-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
modssl is built into the 2.x.x apache versions. your consultant must be
asking you to upgrade full apache versions.
the 1.3.x apache tree still has a separate modssl base to add and build
off of. This should not be a concern for you since
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
more likely www.mydomain.com is not in DNS, perhaps trying this works:
https://mydomain.com
If that works it is DNS issues.
Thanks,
Ron DuFresne
On Tue, 19 Jun 2007, Omar W. Hannet wrote:
I'll bet you're right when you say your provider may
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Even more revealing was the passphrase prompt, not required for plain
httpd...
Thanks,
Ron DuFresne
On Tue, 19 Jun 2007, Omar W. Hannet wrote:
Are you quite certain that the LoadModule for mod_ssl has been
commented out? The reason I ask:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 23 Jun 2006, Arsen Hayrapetyan wrote:
Hello,
I am trying to install mod_ssl-2.8.27-1.3.36
and I've faced the following problem when I do 'make' in the
the directory where the apache's source resides:
gcc -DLINUX=22
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm sure this has been answered, but in case it has not;
You can not virtualize https to more then one hostsite, you have to have
real IP addresses for https.
Thanks,
Ron DuFresne
On Wed, 24 May 2006, Frank van Beek wrote:
Hi all,
This
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 26 Jul 2005, Pj wrote:
Download the apache source and study mod_ssl its pretty clean...
The ugly end is when he needs to DL and study the openssl code which is
likely to be far less clean and much more hefty.
thanks,
Ron DuFresne
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 21 Jun 2005, Jon August wrote:
Can I just remove the IfDefine tags? or is that not recommended?
You could though the gain might not be there, why not just run the server
in the proper mode?
Thanks,
Ron DuFresne
On Jun 21,
Hopefully stratech has you on the bench right now so ya get paid to go
back and read the dcs you obviously avoided for a quickie fix here
smile.
Did you complie with all hte proper settings for ssl? is this 1.3.x or
2.0.x? there are differences, slightly in how one enables ssl in each.
Do you
I know this might be more suited to the apache users list, but, there's
enough knowledgebase here I'm sure to answer a question as I work a
project with deadlines looming and little time to deal with an additional
list to join and parse over for info. The project I'm engaged in is a
migration
wasn't this an issue with a modssl version a year or two ago? something
like the source files in the tarball not having the proper date stamps and
as Mad's mentiones, required a touch of a few files to make flex more
'flexable'?
Thanks,
Ron DuFresne
On Mon, 21 Jul 2003, Mads Toftum wrote:
[EMAIL PROTECTED] as always.
Thanks,
Ron DuFresne
On Mon, 7 Jul 2003, Douglas K. Fischer wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Who is currently maintaining mod_ssl for Apache 1.3.x? I've been tracking
down a bug and wanted to check the latest mod_ssl repository code
A tad off topic here, but, is anyone here using webtrends servers exposed
to the internet public? any concerns with such with such an exposed
placement for this application?
Thanks,
Ron DuFresne
--
~~
admin senior security consultant: sysinfo.com
If you have set this for the entire server as the default, you should not
have to reset it for each virtual host as they should carry the default
unless otherwise conf'ed not to.
Thanks,
Ron DuFresne
On Wed, 18 Jun 2003, rmck wrote:
Hello,
I have an apache1.3.27/mod_ssl2.8.12. I was told
On Thu, 20 Mar 2003 [EMAIL PROTECTED] wrote:
[SNIP]
It should not be too hard (but I am not
using RedHat):
1) read http://www.openssl.org/support/faq.html
Note the RedHat sections.
2) download the latest (0.9.7a) to some dir
(I use something like
it looks as though ssl might not be enabled in the httpd.conf file.
do you have these statements included there:
LoadModule ssl_module libexec/libssl.so
AddModule mod_ssl.c
Thanks,
Ron DuFresne
On Mon, 17 Mar 2003, Mitchell, Edmund wrote:
Hello all
I just built from source apache 2 on
If this is tough to get into the FAQ, being it is asked weekly, perhps it
can be added to the footer of list messages?
Thanks,
Ron DuFresne
On Sat, 15 Mar 2003, Jeff wrote:
Actually, the answer is RTFM..
You can not have multiple SSL vhosts responding to one IP/port
combination.. The
On Fri, 14 Mar 2003, Rick Root wrote:
Evan Dillon wrote:
try the apache/mod_ssl part of this:
http://www.devshed.com/Server_Side/PHP/SoothinglySeamless/page1.html
Evan,
That looks great... but... it doesn't tell me how to configure
SSL in the httpd.conf. SSL is nowhere to be
you should beable to safely move then into place. make sure perms are
restricted as possible to prevent their info from being leaked.
On Fri, 14 Mar 2003, A. Putnam wrote:
Okay, I cleaned out all of the older versions of the keys and ran the scripts
again. I ended up with this:
1 out of
On Thu, 6 Mar 2003, Terry Kerr wrote:
Hi,
I am running apache 1.3.26 and mod_ssl 2.8.9-2.1 on a debian linux system.
The system has two IP's, and I only wish for apache to start on ports 80 and 443
on one of those IPs. I am using named based virtual hosting for many sites on
the
On Fri, 7 Mar 2003, A. Putnam wrote:
The permissions for the server.crt file are rw-r--r-- but it still cannot find
the Private Key.
which would be 644 rather then 400 as the first person responded.
On Thursday 06 March 2003 13:36, Ron Gedye wrote:
Please check the permissions on your
it sounds like perhaps yer http.conf files have perhaps more then one
listen directive, perhaps outside the virtual Host directives. Might
try grepping the file for listen and see what comes up. or, better yet,
egrepping for bind|listen|etc...
thanks,
Ron DuFresne
On Fri, 7 Mar 2003, Terry
additionally, each version of modssl is diff'ed against the version of
apache it is designated for. There have been times I think Ralf has
givien out probable ways to fit one modssl version into a newer apache
release prior to the new modssl version, but has given warnings about
certain things
You gave this site it's own IP address yes?
Virtual hosting with non-ssl works in a 'software' aware mode, while
virtual hosting with ssl is more 'hardware' in nature requireing specifici
IP addressing to function properly.
Thanks,
Ron DuFresne
On Wed, 26 Feb 2003, Nick Tonkin wrote:
On Thu, 27 Feb 2003, Nick Tonkin wrote:
On Thu, 27 Feb 2003, R. DuFresne wrote:
You gave this site it's own IP address yes?
No. It is using NameVirtualHost.
Virtual hosting with non-ssl works in a 'software' aware mode, while
virtual hosting with ssl is more 'hardware' in nature
there are a couple of areas to check to see if your settings are correct
for this;
...
# BindAddress: You can support virtual hosts with this option. This
directive
# is used to tell the server which IP address to listen to. It can either
# contain *, an IP address, or a fully qualified
Yes, and thanks to Owen for rounding out our, mine and yours, knowledge
levels on this. I seem to have forgotten the FDQN is what the browsing
public is used to for web traversals. Few fall back to IP's even in times
when DNS is borked. I get firewall-1 licesning issues and cert issues
The error you posted from logs implies the request the server is getting
is http rather then https, perhaps your redirect or rewrite is not
functioning properly?
Thanks,
Ron DuFresne
On Wed, 5 Feb 2003, Steve Pirk wrote:
I check the mail archives, but could not find a good
answer for this
It's IP and/or port based. But, do remember, if port based then one is
server only one cert, and the trouble is making sure the cert is
constructed in a fashoin such that hostnames are not contained within the
CN and such. In this case, and others can correct me if I'm wrong here,
you would
are you sure you wish to degrade the security of your apache server with
front[age extensions? Frontpage and coldfusion have a nasty security
history.
Thanks,
Ron DuFresne
On Fri, 7 Feb 2003, Boulytchev, Vasiliy wrote:
This is off the modssl track, but has anyone gotten frontpage
If I recall, apache on sun boxen requires some additional work to get
/dev/urandomerandom PRNG to work ccorrectly. This is a common question,
and is other covered in the archives, or might well be in the FAQ.
If this is incorrect, or not the issue at hand, others will step in to
spank me into
Any answer you get will probably be a best guess. The closest stat on
modssl use might relate somewhat to the number of list memebers here,
though, even that number will not be fully definative as some folks use
more then one product, some onlyread the list and not really have modssl
up and
On Fri, 24 Jan 2003 [EMAIL PROTECTED] wrote:
[SNIP]
A cynic may well claim that pictures of the Earth from space are faked.
After all, that claim has been levelled against the Bible for years (and
every year, more and more evidence is uncovered to support its authenticity.
eg
On Sun, 15 Dec 2002, Ralf S. Engelschall wrote:
On Sun, Dec 15, 2002, Mads Toftum wrote:
On Sun, Dec 15, 2002 at 09:41:11AM +0100, Ralf S. Engelschall wrote:
Just for your information: the Apache mod_ssl project environment was
migrated to a new location. In case of any problems,
Error messages in software have always sucked, programmers see to never
really think of end users when designating them in their coding, when they
are designated and not left to the OS to obfuscate. FAQ's and
documentation should include as much error code info as possible to help
guide these
Cool, another NC person on this list, howdy from Chapel Hill, we remain
powerless, day 9 and counting, and hope to have it restored today or
tomorrow since Duke finally made it to our little nook out here in the
boonies. A backup generator has allowed this server to remain active.
If server
not really, each modssl version is built to function with the newer apache
version. Also, openssl, which I assume you are using has issues and you
will want to make sure you are running at least OpenSSL 0.9.6g.
Thanks,
Ron DuFresne
On Thu, 12 Dec 2002, Vira, Hiten wrote:
Hi,
We are
Didn't read any of the documentation in that tarball did ya?
INSTALL
[SNIP]
For a short impression of what possibilities you have, here is a
typical example which configures Apache for the installation tree
/sw/pkg/apache with a particular compiler and flags plus the two
under the IfDefine SSL directive, list each port to listen on with the:
Listen domain.com:80
Listen domain.com:443
...
/IfDefine
see if that corrects matters for you.
Thanks,
Ron DuFresne
On Tue, 3 Dec 2002, Justin Williams wrote:
I have openssl and mod_ssl on a server running Apache.
On
:
Is this directive the same thing as if mod_ssl.c?
Thanks!
- Original Message -
From: R. DuFresne [EMAIL PROTECTED]
To: Justin Williams [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Tuesday, December 03, 2002 2:19 PM
Subject: Re: (Hopefully) easy SSL question
under
Perhaps including it in the defauly httpd.conf file underr the
VirtualHost directives as commentary might help?
# General setup for the virtual host
# ...name based VHing does not work, you need to...to get this to
# ...work...if you ask this in the modssl-users list,
On Thu, 21 Nov 2002, Alex Povolotsky wrote:
Hello!
I'm running FreeBSD, and apache/mod_ssl with virtual hosts in jailed environment.
Jail means that I can have only one IP address for apache, ipfilter's ipnat is used
to multiplex several external IPs.
I also need to support https virtual
On Fri, 22 Nov 2002, Alex Povolotsky wrote:
On Thu, 21 Nov 2002 15:25:20 -0500 (EST)
R. DuFresne [EMAIL PROTECTED] wrote:
RD I'm running FreeBSD, and apache/mod_ssl with virtual hosts in RD It sounds
like yer jail is lacking the libs and devices for this access.
libs exists; device
As far as I'm aware, and others can correct me if I'm saying something
wrong here, the virtual server directives are optional. The key would be
the server root for the ssl based pages to be served, tough enclosing a
SERVERROOT directive within the virtual server directives would benefit
you in
These directives: --enable-module=ssl --enable-shared=ssl, made mod-ssl
as a loadable module, it's not part of apache's core binary, so look in
/webroot/libexec/ for the mdoule you built to load on the httpd.conf
file; libssl.so. Additionally, I suggest you read through all the
documentation
On Fri, 15 Nov 2002, Manoj Kithany wrote:
Thanks Lutz:
Where to put SSLRandomSeed? Becos I put it in Virtual Host as shown:
VirtualHost *
ServerAdmin [EMAIL PROTECTED]
DocumentRoot /kit
ServerName www.my.server.name
ErrorLog logs/log1
#SSLRandomFile
you used --enable-shared=ss, so mod-ssl is a shared module, not part of
the core compiled in stuff in the httpd binary you made. Now you have to
load the module in the httpd.conf file and configure the ssl related
settings to get it to run for you when you apachectl startssl.
Most the settings
For one, all you source is dated, and vulnerable. I'd update first thing.
Thanks,
Ron DuFresne
On Sat, 9 Nov 2002, Avinash S wrote:
Hi,
I am using Red Hat 7.3 with apache-1.3.26, mod_ssl-2.8.7-4 and
openssl-0.9.6b-18. Apache has crashed three times in last week with the
following
On Thu, 24 Oct 2002, Cabuzel Thierry wrote:
-Original Message-
From: Boyle Owen [mailto:Owen.Boyle;swx.com]
Sent: jeudi 24 octobre 2002 16:18
To: [EMAIL PROTECTED]
Subject: RE: Chicken and Egg
I guess you will say, but it's just a lab setup, I don't care about
didyou install openssl with shared libs? I recall this being a
requirement for the apache 2 code. Also there is a newer version of
apache available, it is a security update.
Thanks,
Ron DuFresne
On Fri, 16 Aug 2002, Venkat Reddy Valluri wrote:
Hi,
I installed openssl 0.9.6g engine on
On Fri, 9 Aug 2002, Cliff Woolley wrote:
On Fri, 9 Aug 2002, Cliff Woolley wrote:
That's what I get for not reading all of my email before responding to
any of it. 0.9.6g was also released today. Sigh. :)
I guess today was the day for releases. Apache 2.0.40 is now out as well.
This is a security fix release for those using apache in Cygwin
environments!
quote
Date: Fri, 9 Aug 2002 22:07:52 +0100 (BST)
From: Mark J Cox [EMAIL PROTECTED]
To: [EMAIL PROTECTED],
Full Disclosure [EMAIL PROTECTED],
Vuln-Dev [EMAIL PROTECTED]
Subject: [Full-Disclosure] Apache 2.0
none are required, it's built into the 2.0.x code.
Thanks,
Ron DuFresne
On Wed, 31 Jul 2002, Venkat Reddy Valluri wrote:
Hi,
Can you please let me know where exactly i can get the suitable mod_ssl version
which suits for apache 2.0.39, I tried to find out in www.modssl.org, but found
Many people seem to have the impression that security=ssl enabled, and in
some ways it does enhance security, but, it's certainly by no means the
end of the game, nor the beginning. security begins with the OS install.
Not adding packages known to be exploitable redhat is the M$ of the linux
Since apache 2.0.X will not function with older kernels, we have been
trying to upgrade to apache_1.3.26 and wheen out of reliance for present
upon the mod_blowchunks.so thing we have implimented till time permitted.
But, we had decided to build ssl-engine with shared capability, so as to
not
I was thinking, and perhaps wrongly for versions prior to apache 2, that
modules required openssl be shared, but, earlier mod-ssl based versions I
do not think were so limited, being how they were built with ssl support.
I'm pretty sure, and others will correct me if I'm wrong that openssl, the
(EDT)
Resent-From: R. DuFresne [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Resent-To: R. DuFresne [EMAIL PROTECTED]
Hi there,
On Wed, 29 May 2002, R. DuFresne wrote:
Can others with more incite to verisign certs verify this information for
me? thanks in advance:
Dunno about the insightful
-- Forwarded message --
From: Kevin Steves [EMAIL PROTECTED]
Subject: Re: Off-Topic - Encryption and Credit Card Processing (resent)
Cc: 'Marc E. Mandel' [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED]
Date: Sun, 26 May 2002 16:23:00 -0700
On Sat, May 25, 2002 at
It might depend upon how you compliled openssl, was it compiled shared
also?
Thanks,
Ron DuFresne
On Fri, 28 Jun 2002, James Bromberger wrote:
Hey people.
I have been running fine with Apache + Mod_SSL under Solaris with
everything working fine. I am now recompiling to Apache 1.3.26,
not sure how it is on winblows machines, but, on unix/linux systems the
modules are found under libexec in the installed apache tree, it maybe
looking for your module in the wrong place?
Thanks,
Ron DuFresne
On Wed, 26 Jun 2002, Andy Soedibjo wrote:
Hi,
I tried to install Apache1.3.26 -
On Tue, 25 Jun 2002, B. van Ouwerkerk wrote:
uname -a
Linux darkstar 2.0.35 #4 Mon Dec 14 18:18:57 CST 1998 i586 unknown
and no matter how we configure, apache dies under
SNIP
Just tested it on my old local testbed server.. (not online)
Slackware 7.1.0
Kernel 2.2.16
Apache
uname -a
Linux darkstar 2.0.35 #4 Mon Dec 14 18:18:57 CST 1998 i586 unknown
config shared no-threads
make
make test
works fine for openssl-engine-0.9.6b/
works fine for openssl-0.9.7-beta2/
Fails miserably for openssl-engine-0.9.6d/
Thanks,
Ron DuFresne
--
uname -a
Linux darkstar 2.0.35 #4 Mon Dec 14 18:18:57 CST 1998 i586 unknown
and no matter how we configure, apache dies under:
/bin/sh /mnt/src/httpd-2.0.39/srclib/apr/libtool --silent --mode=compile
gcc -g -O2-DLINUX=2 -D_REENTRANT -DAP_HAVE_DESIGNATED_INITIALIZER
Are there still export restriction on the 128bit browsers? I was under
the impression those export restrictions had been lifted a few years back.
Thanks,
Ron DuFresne
On Fri, 21 Jun 2002, Thomas Binder wrote:
Hi!
On Fri, Jun 21, 2002 at 08:39:04AM -0700, David Wall wrote:
You could
On Wed, 19 Jun 2002, Jess Williams wrote:
I downloaded the binary for RedHat for 2.0.39 and installed it on RedHat
7.1. For some reason apache will not start listening on 443! Its driving
me crazy. It works fine for port 80 just not 443.
Do I need to download something in addition? I
This might depend upon what the site wants to do in the end. Disabling
port 80 will help keep folks from popping in on http, it can be a bennie
for sites open only to a chosen few. Redirects are good for sites open to
all and pushing clients to the https aspect. So, it can depend upon what
(but I don't want to start
another discussion on that either!)
Dang! Everyones killing some of my better discussion topics! grin
Ya'll have a great weekend folks.
Thanks,
Ron DuFresne
--
~~
admin senior security consultant: sysinfo.com
Can others with more incite to verisign certs verify this information for
me? thanks in advance:
In response to your question (see below) about surrogate/gated
functionality built into the major browsers since Netscape and IE version
3, the answer is simple. To address the global needs of
What else might be running on this system? If it were me, I'd move
everything to a solid unix based system. Widows does not play well with
others, not ready for prime time, but, that's me.
Thanks,
Ron DuFresne
On Thu, 23 May 2002, Mike Campbell wrote:
Hello,
I'm running Apache 1.3.24
not if the ley is properly protected as it should be.
On Tue, 14 May 2002, Rafael Amer wrote:
Hi.
Does anyboy know if it is possible to access the RSA private key of an
Apache server
with mod_ssl from another module written in C or Perl (mod_perl)?
Thanks.
Regards,
R. Amer
The ony other issue one really has that Owen has not covered, is trsting
the issuing CA to do things correctly. There's an incident not too long in
the past whence a site not Microsoft affilliated obtained a fake microsoft
cert. Of course there are also man in the middle exploits, even with
On Wed, 1 May 2002, Lynn Gazis wrote:
I'm now getting unresolved externals when trying to build Apache 2.0.35 with
SSL enabled on Solaris 7, and would like, before I go farther in trying to
diagnose this particular problem (and the shared memory cache problem I am
having on HP UX), to ask a
So much ergency, what perhaps 4 different Urgent requests??
shakes his head
Oh well...
Thanks,
Ron DuFresne
--
~~
admin senior security consultant: sysinfo.com
http://sysinfo.com
Cutting the space budget really restores my
yes, remove and directives in http.conf for port 80 and just keep the port
443 stuff.
Thanks,
Ron Dufresne
On Thu, 18 Apr 2002 [EMAIL PROTECTED] wrote:
Hello,
I have the following config:
Apache/1.3.23 (Unix) mod_ssl/2.8.7 OpenSSL/0.9.6
I notice that if i enter:
Would this not still leave port 80 open and bound? Is not just removing
the port delcarations for 80 and only having 443 set better and perhaps
more secure?
Thanks,
Ron DuFresne
On Thu, 18 Apr 2002, Cliff Woolley wrote:
On Thu, 18 Apr 2002 [EMAIL PROTECTED] wrote:
Now if if I enter
You're not trying to run two httpd's on the same set of ports are you, the
old one running while trying to fire up the new?
that's what the error suggests I think...
thanks,
Ron DuFresne
On Mon, 15 Apr 2002, paul priestman wrote:
Hello all,
I have downloaded and installed Apache 2.0.35
but to no luck
Paul
From: R. DuFresne [EMAIL PROTECTED]
To: paul priestman [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Subject: Re: Apache 2.0.35 with SSL - wont start
Date: Mon, 15 Apr 2002 09:12:42 -0400 (EDT)
You're not trying to run two httpd's on the same set of ports are you
to other numbers aswell but to no luck
Paul
From: R. DuFresne [EMAIL PROTECTED]
To: paul priestman [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Subject: Re: Apache 2.0.35 with SSL - wont start
Date: Mon, 15 Apr 2002 09:12:42 -0400 (EDT)
You're not trying to run two httpd's
Actually, the capability to seperate parts of the configuration has always
been in place, it just was not the standard nor the adopted practise in
earlier apache releases. In fact, I think seperation of configuration was
dropped fairly early on in apache/modssl development as some early web
pull the drive and pop it into another machine so you can recover what ya
need.
Thanks,
Ron DuFresne
On Sun, 14 Apr 2002, Andrew Lietzow wrote:
Dear mod_ssl'ers,
I have in my possesion a diskette on which I backed up my Thawte CRT file
(at least I'm bright enough to have done that...but
frontpage can be used without the extensions. At least the client can use
frontpage on his end and then push the pages out without the extensions
being allowed, though, this may well disable some of the special
scripting. Folks that shy away from frontpage tend to do so due to it's
repeated
You're going to have to recomplie the whole thing anyways. And that
should well leave the http.conf file alone, you can use yer old, just add
in any new directives you will need. To be safe, tar up what you have
incase you wanna revert back, or setup the new to go to a nice sweet new
spot in
, R. DuFresne wrote:
When is apache 2.0 coming out of beta and into primetime?
How did you manage to miss the party? :) It went GA last week with the
release of 2.0.35.
--Cliff
__
Apache Interface to OpenSSL (mod_ssl
When is apache 2.0 coming out of beta and into primetime?
Thanks,
Ron DuFresne
On Thu, 11 Apr 2002, George Walsh wrote:
Chuck:
With Apache 2.0, mod_ssl is a part of the 'whole'. The build is a far simpler
process, and the server, at least in my experience, is much crisper in terms of
You bastion host the webserver, then bastion host the mysql box, and
put it either on a seperate DMZ, or at least a seperate host, and only
allow it to talk to the mysql db, and you bastion host the firewall, and
only allow http requests to the webserver in the DMZ. Tis the standard
way to
If you built apache with modssl support read the FAQ on how to do this if
you have not, and have setup your httpd.conf file properly again read
the FAQ on particulars as well as going over the default httpd.conf file
suppiled once apache is compiled with modssl support then you start
appache
Welcome, my pleasure.
Thanks,
Ron DuFresne
On Tue, 19 Mar 2002, Søren Neigaard wrote:
That helped a lot, thanks :)
/Søren
Tuesday, March 19, 2002, 7:11:15 PM, R. wrote:
RD If you built apache with modssl support read the FAQ on how to do this if
you have not, and have setup your
On Sun, 10 Mar 2002 [EMAIL PROTECTED] wrote:
On Sun, Mar 10, 2002 at 09:04:04AM +0100, [EMAIL PROTECTED] wrote:
Full_Name: Ari D Jordon
Version: 2.8.7
OS: Solaris 2.8
Submission from: (NULL) (68.49.144.213)
using apache 1.3.23, starting httpd with -DSSL immediately seg faults.
If the tarball still exisits upon the server, the one would gain a clue
via ls;
openssl-engine-0.9.6b.tar.gz
If the tarball was rm'ed but the sources exist, again a search would tell;
/usr/local/src/installed/web/openssl-engine-0.9.6b/apps
Considering the plethroa of php users on the list, and the fact many are
perhaps not reading bugtraq:
-- Forwarded message --
From: [EMAIL PROTECTED]
Subject: Advisory 012002: PHP remote vulnerabilities
Date: Wed, 27 Feb 2002 12:30:56 +0100
To: [EMAIL PROTECTED], [EMAIL
On Fri, 15 Feb 2002, Matus fantomas Uhlar wrote:
- I'd like to know, how does modssl decide which port is ssl and which one is
- non-ssl? if I bind apache to two ports, how to tell which one should be used
- for ssl connects and which one for non-ssl connects?
-
- Apache is the process
On Mon, 11 Feb 2002, Mathieu Arnold wrote:
Ralf S. Engelschall wrote:
In article [EMAIL PROTECTED] you wrote:
I was wondering if it may be possible to configure modssl to do crypto
with no certificate.
No.
too bad
I know that it should be possible because certificates
Sounds like perhaps you fat-fingers it as entering it, or are not using
caps or special chars you did when you entered it. I'ts case sensitivve,
so caps count, spcial chars count. did you start the passphrase, typo
then backspace? if so, try that excat sequence and see if it works for
ya.
Dale,
You maybe running into the ld.so issue that faced a few sun admins trying
to install mod-ssl on those systems recently. This would require an
update of your systems ld.so system similiar to theirs. The man pages for
AIX should give you a clue as to the ways to do this for your AIX
On Wed, 6 Feb 2002, Cliff Woolley wrote:
On Wed, 6 Feb 2002, Owen Boyle wrote:
Having a password means that no-one can use your certificate - even if
they obtain a copy of it. They can load the cert into their server but
it won't let the server come up unless they know the password.
On Wed, 6 Feb 2002, Eduardo Gomez wrote:
Could someone PLEASE post a simple tutorial on flaming off-topic
inappropriate posts that have nothing to do with the list topic?
Haha, that was funny...
You're right, I sent this by accident to 2 lists (one is this one)
Sorry...i'll see that it
Lat time I checked, and perhaps it has been updated and fixed, it was not
a few mere weeks ago, Linuxconf was an open security hole waiting for
exploitation. You may want to fix that.
Thanks,
Ron DuFresne
On Tue, 5 Feb 2002, Sir SoilentG_kov wrote:
thanks,
FYI i used Linuxconf instead
This may well be the fat for your mail reader, but, on the better mail
readers, I prefer pine or elm, when it asks how one wishes to reply
choosing no on Use Reply-To: address instead of From: address?
allows one to reply to both the list and the original sender. Why would
one really need to
filter on this: To: [EMAIL PROTECTED]
Thanks,
Ron DuFresne
On Tue, 5 Feb 2002, NickM wrote:
No way, thats something that problems me also. Not every emailer has
filtering, esp web email. Also it is standard practice to have a small key in
the subject for visually filtering what's
Thats a shortcoming on your part though, a proper mail reader can
accomplish this chore.
Thanks,
Ron DuFresne
On Tue, 5 Feb 2002, NickM wrote:
As just said, I do not have filtering!!
The list is not high traffic enough to concern me terribly, but would be nice.
Quoting R. DuFresne
Carol,
It was my understanding, and perhaps I've misread posts here, that the
list here has long advocated this setting for IE issues:
SetEnvIf User-Agent .*MSIE.* nokeepalive ssl-unclean-shutdown
Also, for mozilla problems it has often been advocated to set this in the
httpd.conf:
SetEnvIf
1 - 100 of 191 matches
Mail list logo