,
Ian Newlands
- Original Message -
From: Dave Paris [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: Ian Newlands [EMAIL PROTECTED]
Sent: Thursday, August 21, 2003 11:58 AM
Subject: Re: virtual hosting
geeze. is it that time of the month already for this question?
seems like
Hello Owen,
Boyle Owen wrote:
-Original Message-
From: Dave Paris [mailto:[EMAIL PROTECTED]
snip... You claim to
have spent two MONTHS trying to find what I found in under 10
SECONDS.
Anyway, the point I'm making is that the original poster is obviously a
seasoned hacker (he uses
On Thursday, Aug 21, 2003, at 21:53 US/Eastern, Ian Newlands wrote:
Dave
Thank you for your reply, it was most enlightening and yes I will
re-assess my future as a human being. Hopefully that statement
somehow makes you feel better about yourself.
[...]
Get over yourself. I went out of my
(meaning I don't know fore sure) SET is the smart card version
with a chip. Relatively common in Hong Kong, don't know about USA.
Wish theres a vpn here.
- Original Message -
From: Dave Paris [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, August 22, 2003 10:37 AM
Subject: Re
On Wed, Aug 20, 2003 at 10:56:11AM +0200, Hendrik Robbel wrote:
Hi,
I tried to nest two directory with SSLRequire entries:
Directory /htdocs-ssl/user/
SSLRequire (%{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \
and %{SSL_CLIENT_S_DN_O} eq user )
/Directory
Directory /htdocs-ssl/
On Wednesday, Aug 20, 2003, at 00:32 US/Eastern, Arthur Chan wrote:
Well, my eyes did glaze over somewhere betw thermodynamics and mobile
perpetuum ;-)
So does this mean that if I work in a less sophisticated infrastructure
where only 56kbps ppp dialup is available, I can get some incremental
Cliff Woolley [EMAIL PROTECTED] writes:
On Tue, 19 Aug 2003, Eric Rescorla wrote:
Dave Paris [EMAIL PROTECTED] writes:
In addition to Owen's salient points about compression working efficiently
on repetitive strings in plaintext/binary data (e.g. whitespace in a Word
document) and
~
-dsp
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Eric Rescorla
Sent: Wednesday, August 20, 2003 11:44 AM
To: [EMAIL PROTECTED]
Subject: Re: configuration question
Cliff Woolley [EMAIL PROTECTED] writes:
On Tue, 19 Aug 2003, Eric Rescorla wrote:
Dave
Hi Philip,
Dumping the environment variables is a very simple task. Try:
#!/bin/sh
echo Content-type: text/plain
echo
/usr/bin/printenv
chmod it and stick it on your SSL server and run it.
Philip Champon wrote:
Hi,
I tried searching the archives, to find out where I might be able
to read
geeze. is it that time of the month already for this question? seems
like it was just yesterday when it was asked last .. maybe I'm just
thinking of the other 100,000 times it was asked.
in all seriousness, this dead horse has been beaten so many times on
this list there isn't even a carcass
Newlands
- Original Message -
From: Dave Paris [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: Ian Newlands [EMAIL PROTECTED]
Sent: Thursday, August 21, 2003 11:58 AM
Subject: Re: virtual hosting
geeze. is it that time of the month already for this question? seems like
it was just
On Wed, 20 Aug 2003, Henrik Bentel wrote:
Now, all my ssl configuration is under my secure virtual host, such that it
applies to everything. However, I have quite a bit static content(images,
css, javascript.,...) which doesn't need to be very secure. I somewhat only
want to secure my dynamic
-Original Message-
From: Henrik Bentel [mailto:[EMAIL PROTECTED]
I have a web app which serves both static and non static content, both
secure and unsecure(https and http).
Now, all my ssl configuration is under my secure virtual host,
such that it applies to everything. However, I have
) and would that slow down the client browser display of content ?
On the other hand, with these new 1GHz+ P4 desk- and lap-tops around, maybe
not.
- Original Message -
From: Boyle Owen [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, August 19, 2003 04:49 PM
Subject: RE: configuration
and not try to re-invent the
wheel.
Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored.
On the other hand, with these new 1GHz+ P4 desk- and lap-tops
around, maybe
not.
- Original Message -
From: Boyle Owen [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent
PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Boyle Owen
Sent: Tuesday, August 19, 2003 7:02 AM
To: [EMAIL PROTECTED]
Subject: RE: configuration question
-Original Message-
From: Arthur Chan [mailto:[EMAIL PROTECTED]
Hi Boyle,
I've been debating with myself over whether to encrypt
At 02:22 AM 8/19/2003 -0400, you wrote:
On Wed, 20 Aug 2003, Henrik Bentel wrote:
Now, all my ssl configuration is under my secure virtual host, such that it
applies to everything. However, I have quite a bit static content(images,
css, javascript.,...) which doesn't need to be very secure. I
Boyle Owen [EMAIL PROTECTED] writes:
-Original Message-
From: Arthur Chan [mailto:[EMAIL PROTECTED]
Hi Boyle,
I've been debating with myself over whether to encrypt
everything, that's a
cogent argument you have offered. I have a few questions myself :
(1) assuming an openssl
Dave Paris [EMAIL PROTECTED] writes:
In addition to Owen's salient points about compression working efficiently
on repetitive strings in plaintext/binary data (e.g. whitespace in a Word
document) and not on random data (e.g. encrypted data), some encryption
algorithms can actually be weakened
Your actual message issue notwithstanding, the versions you're running are
not just old, they've got security flaws and vulnerabilities well documented
at both CERT, apache.org, and openssl.org.
http://www.cert.org/advisories/CA-2002-27.html (Linux, Apache, OpenSSL,
mod_ssl)
On Tue, 19 Aug 2003, Nauman, Ahmed [IT] wrote:
How can we know at server side in apache that a GET or PUT request has
been received and it was failed or successfull ? Can we get somehow the
response code so that some script and/or tool at Server side can
delete/archive the file which have
On Tue, 19 Aug 2003, Eric Rescorla wrote:
Dave Paris [EMAIL PROTECTED] writes:
In addition to Owen's salient points about compression working efficiently
on repetitive strings in plaintext/binary data (e.g. whitespace in a Word
document) and not on random data (e.g. encrypted data), some
certificate as an Authority for our testing
purposes.
How does one go about doing that, both in Netscape and MSIE5 ?
TIA :-)
- Original Message -
From: Dave Paris [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, August 19, 2003 07:58 PM
Subject: RE: configuration question
In addition
On Wed, 20 Aug 2003, Arthur Chan wrote:
But I want Netscape to load my certificate as an Authority for our
testing purposes. How does one go about doing that, both in Netscape and
MSIE5 ?
Google knows everything... an I'm feeling lucky for installing CA
certificate yields:
Add
Listen 443
On Sunday 17 August 2003 9:15 am, nico wrote:
Hello
So I start with Linux/Apache and openssl and I can't get running Apache 2
and Openssl.
That's an extract of my httpd.conf
Listen 80
IfDefine SSL
VirtualHost www.test.com:443
DocumentRoot /usr/local/apache/htdocs
]
To: [EMAIL PROTECTED]
Sent: Monday, August 11, 2003 07:34 PM
Subject: RE: high-grade vs low-grade encryption with MD5 and DES
The 5 minutes I mentioned doesn't implicitly refer to the amount of time
needed to crack the ciphertext, but more the type of data and the amount
of
time it needs
(or larger!) private key is much more appropriate.
Kind Regards,
-dsp
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Arthur Chan
Sent: Sunday, August 10, 2003 6:39 AM
To: [EMAIL PROTECTED]
Subject: Re: high-grade vs low-grade encryption with MD5 and DES
Please see following links
http://www.mail-archive.com/[EMAIL PROTECTED]/msg16205.html
http://forums.devshed.com/archive/15/2001/11/4/25897
Hope they help.
Regards,
Nauman
___
Citibank N.A., 111 Wall St., New York, NY
Ph: +1-212-657-1070 (w),
Hi I think that the following may help you.
openssl s_client -connect localhost:443 -state -debug
Please Refer to the FAQ in detail (www.modssl.org)
-Kiyoshi
Kiyoshi Watanabe
Hi All.
Further to my earlier comments that httpd + mod_ssl seems to be ignored by
Netscape 7.1
After logging-in
08, 2003 06:44 AM
Subject: Re: FRUSTRATION : SSL throws SSL23_GET_SERVER_HELLO error
Hello,
did you test the openssl command using your IP instead of localhost?
openssl s_client -connect your-ip-here:443 -state -debug
Or why don't you change the VirtualHohost to _default_
]
[mailto:[EMAIL PROTECTED] Behalf Of Arthur Chan
Sent: Sunday, August 10, 2003 7:52 AM
To: [EMAIL PROTECTED]
Subject: Re: high-grade vs low-grade encryption with MD5 and DES
Practicality : do not use 4096 bits server side private key. No, not even
2048.
Key size larger than 1024 is not supported
Hello,
I have seen the similar questions posted on the openssl mailing list
before, but I have not seen much discussion. One thing that you may
want to try to upgrade the version of the openssl itself, but I have
no clue that applies to your problem.
Why don't you post this question on the
Hello,
I posted this question already some days ago, but did not yet receive any
hint. Does really no-one have any idea what could be the problem?
---
I'm having a strange problem with Apache 2.0.45, mod_ssl with openssl
0.9.6i (and possibly a factor also tomcat 4.1.27
(slightly) older
browsers cannot handle that.
Arthur
- Original Message -
From: Kiyoshi Watanabe [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Monday, August 11, 2003 08:39 PM
Subject: Re: high-grade vs low-grade encryption with MD5 and DES
Hi, I
...
- Original Message -
From: Dave Paris [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, August 11, 2003 06:16 PM
Subject: Re: high-grade vs low-grade encryption with MD5 and DES
compromised is probably a poor word to use, pointlessly weak is
more accurate. If you're going to use SSL
]
Sent: Monday, August 11, 2003 07:34 PM
Subject: RE: high-grade vs low-grade encryption with MD5 and DES
The 5 minutes I mentioned doesn't implicitly refer to the amount of time
needed to crack the ciphertext, but more the type of data and the amount
of
time it needs to be protected.
A couple
compromised is probably a poor word to use, pointlessly weak is
more accurate. If you're going to use SSL and you're dealing with data
that needs to be protected longer than 5 minutes, use 128bit SSL.
-dsp
On Sunday, Aug 10, 2003, at 02:25 US/Eastern, Arthur Chan wrote:
Hi all.
Verisign
Hello,
did you test the openssl command using your IP instead of localhost?
openssl s_client -connect your-ip-here:443 -state -debug
Or why don't you change the VirtualHohost to _default_ temporarily and
see how it goes.
-Kiyoshi
Kiyoshi Watanabe
Problem #1: your OpenSSL doesn't have
On Fri, 8 Aug 2003, Arthur Chan wrote:
[ssl] # openssl s_client -connect localhost:443 -state -debug
still throws this sticky error :
SSL_connect:error in SSLv2/v3 read server hello A
1565:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol:s23_clnt.c:460:
You have multiple
-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of James Collier
Sent: Monday, July 28, 2003 4:18 AM
To: [EMAIL PROTECTED]
Subject: Re: Apache2: mod_rewrite and mod_ssl interaction changed?
Joe Orton wrote:
On Mon, Jul 28, 2003 at 10:09:49PM +1200, James Collier wrote:
I am
How up to date are these versions of IE? I recall that the original IE 5.0
that shipped with Windows 2000 was quite broken with regards to SSL support
(but IE5.01 wasn't).
The last time I looked, SP3 for Windows 2000 gave you IE5.01 SP3, but SP3
wasn't available directly (only SP2). I haven't
I dont think theese browsers are supported, no. However, quite a few clients
are using them still and our customers does not accept us tossing our hands
in the air and saying that we dont support all browsers. It has worked in
the past, and therefore it is our problem that theese browsers are
-
From: Torvald Baade Bringsvor [mailto:[EMAIL PROTECTED]
Sent: 29 July 2003 11:21
To: '[EMAIL PROTECTED]'
Subject: RE: Problems with old MSIE 5.0
I dont think theese browsers are supported, no. However,
quite a few clients
are using them still and our customers does not accept us
Sorry, I misunderstood this.
As it turns out, it is not W2k as I said in my original post, it is Win98
SE, and there is no MSIE service pack installed.
-Torvald
__
Apache Interface to OpenSSL (mod_ssl)
: 29 July 2003 11:33
To: '[EMAIL PROTECTED]'
Subject: RE: Problems with old MSIE 5.0
Sorry, I misunderstood this.
As it turns out, it is not W2k as I said in my original post,
it is Win98
SE, and there is no MSIE service pack installed.
-Torvald
- Original Message -
From: Torvald Baade Bringsvor [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, July 29, 2003 11:21 AM
Subject: RE: Problems with old MSIE 5.0
I dont think theese browsers are supported, no. However, quite a few
clients
are using them still and our
if that
cured it.
Thanks!
-Torvald
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: 29. juli 2003 13:02
To: [EMAIL PROTECTED]
Subject: RE: Problems with old MSIE 5.0
Neither the browser or the OS is supported by Microsoft anymore,
http://support.microsoft.com
I use
SSLSessionCache shm:logs/ssl_scache(512000)
SSLSessionCacheTimeout 300
and it works for me...
John
-Original Message-
From: Torvald Baade Bringsvor [mailto:[EMAIL PROTECTED]
Sent: 29 July 2003 12:48
To: '[EMAIL PROTECTED]'
Subject: RE: Problems with old MSIE 5.0
what I tried was the default, dbm
But perhaps shm is quicker
-Torvald
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: 29. juli 2003 14:05
To: [EMAIL PROTECTED]
Subject: RE: Problems with old MSIE 5.0
I use
SSLSessionCache shm:logs/ssl_scache
On Mon, Jul 28, 2003 at 10:09:49PM +1200, James Collier wrote:
I am in the process of upgrading a site from 1.3.x to 2.0.47, and have
encountered a (perhaps obscure) problem.
For mod_rewrite I sometimes need to extract and/or test client
certificate field values.
Under 1.3.27/2.8.14 and
Joe Orton wrote:
On Mon, Jul 28, 2003 at 10:09:49PM +1200, James Collier wrote:
I am in the process of upgrading a site from 1.3.x to 2.0.47, and have
encountered a (perhaps obscure) problem.
For mod_rewrite I sometimes need to extract and/or test client
certificate field values.
Under
Try this to access the SSl server variables:
%{LA-U:ENV:SSL_CLIENT_S_DN}
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of James Collier
Sent: Monday, July 28, 2003 4:18 AM
To: [EMAIL PROTECTED]
Subject: Re: Apache2: mod_rewrite and mod_ssl
I've found that the Sun versions of certain utilities (sed in my case, tar for
lots of people) have problems with code that works fine with GNU utilities, my
advice would be to install the gnu version of most utilities in /usr/local/bin
or in /opt/bin and either use them as the first in your
wasn't this an issue with a modssl version a year or two ago? something
like the source files in the tarball not having the proper date stamps and
as Mad's mentiones, required a touch of a few files to make flex more
'flexable'?
Thanks,
Ron DuFresne
On Mon, 21 Jul 2003, Mads Toftum wrote:
On Fri, 18 Jul 2003, Ralf S. Engelschall wrote:
As you've certainly recognized, Apache 1.3.28 was released. I've
prepared the companion mod_ssl 2.8.15 which cleanly (without any
conflicts) patches into its source tree.
2.8.15 does not fix EAPI shared pool bug introduced in 2.8.13 and
to this message may be ignored.
-Original Message-
From: R. DuFresne [mailto:[EMAIL PROTECTED]
Sent: Montag, 21. Juli 2003 15:45
To: Mads Toftum
Cc: [EMAIL PROTECTED]
Subject: Re: Flex failure during apache 1.3.28 make
wasn't this an issue with a modssl version a year or two ago?
something
like
On Mon, Jul 21, 2003 at 05:14:53PM +0200, Boyle Owen wrote:
Thanks all!
Touching the .c files in src/modules/ssl let flex do its work and the
make continued without a hitch.
Well, to be precise, that's not what happened. Make checks the date of the
.c file that is output from flex - if the
fix the link
- Original Message -
From: Ralf S. Engelschall [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Friday, July 18, 2003 1:20 PM
Subject: [ANNOUNCE] mod_ssl 2.8.15 for Apache 1.3.28
As you've certainly recognized, Apache 1.3.28 was released. I've
prepared
Ihor Bilyy wrote:
fix the link
Where are your manners? Say please next time.
-ste
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
[EMAIL PROTECTED] as always.
Thanks,
Ron DuFresne
On Mon, 7 Jul 2003, Douglas K. Fischer wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Who is currently maintaining mod_ssl for Apache 1.3.x? I've been tracking
down a bug and wanted to check the latest mod_ssl repository code
Title: RE: errno:32
Yes, of course, Mark.
If you are working on a UNIX platform, and if you have installed the UNIX manuals, you just have to type
man -s2 Intro
and the man subsystem will display you ALL the UNIX error-codes.
Have fun, you have about (on Solaris, I say) 150 error
On Fri, 20 Jun 2003 21:59:16 -0400
Weeve [EMAIL PROTECTED] wrote:
I'm currently experiencing a problem running modssl on ultrasparc under
linux. modssl compiles and installs fine but when apache is started
with ssl support, it no longer seems to respond to requests to either
port 80 or 443.
-
From: Konn Danley [mailto:[EMAIL PROTECTED]
Sent: 16 June 2003 17:01
To: [EMAIL PROTECTED]
Subject: Re: https access problems
Hi John,
Thanks for the response.
The thing is, I can get in once in a while (1 in 100 times).
When I first
encountered the problem, I thought
We moved to apache 2 several months ago, but this looks familiar. Looking
through some old notes I found that I used the following options to configure
(for apache 1.3.27):
--enable-module=most \
--enable-shared=max \
--enable-module=so \
--enable-module=ssl \
If you have set this for the entire server as the default, you should not
have to reset it for each virtual host as they should carry the default
unless otherwise conf'ed not to.
Thanks,
Ron DuFresne
On Wed, 18 Jun 2003, rmck wrote:
Hello,
I have an apache1.3.27/mod_ssl2.8.12. I was told
On Tue, 17 Jun 2003, Percy Rotteveel wrote:
I've read your article regarding: building shared libraries with OpenSSL
(http://www.mail-archive.com/[EMAIL PROTECTED]/msg15745.html). The
instructions are very clear and very helpful. When I execute make
build-shared, I get the following error
Do you have the ipchains or iptables firewall enabled? Try service ipchains
stop and service iptables stop to disable it completely and then try
again. In the former case lokkit will allow you to configure your firewall
to accept connections on the relevant ports.
-
John Airey, BSc (Jt Hons),
into a strange problem with Apache/mod_ssl 2.0.43:
I have set up a url that requires client certificates. And GET
operations on
this URL works very well indeed. But POST doesnt work:
[Thu Jun 12 11:06:27 2003] [error] SSL Re-negotiation in conjunction
with
POST method not supported!
hint: try
On Tue, Jun 10, 2003 at 02:53:38PM -0700, kulkarni veena wrote:
Hi,
Thanks. To use the shared library from apache should
something be set while configuring apache? I'm using
SunOS 5.9 , does this OS support it?
It shouldn't be a problem on your os - at least I've used shared
memory session
On Tue, Jun 10, 2003 at 02:31:28PM -0700, kulkarni veena wrote:
Hello,
I'm trying to use mm shared library for Apache2.0.45
with modssl as DSO . My question is should I configure
MM_shared library --enable-shared or --disable-shared.
There's no need for MM with apache2 - it has its own
Hi,
Thanks. To use the shared library from apache should
something be set while configuring apache? I'm using
SunOS 5.9 , does this OS support it?
I was trying to do this hoping this would make my
https server work for Internet explorer.
-veena
--- Mads Toftum [EMAIL PROTECTED] wrote:
On
PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, June 02, 2003 3:54 AM
Subject: RE: unknown protocol
-Original Message-
From: Tom Bartling [mailto:[EMAIL PROTECTED]
If you'd care to post your config or send it directly, I'll
have a look and see if there's anything wrong with it.
There are several
, June 08, 2003 11:57 AM
Subject: Re: Vitual Hosts not working with SSL
On Sun, 8 Jun 2003, ComCity wrote:
I'm very confused about the Virtual Host configuration in Apache
2.0stuff that use to work seems like it doesn't and I gotta
think thats because I don't know what I'm doing. ;)
Can
On Sun, 8 Jun 2003, ComCity wrote:
I'm very confused about the Virtual Host configuration in Apache
2.0stuff that use to work seems like it doesn't and I gotta
think thats because I don't know what I'm doing. ;)
Can you be more specific about what it's (not) doing? Other than the fact
On Fri, 6 Jun 2003, Barry Brachman wrote:
I am developing a new Apache 2.0 module and I have encountered what I think
to be a bug in mod_ssl. I have been unable to find any reports of a similar
problem. I think this is because I am using AP_MODE_SPECULATIVE, which is
I have forwarded this
-- Forwarded message --
Date: Fri, 06 Jun 2003 17:59:50 -0700
From: Justin Erenkrantz [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: Possible mod_ssl bug (ssl_io_input_read) (fwd)
The suggested API change to char_buffer_read is incorrect
Ronald,
The problem looks like your server SSL certificate does not have your
server name say www.yoursite.com as CN=www.yoursite.com in Subject
Name. that is what bother client and server sides are showing in
messages and logs. Can you please confirm if this is correct ?
Regards
Nauman
I am trying to create my own certificate using my own CA. I used the
example in the FAQ
http://www.modssl.org/docs/2.8/ssl_faq.html#ToC29
So what file is really my certificate, is the server.key? or the
ca.key?
I made a key using
http://www.modssl.org/docs/2.8/ssl_faq.html#ToC28
What
OK, I think I figured it out. It really is what the error says (Imagine
that). I made myself a CA, then made another certificate. The other
certificate was exactly the same as the CA one.
Now it works using ca.key and ca.crt. However now I have two questions.
1) Why can't you have two
On Sun, Jun 01, 2003 at 09:06:48PM -0500, Ronald Petty wrote:
I am having a hard time with this list, first I couldn't join, then I
haven't received any mail since it supposedly succeeded. In fact I have
not reached one message yet and its been a couple of days. Anyone on
this list?
Yeah,
.
- Original Message -
From: Boyle Owen [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, May 28, 2003 3:31 AM
Subject: RE: unknown protocol
Plain text please...
It looks like you are not succeeding in starting an SSL VH.
Looking at your config, there is no obvious error, although I
don't
- Original Message -
From: Boyle Owen [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, May 28, 2003 3:31 AM
Subject: RE: unknown protocol
Plain text please...
It looks like you are not succeeding in starting an SSL VH.
Looking at your config, there is no obvious error, although I
don't
- Original Message -
From: Boyle Owen [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, May 28, 2003 3:31 AM
Subject: RE: unknown protocol
Plain text please...
It looks like you are not succeeding in starting an SSL VH.
Looking at your config, there is no obvious error, although I don't
Plain text please...
It looks like you are not succeeding in starting an SSL VH.
Looking at your config, there is no obvious error, although I don't know
why you put the Listen 80 inside the IfDefine - this would mean that
even plain HTTP wouldn't work unless you started with SSL.
Just to be
On Fri, Mar 21, 2003 at 04:18:11AM -0500, Jason Parsons wrote:
I'm seeing similar problems after an upgrade to mod_ssl 2.8.13 under
Solaris 2.8.
[Fri Mar 21 04:10:42 2003] [notice] child pid 4241 exit signal
Segmentation Fault (11)
[Fri Mar 21 04:10:42 2003] [notice] child pid 4248 exit
thanks, thats what it was!
-Original Message-
From: Mads Toftum [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 03, 2003 3:06 PM
To: [EMAIL PROTECTED]
Subject: Re: verify error:num=21
On Thu, Apr 03, 2003 at 02:52:17PM -0500, Austin Conger (IT) wrote:
Hi All,
When I submit
I'm seeing similar problems after an upgrade to mod_ssl 2.8.13 under
Solaris 2.8.
[Fri Mar 21 04:10:42 2003] [notice] child pid 4241 exit signal
Segmentation Fault (11)
[Fri Mar 21 04:10:42 2003] [notice] child pid 4248 exit signal
Segmentation Fault (11)
[Fri Mar 21 04:10:42 2003] [notice]
On Thu, Apr 03, 2003 at 02:52:17PM -0500, Austin Conger (IT) wrote:
Hi All,
When I submit this command to my Verisign Certificate Secured Site I am getting this
error.
openssl s_client -connect www.domain.com:443
Its returning these errors:
CONNECTED(0004)
depth=0
Have you restarted the httpd process since you put:
SSLCertificateFile /usr/local/ssl/certs/verisigned.cert
SSLCertificateKeyFile /usr/local/ssl/private/domain.key
In your configuration? If not it will probably still be using the default
configuration, which I think will have a
,
Austin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 02, 2003 5:36 AM
To: [EMAIL PROTECTED]
Subject: RE: netscape warning message
Have you restarted the httpd process since you put:
SSLCertificateFile /usr/local/ssl/certs
to open your key and certificate files.
John
-Original Message-
From: Austin Conger (IT) [mailto:[EMAIL PROTECTED]
Sent: 02 April 2003 15:55
To: [EMAIL PROTECTED]
Subject: RE: netscape warning message
Hi John,
I have restarted the apache process several times since
Hi,
You may extract the key and cert with the following command:
openssl pkcs12 -in cert.der -nodes -out certAndKey.pem
Then, you can extract cert.pem and key.pem from the output file.
ca.pem is probably used for authentication and not for SSL server setup.
Rgds.
Martin
quote who=Contractor
Did you install the mod_ssl package too? Did you know that Red Hat renamed
the package from apache to httpd (for some kind of consistency I guess,
although confusing to those who know about it already).
-
John Airey, BSc (Jt Hons), CNA, RHCE
Internet systems support officer, ITCSD, Royal
PROTECTED]
Kopie:
Thema: Re: Problem with Reverse Proxy and Client
On Wed, 2003-03-26 at 05:32, Edwin Cleton wrote:
If you were a woman I'd kiss you! this works like before, no more crashes or errors
like these:
[Tue Mar 25 15:37:01 2003] [error] mod_ssl: SSL handshake failed (server
10.1.1.28:443, client 10.1.1.28) (OpenSSL library error follows)
[Tue
On Mon, 2003-03-24 at 22:50, kulkarni veena wrote:
Hi,
I would like to know the correct versions of OpenSSL
and ModSSL to be used with Apache 1.3.22 on SunOS
operating system.
Thanks in advance.
Veena
__
Do you Yahoo!?
Yahoo!
Erki Kriks wrote:
Hi!
I'm using Apache 3.2.1, tomcat and mod_ssl 2.8.11.
When i'm using HTTPS with GET method then everything OK.
But when i try HTTPS with POST method then i get error:
mod_ssl: SSL Re-negotiation in conjunction with POST method not supported!
Can anybody explain what's missing
Can we bring these threads together? It would seem we have:
Burkhard:
Apache/1.3.27 mod_gzip/1.3.26.1a PHP/4.3.1 mod_ssl/2.8.13
OpenSSL/0.9.7a
QUESTION: What OS?
And:
Jazz:
mod_ssl 2.8.13, OpenSSL 0.9.6i with apache 1.3.27
... on Solaris 2.6/Sparc
QUESTION: using PHP?
Both
On Thu, Mar 20, 2003, Artur Pydo wrote:
I can see the same segmentation fault :
FreeBSD 4.8-STABLE
Apache 1.3.27
Openssl 0.9.7a
Modssl 2.8.13
PHP 4.3.1 / PHP 4.3.2RC1 / PHP 4.3.2-snapshot
It happens both with static compilation and as DSO.
The backtrace seems pointing out an error in
On Fri, Mar 21, 2003 at 12:30:36PM +0100, Ralf S. Engelschall wrote:
-if ((xs = SSL_get_certificate(ssl)) != NULL)
+if ((xs = SSL_get_certificate(ssl)) != NULL) {
result = ssl_var_lookup_ssl_cert(p, xs, var+7);
+X509_free(xs);
+}
}
That
801 - 900 of 9305 matches
Mail list logo
