I suspect that the problem is that /usr/local/ssl is not on your
LD_LIBRARY_PATH. For a quick fix, add it. For a better solution (since
LD_LIBRARY_PATH is A Bad Thing), recompile with -L/usr/local/ssl
-R/usr/local/ssl..
-Original Message-
From: Zandi Patrick S TSgt AFRL/IFOSS
SSL is working perfect on other LANs where we don't use MS Proxy 2.0.
The webserver (apache/mod_ssl/openssl) server is a Pentium III 1.4MHz and
1GB of memory.
The certs are on the same server as apache/mod_ssl/openssl.
The specs of the proxy server I don't have at the moment. Are they also
Sorry to bug you folks if this is a FAQ, but I haven't seen a clear answer
in the docs.
The situation I have is that some clients are connecting (via http) to an
apache configured as a reverse proxy, which then in turn connects to another
machine (again via http). Now there is a need to change
Hi,
As i see in the mod_ssl code (i haven't tried it myself) when compiling with
SSL_EXPERIMENTAL_PROXY
there are several directives that can be used for this situation:
SSLProxyVerifyDepth
SSLProxyCACertificateFile
SSLProxyCACertificatePath
Hope this helps.
Regards,
Alon
-Original
Hello All!
I've just installed modssl. I want to clarify chicken and egg problem
for me.
I use modssl only for internal purposes so I use 1 self maded
certificate on two cites.
It is not problem that certificate does not match the site name.
I have in httpd.conf:
VirtualHost IP:443
ServerName A
What you see is predictable - your setup appears to work because apache
fetches the certificate from the first VH (since it can't tell which VH
to use). Once it gets a cert, it can then establish an SSL sssion and so
can then see inside the HTTP request. It can then see the Host header
and serve
Title: RE: Chicken and Egg
-Original Message-
From: Boyle Owen [mailto:[EMAIL PROTECTED]]
Sent: jeudi 24 octobre 2002 16:18
To: [EMAIL PROTECTED]
Subject: RE: Chicken and Egg
I guess you will say, but it's just a lab setup, I don't care about
authentication - well that's
On Thu, 24 Oct 2002, Cabuzel Thierry wrote:
-Original Message-
From: Boyle Owen [mailto:Owen.Boyle;swx.com]
Sent: jeudi 24 octobre 2002 16:18
To: [EMAIL PROTECTED]
Subject: RE: Chicken and Egg
I guess you will say, but it's just a lab setup, I don't care about
Hi !
Just one more but important directive is
SSLProxyMachineCertificateFile
Regards,
Anbu
--- Alon Philosoph [EMAIL PROTECTED] wrote:
Hi,
As i see in the mod_ssl code (i haven't tried it
myself) when compiling with
SSL_EXPERIMENTAL_PROXY
there are several directives that can be used for
The INSTALL file when I untar mod_ssl says:
Configure and build the SSL library:
./config
make
make test
but it does not says to install nor does it gives you the instruction to do:
make install
Do I have to do this step.
Then what is server.key and server.crt
What step of which program
Hi all
I want to know if is possible create a server certificate with modssl,
something like a personal verisign or something like this...
What do i have to do???, can you help me with this???
Thanks a lot
_
Internet
For detailed instructions on running mod_ssl for Apache 2
you can checkout a chapter I have online:
http://www.apacheworld.org/ty24/site.chapter17.html
It includes details on how to build openssl and use the openssl command line
tool to generate your certificate and key
Cheers
Daniel
On Thu,
No.
But you might want to look for the TinyCA or OpenCA projects... try a
Google search.
-Alan
Miguel Angel Gomez Animas said:
Hi all
I want to know if is possible create a server certificate with modssl,
something like a personal verisign or something like this...
What do i have to
Ok I got it! However during installation you need to create certificates.
You are asked a few questions. Is there a way to automate this and do an
installation w/o having to prompt the user?(e.c. preedit a conf file)
Moreover when you try to
start apache w/ ssl you are prompted for the pass
Hi Miguel
It is possible to create your own CA certificate and then create a
server certificate which gets signed by your own CA key.
You do these using openssl.
Check http://www.freebsddiary.org/openssl-client-authentication.php
He talks about client authentication but he is really doing
15 matches
Mail list logo