Thierry Coopman wrote:
> At 10:51 +0100 10/1/01, Lutz Jaenicke wrote:
>
> >- I remember having seen problems with Netscape and normal (no TLS/SSL)
> > connections with some sites. The data came in fast and was more or less
>
o that you
can see at which point the delay(s) are introduced.
If you cannot interpret the dump yourself, you can send the output
(I would recommend the decrypted one).
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://
to run in the background and allow other programs to
retrieve random data via the socket. So actually the PRNGD you have now does
not accomplish its main task, yet!
> Would it help if I sent you the bind man page as a whole???
Hopefully yes, as indicated above.
Best regards,
ood to hear, but only the smaller part of the wanted functionality :-)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 3
ot help at all.
Best regards,
Lutz
PS. If you finally succeed, please send me your configuration for inclusion
into future versions.
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemein
.)
> I did not send this to the modssl.org listserve, since I am not sure this is
> related to that website.
You just did :-)
Happy New Year,
Lutz Jaenicke
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen
gt; (errno: 104)
>
> In newsgroup postings this error message was often seen the last days where
> many answers where "The client stopped the STOP-Button" but forget that,
> this is a real connection problem!
The 'STOP-Button' hint is just a guess. Fact is, that
cript can substitute for yacc:
bison -y $*
(Copy this line into a file called yacc, do "chmod a+rx yacc" and put it
into a directory within your PATH.)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-
ssl_expr_parse.y and use the "yacc"
command as shown above. It should give you an y.tab.c.
If you don't have yacc (hey, you have it, otherwise we would see an error
message), the GNU replacement is called "bison".
Best regards,
Lutz
--
Lutz Jaenicke
6
shared libraries.
You can have openssl-0.9.6 installed in this case, but the openssl-0.9.5
shared libraries must be additionally available on the system.
Compatibility is only available at source level.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTE
512bit)
RSA keys... Breaking 40bit keys within a day doesn't seem completele
unreasonable in the near future.]
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allg
not check whether ModSSL includes its own tools...)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaets
5:RC4-64-MD5:DES-CBC-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5
OpenSSL is 0.9.6, the additional \ before the ! are needed by tcsh to not
perform history lookup.
Best regards,
Lutz
--
Lutz Jaenicke
ain.pem
Then use
SSLCertificateChainFile /path/to/certchain.pem
in httpd.conf
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 3
> independent. Use +z or +Z to recompile.
You are trying to build a shared library by including items from a static
library (openssl). This is not possible.
Build a shared library of openssl from source, there is a corresponding script
in the openssl-0.9.5a/shlib directory.
Best regards,
ng installation notes and FAQ entries.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Univers
d ... I will get the error
message, because the name obtained in the cert "ssl.fruit.com" does not
match the host I wanted to connect to "banana.fruit.com".
_This_ is the actual problem with VBNH that is not solved by your
approach.
Best regards,
Lutz
--
Lutz Jae
ork OK, openssl works OK
According to the ChangeLog egd support was only added in mod_ssl-2.6.1.
Older versions of mod_ssl cannot handle EGD sockets.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/persone
EGD will communicate, so you have to instruct mod_ssl to use the egd interface.
SSLRandomSeed startup egd:/etc/entropy
...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl A
SA certs. It's in the docs...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D
ts of the error storage, pushed by RSA_generate_key().
I've never seen an OpenSSL routine that fails without message...
Good night,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrst
can we fix that ?
Please make sure to check _all_ logfiles, there is especially the
ssl_engine_log.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik
ept, as you (the CA _and_ key generator)
can read all encrypted messages and can fake the signatures of your
clients. Hence, the automatic generation of the private key on a foreign
server really doesn't make sense. Hence, if I would write the software,
I would probably omit the feature you are
If somebody else created it it is worthless.
Best regards,
Lutz
PS. Having this said, for several of my DAUs I have created the keys
and the computer center of our university offers the same service for
those who don't know how to create such a key...
--
Lutz Jaenicke
ed, this should now be solved with the -rand directive.
* There is no server available at port 443 of your host. If you have an
openssl s_server running, the default is 4433. At 443 there would be the
https server.
Best regards,
Lutz
--
Lutz Jaenicke [
, 255 bytes, here you are. (the number may be smaller when EGD is drained)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel.
get (read number of bits available)
egc.pl /etc/entropy read 255(retrieve 255bytes of random data)
... see egc.pl for the description.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus
> differences...
Seems its time to move this issue to [EMAIL PROTECTED]
The next step in tracking this down would be to have a look into the
output of "openssl s_server -debug -state" to see what's up.
>From the last posting it seems Ben is already on the track??
Best regards,
la/4.0 (compatible; MSIE
5.01; Windows 98; A037) || SSL: SSLv3 EXP1024-RC4-SHA -
I must however admit, that I had severe problems with Postfix/TLS, when both
a DSA _and_ a RSA certificate were present (no problem for OpenSSL clients
and Netscape), but IE just didn't work.
Best regards,
to the public, it will
probably take 1 or 2 more weeks before I can think about publishing it :-)]
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine El
by the ftp-service would be "ftp.aet.tu-cottbus.de",
even though the machine is the same.
This is necessary, since a DNS lookup (forward or reverse) is insecure,
so you cannot rely on a CNAME resolution or a lookup of the IP number,
only on the name you (the user)
rand/md_rand.c:
#define ENTROPY_NEEDED 16 /* require 128 bits = 16 bytes of randomness */
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik
(first "configure" mod_ssl, then "configure" apache with
the ssl module enabled, tends to run fine).
I know it, I run it myself.
Sorry, I cannot give you better information with the data you supplied.
Best regards,
Lutz
--
Lutz Jaenicke [EMA
d up fine. Hence I am quite confident that
my guess is not too far off.
(Note) When /dev/urandom is available, the OpenSSL-library might use it
for additional seeding directly without ask anybody about it. So probably
you don't have /dev/urandom and users of Linux (and some other OS) will
oes not continue after entering the password) or it
is a problem with Netscape, which I think to the better guess.
Sorry, no better answer, but I am also still looking for a better
explanation.
Good luck,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus
by
wrapping it with a, hmm, comfortable script).
Regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetspla
at
once the server asked for the cert and the client asks the user for the
password, the client PC will not send out packages to the server anymore
(with my SMTP server and TCP protocol).
So much for my actual knowledge,
Lutz
--
Lutz Jaenicke [EMAIL
89 matches
Mail list logo