RE: 1

2004-08-30 Thread Boyle Owen


 -Original Message-
 From: Barry Smoke [mailto:[EMAIL PROTECTED]
 Sent: Freitag, 27. August 2004 17:25
 To: [EMAIL PROTECTED]
 Subject: Re: 1
 
 
 these e-mails look strange,
 virus?

Of course.

The spammer is submitting the mails to mail.modssl.org with the From
field spoofed to [EMAIL PROTECTED]. I guess the mailer will have to
start doing a reverse DNS lookup to verify that incoming mails are
really coming from the address they say they are..

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

X-Original-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Received: from sgtulmg01.sabre.com (sgtulmg01.sabre.com
[151.193.220.17])
by master.modssl.org (Postfix) with ESMTP id CD65CA8938
for [EMAIL PROTECTED]; Fri, 27 Aug 2004 18:02:42 +0200
(CEST)
Received: from unknown (HELO SGNSOLO19151501.com) (10.16.131.25)
  by sgtulmg01.sabre.com with SMTP; 27 Aug 2004 10:56:31 -0500
X-Ironport-AV: i=3.84,116,1091422800; 
   d=scan'217,208?gif'217,208; a=219635635:sNHT279802964
Date: Fri, 27 Aug 2004 10:57:36 -0600
To: Modssl-users [EMAIL PROTECTED]
From: Rse [EMAIL PROTECTED]
Subject: 1
Message-ID: [EMAIL PROTECTED]
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary=eoxkvqogjlpnqfooepkr
Sender: [EMAIL PROTECTED]
Precedence: bulk
Reply-To: [EMAIL PROTECTED]
X-Sender: Rse [EMAIL PROTECTED]
X-List-Manager: Majordomo [version 1.94.5]
X-List-Name: modssl-users
X-Mlf-Reason: no-judgement
Return-Path: [EMAIL PROTECTED]
X-OriginalArrivalTime: 27 Aug 2004 16:04:29.0243 (UTC)
FILETIME=[886DF8B0:01C48C4F]

--eoxkvqogjlpnqfooepkr
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

--eoxkvqogjlpnqfooepkr
Content-Type: application/octet-stream; name=1.gif
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=1.gif


--eoxkvqogjlpnqfooepkr--sxibm 

 
 Rse wrote:
 
 
 
 
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]


This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 


__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]


Re: 1

2004-08-27 Thread Barry Smoke
these e-mails look strange,
virus?
Rse wrote:


__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]


Re: 1 certificate for several sites using redirection ?

2002-06-18 Thread Jason Haar

On Wed, Jun 12, 2002 at 01:35:04PM +0100, Peter Viertel wrote:
 thats basically right.
 ...
 Wim Godden wrote:
 
 So there's no system which allows me to really proxy pages and 'modify' 
 them so
 that all future connections go through this 'proxy' as well ?
 

There is one way...

It can only work if the internal server has a hostname that can be
hijacked by the reverse proxy server.

i.e. if you are wanting to do:

client --- Internet --- https://www.mycompany.com/

..then you can do:

client --- Internet --- https://www.mycompany.com/ --- Internal ---
http://www.mycompany.com/


e.g. on the Internet www.mycompany.com is 1.2.3.4, whereas internally
www.mycompany.com is 10.1.2.3

Then you can set up your Apache reverse proxy so that it proxies / - i.e.
run www.mycompany.com as a full VirtualHost.

Done it - it works :-)


-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: 1 certificate for several sites using redirection ?

2002-06-12 Thread Peter Viertel

You could do that using reverse proxy, ie mod_proxy.
Redirects are not going to help.

Wim Godden wrote:

Hi,

I'd like to use a certificate to secure several of our subdomains...
buying hundreds of certificates is simply too expensive.
Is there some way to do this :

- Install certificate on secure.ourdomain.com
- Let people surf to
https://secure.ourdomain.com/other-subdomain.ourdomain.com/what-ever-page.html

Thanks in advance.


Greetings,

Wim Godden

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
  



__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



RE: 1 certificate for several sites using redirection ?

2002-06-12 Thread John . Airey

There's always the possibility of a wildcard certificate, but you'd need to
have the same domain name throughout. Some browsers don't work with them.

See www.thawte.com for details.

- 
John Airey
Internet systems support officer, ITCSD, Royal National Institute of the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] 

Is the statement 'There is no such thing as truth'  true?


 -Original Message-
 From: Peter Viertel [mailto:[EMAIL PROTECTED]]
 Sent: 12 June 2002 10:24
 To: [EMAIL PROTECTED]
 Subject: Re: 1 certificate for several sites using redirection ?
 
 
 You could do that using reverse proxy, ie mod_proxy.
 Redirects are not going to help.
 
 Wim Godden wrote:
 
 Hi,
 
 I'd like to use a certificate to secure several of our subdomains...
 buying hundreds of certificates is simply too expensive.
 Is there some way to do this :
 
 - Install certificate on secure.ourdomain.com
 - Let people surf to
 https://secure.ourdomain.com/other-subdomain.ourdomain.com/wh
 at-ever-page.html
 
 Thanks in advance.
 
 
 Greetings,
 
 Wim Godden
 
 _
 _
 Apache Interface to OpenSSL (mod_ssl)   
www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
  



__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

- 

NOTICE: The information contained in this email and any attachments is 
confidential and may be legally privileged. If you are not the 
intended recipient you are hereby notified that you must not use, 
disclose, distribute, copy, print or rely on this email's content. If 
you are not the intended recipient, please notify the sender 
immediately and then delete the email and any attachments from your 
system.

RNIB has made strenuous efforts to ensure that emails and any 
attachments generated by its staff are free from viruses. However, it 
cannot accept any responsibility for any viruses which are 
transmitted. We therefore recommend you scan all attachments.

Please note that the statements and views expressed in this email 
and any attachments are those of the author and do not necessarily 
represent those of RNIB.

RNIB Registered Charity Number: 226227

Website: http://www.rnib.org.uk 

14th June 2002 is RNIB Look Loud Day - visit http://www.lookloud.org.uk to
find out all about it.

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: 1 certificate for several sites using redirection ?

2002-06-12 Thread Wim Godden

proxypass /test http://other-subdomain.ourdomain.com
doesn't work properly... I get errors about the images being insecure and all links
point to the wrong position.


Peter Viertel wrote:

 You could do that using reverse proxy, ie mod_proxy.
 Redirects are not going to help.

 Wim Godden wrote:

 Hi,
 
 I'd like to use a certificate to secure several of our subdomains...
 buying hundreds of certificates is simply too expensive.
 Is there some way to do this :
 
 - Install certificate on secure.ourdomain.com
 - Let people surf to
 https://secure.ourdomain.com/other-subdomain.ourdomain.com/what-ever-page.html
 
 Thanks in advance.
 
 
 Greetings,
 
 Wim Godden
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
 
 

 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

--
--
Adverteren.be - 100% Nederlandstalig adverteren op kwalitatief hoogstaande sites !


__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



RE: 1 certificate for several sites using redirection ?

2002-06-12 Thread John . Airey

Sounds like you have some absolute links rather than relative links. You can
also use 
proxypass /test https://other-subdomain.ourdomain.com

If the data needs to be secured between the proxy and the destination
server.

- 
John Airey
Internet systems support officer, ITCSD, Royal National Institute of the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] 

Is the statement 'There is no such thing as truth'  true?


 -Original Message-
 From: Wim Godden [mailto:[EMAIL PROTECTED]]
 Sent: 12 June 2002 11:06
 To: [EMAIL PROTECTED]
 Subject: Re: 1 certificate for several sites using redirection ?
 
 
 proxypass /test http://other-subdomain.ourdomain.com
 doesn't work properly... I get errors about the images being 
 insecure and all links
 point to the wrong position.
 
 
 Peter Viertel wrote:
 
  You could do that using reverse proxy, ie mod_proxy.
  Redirects are not going to help.
 
  Wim Godden wrote:
 
  Hi,
  
  I'd like to use a certificate to secure several of our 
 subdomains...
  buying hundreds of certificates is simply too expensive.
  Is there some way to do this :
  
  - Install certificate on secure.ourdomain.com
  - Let people surf to
  
 https://secure.ourdomain.com/other-subdomain.ourdomain.com/wh
at-ever-page.html
 
 Thanks in advance.
 
 
 Greetings,
 
 Wim Godden
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
 
 

 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

--
--
Adverteren.be - 100% Nederlandstalig adverteren op kwalitatief hoogstaande
sites !


__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

- 

NOTICE: The information contained in this email and any attachments is 
confidential and may be legally privileged. If you are not the 
intended recipient you are hereby notified that you must not use, 
disclose, distribute, copy, print or rely on this email's content. If 
you are not the intended recipient, please notify the sender 
immediately and then delete the email and any attachments from your 
system.

RNIB has made strenuous efforts to ensure that emails and any 
attachments generated by its staff are free from viruses. However, it 
cannot accept any responsibility for any viruses which are 
transmitted. We therefore recommend you scan all attachments.

Please note that the statements and views expressed in this email 
and any attachments are those of the author and do not necessarily 
represent those of RNIB.

RNIB Registered Charity Number: 226227

Website: http://www.rnib.org.uk 

14th June 2002 is RNIB Look Loud Day - visit http://www.lookloud.org.uk to
find out all about it.

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: 1 certificate for several sites using redirection ?

2002-06-12 Thread Peter Viertel

yes, i think thats whats happening - you need to review the website 
content you are pointing at. For this to work you can't have any 
absolute hrefs, and also the backend site may issue redirects, for these 
to work you need a ProxyPassReverse which will rewrite the Location: 
header on any redirects the backend site may send.

 For example:

ProxyPass /testhttp://other.subdomain.ourdomain.com/
ProxyPassReverse /test  http://other.subdomain.ourdomain.com/

proxypassreverse unfortunately is not case insensitive, and the backend 
webserver may refer to itself canonically, so the location headers may 
have another hostname. Either fix up the backend webserver to match the 
proxypassreverse, or add extra proxypassreverse lines.

The most common cause of redirects is the / bug handlers of tomcat, and 
IIS which kick in if your url ends with / and that resolves to a 
directory, then the webserver looks up what the directoryindex script is 
(eg. index.html) and sends a redirect. This is something to do with 
early revision browser releases, I have no idea which ones or if it 
matters anymore.

Also note that mod_proxy got a big upgrade at apache release 1.3.23 that 
may help things along too in certain cases.

[EMAIL PROTECTED] wrote:

Sounds like you have some absolute links rather than relative links. You can
also use
proxypass /test https://other-subdomain.ourdomain.com

If the data needs to be secured between the proxy and the destination
server.

-
John Airey
Internet systems support officer, ITCSD, Royal National Institute of the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED]

Is the statement 'There is no such thing as truth'  true?


  

-Original Message-
From: Wim Godden [mailto:[EMAIL PROTECTED]]
Sent: 12 June 2002 11:06
To: [EMAIL PROTECTED]
Subject: Re: 1 certificate for several sites using redirection ?


proxypass /test http://other-subdomain.ourdomain.com
doesn't work properly... I get errors about the images being
insecure and all links
point to the wrong position.


Peter Viertel wrote:



You could do that using reverse proxy, ie mod_proxy.
Redirects are not going to help.

Wim Godden wrote:

  

Hi,

I'd like to use a certificate to secure several of our


subdomains...


buying hundreds of certificates is simply too expensive.
Is there some way to do this :

- Install certificate on secure.ourdomain.com
- Let people surf to


https://secure.ourdomain.com/other-subdomain.ourdomain.com/wh
  

at-ever-page.html
  

Thanks in advance.


Greetings,

Wim Godden

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]


  

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



--
--
Adverteren.be - 100% Nederlandstalig adverteren op kwalitatief hoogstaande
sites !


__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

-

NOTICE: The information contained in this email and any attachments is
confidential and may be legally privileged. If you are not the
intended recipient you are hereby notified that you must not use,
disclose, distribute, copy, print or rely on this email's content. If
you are not the intended recipient, please notify the sender
immediately and then delete the email and any attachments from your
system.

RNIB has made strenuous efforts to ensure that emails and any
attachments generated by its staff are free from viruses. However, it
cannot accept any responsibility for any viruses which are
transmitted. We therefore recommend you scan all attachments.

Please note that the statements and views expressed in this email
and any attachments are those of the author and do not necessarily
represent those of RNIB.

RNIB Registered Charity Number: 226227

Website: http://www.rnib.org.uk

14th June 2002 is RNIB Look Loud Day - visit http://www.lookloud.org.uk to
find out all about it.

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
  



__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support

Re: 1 certificate for several sites using redirection ?

2002-06-12 Thread Wim Godden

So there's no system which allows me to really proxy pages and 'modify' them so
that all future connections go through this 'proxy' as well ?

Greetings,

Wim

Peter Viertel wrote:

 yes, i think thats whats happening - you need to review the website
 content you are pointing at. For this to work you can't have any
 absolute hrefs, and also the backend site may issue redirects, for these
 to work you need a ProxyPassReverse which will rewrite the Location:
 header on any redirects the backend site may send.

  For example:

 ProxyPass /testhttp://other.subdomain.ourdomain.com/
 ProxyPassReverse /test  http://other.subdomain.ourdomain.com/

 proxypassreverse unfortunately is not case insensitive, and the backend
 webserver may refer to itself canonically, so the location headers may
 have another hostname. Either fix up the backend webserver to match the
 proxypassreverse, or add extra proxypassreverse lines.

 The most common cause of redirects is the / bug handlers of tomcat, and
 IIS which kick in if your url ends with / and that resolves to a
 directory, then the webserver looks up what the directoryindex script is
 (eg. index.html) and sends a redirect. This is something to do with
 early revision browser releases, I have no idea which ones or if it
 matters anymore.

 Also note that mod_proxy got a big upgrade at apache release 1.3.23 that
 may help things along too in certain cases.

 [EMAIL PROTECTED] wrote:

 Sounds like you have some absolute links rather than relative links. You can
 also use
 proxypass /test https://other-subdomain.ourdomain.com
 
 If the data needs to be secured between the proxy and the destination
 server.
 
 -
 John Airey
 Internet systems support officer, ITCSD, Royal National Institute of the
 Blind,
 Bakewell Road, Peterborough PE2 6XU,
 Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED]
 
 Is the statement 'There is no such thing as truth'  true?
 
 
 
 
 -Original Message-
 From: Wim Godden [mailto:[EMAIL PROTECTED]]
 Sent: 12 June 2002 11:06
 To: [EMAIL PROTECTED]
 Subject: Re: 1 certificate for several sites using redirection ?
 
 
 proxypass /test http://other-subdomain.ourdomain.com
 doesn't work properly... I get errors about the images being
 insecure and all links
 point to the wrong position.
 
 
 Peter Viertel wrote:
 
 
 
 You could do that using reverse proxy, ie mod_proxy.
 Redirects are not going to help.
 
 Wim Godden wrote:
 
 
 
 Hi,
 
 I'd like to use a certificate to secure several of our
 
 
 subdomains...
 
 
 buying hundreds of certificates is simply too expensive.
 Is there some way to do this :
 
 - Install certificate on secure.ourdomain.com
 - Let people surf to
 
 
 https://secure.ourdomain.com/other-subdomain.ourdomain.com/wh
 
 
 at-ever-page.html
 
 
 Thanks in advance.
 
 
 Greetings,
 
 Wim Godden
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
 
 
 
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
 
 
 
 --
 --
 Adverteren.be - 100% Nederlandstalig adverteren op kwalitatief hoogstaande
 sites !
 
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
 
 -
 
 NOTICE: The information contained in this email and any attachments is
 confidential and may be legally privileged. If you are not the
 intended recipient you are hereby notified that you must not use,
 disclose, distribute, copy, print or rely on this email's content. If
 you are not the intended recipient, please notify the sender
 immediately and then delete the email and any attachments from your
 system.
 
 RNIB has made strenuous efforts to ensure that emails and any
 attachments generated by its staff are free from viruses. However, it
 cannot accept any responsibility for any viruses which are
 transmitted. We therefore recommend you scan all attachments.
 
 Please note that the statements and views expressed in this email
 and any attachments are those of the author and do not necessarily
 represent those of RNIB.
 
 RNIB Registered Charity Number: 226227
 
 Website: http://www.rnib.org.uk
 
 14th June 2002 is RNIB Look Loud Day - visit http://www.lookloud.org.uk to
 find out all about it.
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List

Re: 1 certificate for several sites using redirection ?

2002-06-12 Thread Peter Viertel

thats basically right.

the proxy spec in http/1.1 etc copes with rewriting headers - but 
nothing I've seen rewrites the actual html content - this would be 
possible of course, but there would have to be a new module for apache 
to do it, and architecturally you'd be creating a potential bottleneck 
as the proxy server would have to parse all of the content passing 
through it.

Wim Godden wrote:

So there's no system which allows me to really proxy pages and 'modify' them so
that all future connections go through this 'proxy' as well ?

Greetings,

Wim

Peter Viertel wrote:

  

yes, i think thats whats happening - you need to review the website
content you are pointing at. For this to work you can't have any
absolute hrefs, and also the backend site may issue redirects, for these
to work you need a ProxyPassReverse which will rewrite the Location:
header on any redirects the backend site may send.

 For example:

ProxyPass /testhttp://other.subdomain.ourdomain.com/
ProxyPassReverse /test  http://other.subdomain.ourdomain.com/

proxypassreverse unfortunately is not case insensitive, and the backend
webserver may refer to itself canonically, so the location headers may
have another hostname. Either fix up the backend webserver to match the
proxypassreverse, or add extra proxypassreverse lines.

The most common cause of redirects is the / bug handlers of tomcat, and
IIS which kick in if your url ends with / and that resolves to a
directory, then the webserver looks up what the directoryindex script is
(eg. index.html) and sends a redirect. This is something to do with
early revision browser releases, I have no idea which ones or if it
matters anymore.

Also note that mod_proxy got a big upgrade at apache release 1.3.23 that
may help things along too in certain cases.

[EMAIL PROTECTED] wrote:



Sounds like you have some absolute links rather than relative links. You can
also use
proxypass /test https://other-subdomain.ourdomain.com

If the data needs to be secured between the proxy and the destination
server.

-
John Airey
Internet systems support officer, ITCSD, Royal National Institute of the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED]

Is the statement 'There is no such thing as truth'  true?




  

-Original Message-
From: Wim Godden [mailto:[EMAIL PROTECTED]]
Sent: 12 June 2002 11:06
To: [EMAIL PROTECTED]
Subject: Re: 1 certificate for several sites using redirection ?


proxypass /test http://other-subdomain.ourdomain.com
doesn't work properly... I get errors about the images being
insecure and all links
point to the wrong position.


Peter Viertel wrote:





You could do that using reverse proxy, ie mod_proxy.
Redirects are not going to help.

Wim Godden wrote:



  

Hi,

I'd like to use a certificate to secure several of our




subdomains...




buying hundreds of certificates is simply too expensive.
Is there some way to do this :

- Install certificate on secure.ourdomain.com
- Let people surf to




https://secure.ourdomain.com/other-subdomain.ourdomain.com/wh


  

at-ever-page.html


  

Thanks in advance.


Greetings,

Wim Godden

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]




  

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]




--
--
Adverteren.be - 100% Nederlandstalig adverteren op kwalitatief hoogstaande
sites !


__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

-

NOTICE: The information contained in this email and any attachments is
confidential and may be legally privileged. If you are not the
intended recipient you are hereby notified that you must not use,
disclose, distribute, copy, print or rely on this email's content. If
you are not the intended recipient, please notify the sender
immediately and then delete the email and any attachments from your
system.

RNIB has made strenuous efforts to ensure that emails and any
attachments generated by its staff are free from viruses. However, it
cannot accept any responsibility for any viruses which are
transmitted. We therefore recommend you scan all attachments.

Please note that the statements and views expressed in this email
and any attachments are those of the author and do

RE: 1 certificate for several sites using redirection ?

2002-06-12 Thread David Marshall
::ProxyRewriteReplace

 PerlSetVar   ProxyTo   http://www.tivoli.com
 PerlSetVar   ProxyAuthInfo BASIC aGb2c3ewenQ6amF4szzmY3b=
 PerlSetVar   ProxyAuthRedirect On
 PerlSetVar   ProxyRewriteReplace  https://www.tivoli.com/secure =
/secure
 /Location

 Location/secure
 SetHandler   perl-script
 PerlHandler  Apache::ProxyRewriteReplace

 PerlSetVar   ProxyTo   https://www.tivoli.com/secure
 PerlSetVar   ProxyAuthInfo BASIC aGb2c3ewenQ6amF4szzmY3b=
 PerlSetVar   ProxyAuthRedirect Off
 PerlSetVar   ProxyRewriteReplace  http://www.tivoli.com/ = /
 /Location

=head1 DESCRIPTION

BApache::ProxyRewriteReplace acts as a reverse-proxy that will rewrite
URLs embedded in HTML documents per apache configuration
directives.

This module was written to allow multiple backend services with
discrete URLs to be presented as one service and to allow the
proxy to do authentication on the client's behalf.

=head1 CONFIGURATION OPTIONS

The following variables can be defined within the configration of
Directory, Location, or Files blocks.

=over 4

=item BProxyTo

The URL for which ProxyRewriteReplace will proxy its requests.

=back

=over 4

=item BProxyAuthInfo

Authorization information for proxied requests. This string must
conform to the credentials string defined in section 11 of RFC
2068.

=back

=over 4

=item BProxyAuthRedirect

If the credentials supplied in the ProxyAuthInfo directive are
insufficient and if ProxyAuthRedirect is set to On, the proxy
server will redirect the client directly to the backend host. If
ProxyAuthRedirect is set to Off (the default), the proxy server
will challenge the client on the remote server's behalf.

=back

=over 4

=item BProxyRewriteReplace

A hash of URLs to rewrite. A note on hashes in configuration
directives from the Writing Apache Modules with Perl and C
book page 287:

  The only trick is to remember to put double quotes around the
  configuration value if it contains whitespace and not to allow
  your text editor to wrap it to another line. You can use
  backslash as a continuation character if you find long lines a
  pain to read.

=back

=head1 NOTES

=over 4

=item BAutomatic mappings

ProxyRewriteReplace automatically adds a mapping for the remote relative
URI and the current location. An example:

  ServerName   proxyhost

  Location/foo
  PerlSetVar   ProxyTo   http://server1/A
  /Location

The request for http://proxyhost/foo/B is proxied to
http://server1/A/B. Within the response from server1 is an
embedded URI /A/C. This URI is rewritten to /foo/C before being
returned to the client.

=back

=over 4

=item BEmbedded Languages

Embedded languages such as Javascript are not parsed for embedded
URLs. The problem is NP-Complete. The best choice is to surround
all embedded languages in HTML comments to avoid possible parsing
problems.

=back

=over 4

=item BParser Notes

The parser takes a single pass through each HTML document. This
method is extremely efficient, but it has possible drawbacks with
poorly constructed HTML. All known drawbacks have been
eliminated, but more may exist. Please contact the author if you
have any trouble with parsed output.

=back

=over 4

=item BSpecial Thanks


=back

=head1 AVAILABILITY

=head1 AUTHOR


=head1 SEE ALSO

httpd(8), mod_perl(1)

=head1 COPYRIGHT


=cut


###

###
# $Log: ProxyRewriteReplace.pm,v $
#
# Revision 0.1  2001/10/22 23:51:20  dmarshall
# initial version from ProxyRewrite
#

###

###


-Original Message-
From: Peter Viertel [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 12, 2002 5:35 AM
To: [EMAIL PROTECTED]
Subject: Re: 1 certificate for several sites using redirection ?


thats basically right.

the proxy spec in http/1.1 etc copes with rewriting headers - but 
nothing I've seen rewrites the actual html content - this would be 
possible of course, but there would have to be a new module for apache 
to do it, and architecturally you'd be creating a potential bottleneck 
as the proxy server would have to parse all of the content passing 
through it.

Wim Godden wrote:

So there's no system which allows me to really proxy pages and 'modify'
them so
that all future connections go through this 'proxy' as well ?

Greetings,

Wim

Peter Viertel wrote:

  

yes, i think thats whats happening - you need to review the website
content you are pointing at. For this to work you can't have any
absolute hrefs, and also the backend site may issue redirects, for these
to work you need a ProxyPassReverse which will rewrite the Location:
header on any redirects the backend site may send.

 For example:

ProxyPass /testhttp://other.subdomain.ourdomain.com/
ProxyPassReverse /test  http

Re: 1 certificate for several sites using redirection ?

2002-06-12 Thread Wim Godden

Hi David,

Thanks, but does this require Mod_perl as I haven't got that install (it eats
too much resources).

Greetings,

Wim

David Marshall wrote:

 To rewrite content you might look at the Perl module Apache::ProxyRewrite. I
 was given an assignment to Front-end MS EXCHANGE OWA with Apache HTTPS.
 After review of options, I took a copy of the Perl module
 Apache::ProxyRewrite and added the ability to ReplaceText in the content as
 well, I renamed it ProxyRewriteReplace. This was my 1st excursion into Perl
 and I've never gotten the time to fully complete/test the module (example,
 the documentation is from ProxyReplace). I also only tested it as far as to
 meet our objective of Proxying MS Exchange. I don;t know if this will help,
 but I've included my ProxyRewriteReplace source.

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



RE: 1 certificate for several sites using redirection ?

2002-06-12 Thread David Marshall

Yes

-Original Message-
From: Wim Godden [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 12, 2002 7:46 AM
To: [EMAIL PROTECTED]
Subject: Re: 1 certificate for several sites using redirection ?


Hi David,

Thanks, but does this require Mod_perl as I haven't got that install (it
eats
too much resources).

Greetings,

Wim

David Marshall wrote:

 To rewrite content you might look at the Perl module Apache::ProxyRewrite.
I
 was given an assignment to Front-end MS EXCHANGE OWA with Apache HTTPS.
 After review of options, I took a copy of the Perl module
 Apache::ProxyRewrite and added the ability to ReplaceText in the content
as
 well, I renamed it ProxyRewriteReplace. This was my 1st excursion into
Perl
 and I've never gotten the time to fully complete/test the module (example,
 the documentation is from ProxyReplace). I also only tested it as far as
to
 meet our objective of Proxying MS Exchange. I don;t know if this will
help,
 but I've included my ProxyRewriteReplace source.

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



RE: 1 certificate for several sites using redirection ?..2

2002-06-12 Thread David Marshall

Yes. What are your resource constraints?

-Original Message-
From: Wim Godden [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 12, 2002 7:46 AM
To: [EMAIL PROTECTED]
Subject: Re: 1 certificate for several sites using redirection ?


Hi David,

Thanks, but does this require Mod_perl as I haven't got that install (it
eats
too much resources).

Greetings,

Wim

David Marshall wrote:

 To rewrite content you might look at the Perl module Apache::ProxyRewrite.
I
 was given an assignment to Front-end MS EXCHANGE OWA with Apache HTTPS.
 After review of options, I took a copy of the Perl module
 Apache::ProxyRewrite and added the ability to ReplaceText in the content
as
 well, I renamed it ProxyRewriteReplace. This was my 1st excursion into
Perl
 and I've never gotten the time to fully complete/test the module (example,
 the documentation is from ProxyReplace). I also only tested it as far as
to
 meet our objective of Proxying MS Exchange. I don;t know if this will
help,
 but I've included my ProxyRewriteReplace source.

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: 1 certificate for several sites using redirection ?..2

2002-06-12 Thread Wim Godden

Well, the problem is that, when I install Mod_perl, each Apache process uses
several MBytes more... and I don't have anything to spare anymore.



David Marshall wrote:

 Yes. What are your resource constraints?

 -Original Message-
 From: Wim Godden [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, June 12, 2002 7:46 AM
 To: [EMAIL PROTECTED]
 Subject: Re: 1 certificate for several sites using redirection ?

 Hi David,

 Thanks, but does this require Mod_perl as I haven't got that install (it
 eats
 too much resources).

 Greetings,

 Wim

 David Marshall wrote:

  To rewrite content you might look at the Perl module Apache::ProxyRewrite.
 I
  was given an assignment to Front-end MS EXCHANGE OWA with Apache HTTPS.
  After review of options, I took a copy of the Perl module
  Apache::ProxyRewrite and added the ability to ReplaceText in the content
 as
  well, I renamed it ProxyRewriteReplace. This was my 1st excursion into
 Perl
  and I've never gotten the time to fully complete/test the module (example,
  the documentation is from ProxyReplace). I also only tested it as far as
 to
  meet our objective of Proxying MS Exchange. I don;t know if this will
 help,
  but I've included my ProxyRewriteReplace source.

 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

--
--
Adverteren.be - 100% Nederlandstalig adverteren op kwalitatief hoogstaande sites
!


__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: 1 config for http https?

2000-05-17 Thread Mads Toftum

On Wed, May 17, 2000 at 03:20:15PM -0600, Diana Shepard wrote:
 Can I use one apache with mod_ssl config file to
 service both https and http?  My install of apache
 with SSL is working fine, but my web application
 executes a java servlet which POSTs to an http CGI.
 apache chokes when it hits that servlet POST complaining
 that I'm speaking HTTP to an HTTPS port.
 
 I have 2 Virtual hosts set up, one to service the http port
 and 1 to service the https port and the following:
 
 Port 80
 
 IfDefine SSL
 Listen 80
 Listen 443
 /IfDefine
 
 But this setup is not working.  Do I need a separate apache
 without SSL server instance to service http only?  Much thanks.
 
The default httpd.conf that you get from a mod_ssl install will
serve both http and https when started with -DSSL (or startssl).
You don't need to add an extra vhost to serve http. 

vh

Mads Toftum
-- 
`Darn it, who spiked my coffee with water?!' - lwall

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re[1]: modssl, installation problem.

1999-07-12 Thread ssl-smk

Ok, I understand, but, does anyone I've tryed this set of
RPM ?

apache-mod_ssl-1.3.6.2.3.5-2.i386.rpm
apache-mod_ssl-devel-1.3.6.2.3.5-2.i386.rpm

 ---Message d'origine---
 12-Jul-99 19:25 you wrote:
  Hi, I've already installed modssl with tar.gz package,
but,
  some others modules cause problemes. Now, I have to
install
  mod_ssl on a rpm_based apache.

 It's not possible. End of story.

  I can't uninstall everything and redo all from the
beginning.
  I must install it from rpm.
  I have 2 questions, the first one, just to be
sure.
  does openssl is a free REMPLACEMENT to SSLeay ???

 It's SUCCESSOR for SSLeay. Not drop-in replacement.

  And, second,.. the most important. how to fix this
error
  message.
  Cannot load /usr/lib/apache/libssl.so into server:
  /usr/lib/apache/libssl.so: undefined symbol:
ap_global_ctx
  I get this message when a restart the apache server.

 And you should :-) You need EAPI in your apache. You can
not add it without
 recompilation. End of story.






__
BoƮte aux lettres - Caramail - http://www.caramail.com