Hi.
Where can I get the Apache patch for openssl 0.9.8 and how do I implement
it?
Thanks,
Lars Nielsen Lind
I'm trying to compile Apache 2.0.50 with openssl 0.9.7.d on AIX 5.1. The
./configure completes without an error but the make command ends in an
error. I am using the native aix compiler
Here is my configure command for Apache:
env CC=cc CXX=xlC sudo ./configure --enable-so --enable-mods
On Thu, Jul 22, 2004 at 01:06:09PM -0500, Pamela Stangl wrote:
: I'm trying to compile Apache 2.0.50 with openssl 0.9.7.d on AIX 5.1. The
: ./configure completes without an error but the make command ends in an
: error. I am using the native aix compiler
: [snip]
: /web/ssl097d/include
Hi all,
I'm new to this list and although I read the instructions on how to use the list, I'd
like to apologize in advance if I ever misuse the list!
-
|Question|
-
I'm currently working on security with Apache Tomcat and openssl under Windows 2000.
I'd like to set up Tomcat
on security with Apache Tomcat and openssl under
Windows 2000. I'd like to set up Tomcat to be able to use it with SSL. I
installed openssl on Windows and I'm now trying to create a CA and
certificates.
How am I exactly supposed to configure Tomcat and how does it relate to
openssl? Did I even need
might crash under EAPI! when
loading libjk.so in httpd.
Don't know if by W2K there is similar flag needed.
Good Luck
-Ursprüngliche Nachricht-
Von: Daniel J. Obregon [mailto:[EMAIL PROTECTED]
Gesendet am: Dienstag, 20. Juli 2004 14:50
An: Tomcat Users List
Betreff: Re: Tomcat and openSSL
: HTTPS support for tomcat using openSSL with Client
Authentication
Hello Saravanan,
Have you got the answer you wanted ?
Anbu
[EMAIL PROTECTED] wrote:
Hi All,
I wanted to support SSL with Client Authentication over Tomcat 4.18.
I followed the steps mentioned in the link below, but I couldn't
Hi
I got the answer and its working too.
saravanan
-Original Message-
From: Anbu [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 18, 2004 7:17 PM
To: Tomcat Users List
Subject: RE: HTTPS support for tomcat using openSSL with Client
Authentication
First of all did u try without tomcat
Hello Saravanan,
Have you got the answer you wanted ?
Anbu
[EMAIL PROTECTED] wrote:
Hi All,
I wanted to support SSL with Client Authentication over Tomcat 4.18.
I followed the steps mentioned in the link below, but I couldn't succeed
in getting the client authentication to work,however I
Still I am looking in to it.
If you have any idea please let me know.
Regards
saravanan
-Original Message-
From: Anbu [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 17, 2004 7:38 PM
To: Tomcat Users List
Subject: Re: HTTPS support for tomcat using openSSL with Client
Authentication
Hi All,
I wanted to support SSL with Client Authentication over Tomcat 4.18.
I followed the steps mentioned in the link below, but I couldn't succeed
in getting the client authentication to work,however I was able to get
the https working with clientAuth=false in tomcat's configuration file
Apache 1.3.24 can be used with Tomcat 3.3
on Win32 by using the Apache JServ
communication module (port 8007).
Is it possible to upgrade a configuration
running Tomcat 3.3 and Apache 1.3.24 using
OpenSSL 9.9.6c to use Tomcat 4.1.29?
If so, is there an FAQ, etc,
with the detailed How
to upgrade a configuration
running Tomcat 3.3 and Apache 1.3.24 using
OpenSSL 9.9.6c to use Tomcat 4.1.29?
If so, is there an FAQ, etc,
with the detailed How To?
Much Thanks for any help!
__
Do you Yahoo!?
Yahoo! Finance: Get your refund fast by filing online
Hello!
I generated(and signed) certtificate through OpenSSL, about so:
openssl genrsa -rand /etc/passwd:/etc/inetd.conf:/etc/services:/etc/hosts
1024 -out my.key
openssl req -new -key my.key -out my.csr
openssl x509 -req -days 30 -in my.csr -signkey my.key -out my.cert.
Problem:
how do I
Stanislaw Österle mailto:[EMAIL PROTECTED] wrote:
Hello!
I generated(and signed) certtificate through OpenSSL, about so:
openssl genrsa -rand
/etc/passwd:/etc/inetd.conf:/etc/services:/etc/hosts 1024 -out my.key
openssl req -new -key my.key -out my.csr
openssl x509 -req -days 30
Hello!
I generated(and signed) certtificate through OpenSSL, about so:
openssl genrsa -rand /etc/passwd:/etc/inetd.conf:/etc/services:/etc/hosts
1024 -out my.key
openssl req -new -key my.key -out my.csr
openssl x509 -req -days 30 -in my.csr -signkey my.key -out my.cert.
Problem:
how do I
[EMAIL PROTECTED]An: [EMAIL PROTECTED]
dia.de Kopie:
Thema:OpenSSL und Tomcat
03.02.2004 15:51
El sáb, 24-01-2004 a las 07:49, Bill Barker escribió:
I sound like a broken record here :)
There is a utility at http://www.comu.de/docs/tomcat_ssl.htm to import your
OpenSSL certs into a JKS keystore. Alternatively, the ssl_howtow for TC 5.x
contains an example of how to configure a PKCS12
into the keystore for
Tomcat I receive the following error
message:
keytool error: java.lang.Exception: Public keys in reply and keystore
don't match
Here are the steps that I have been following:
To generate the original csar:
# openssl req -new -nodes -keyout private.key -out public.csr
:
keytool error: java.lang.Exception: Public keys in reply and keystore
don't match
Here are the steps that I have been following:
To generate the original csar:
# openssl req -new -nodes -keyout private.key -out public.csr
# openssl rsa -in private.key -des3 -out secureprivate.key
To import
I sound like a broken record here :)
There is a utility at http://www.comu.de/docs/tomcat_ssl.htm to import your
OpenSSL certs into a JKS keystore. Alternatively, the ssl_howtow for TC 5.x
contains an example of how to configure a PKCS12 keystore from an OpenSSL
keystore.
Ignacio Barrancos
Tons of people seem to have wondered whether they can use OpenSSL to set up
their own CA and server certificates. The answer is most certainly and for
people who've never encountered it before, I'll tell you how.
SETTING UP YOUR CA
---
Step 1. Go
disagrees with Netscape 6.2, MSIE5 and Mozilla
and if Netscape 7.1 is genuine, than it has broken OpenSSL and mod_ssl.
Hmmm..
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hi All.
I have got my Apache mod_ssl/OpenSSL talking with Tomcat nicely using
MSIE5, Netscape 6.2 and Mozilla.
On Netscape 7.1, it says I am transmiting in clear text for all to see
AFTER logging in and accepting the certificate !?! SOmehow I doubt that,
I think it is telling me fips
Hello,
Has anyone tried/build a working configuration of these components
working together using JK (1)? Does JK (1) still work with the newer stuff?
If so, how or where could i get the information?
Thanks,
Jay
: Jay Garala [mailto:[EMAIL PROTECTED]
Sent: 13 August 2003 23:36
To: Tomcat User (E-mail)
Subject: Apache 2.0.47 + Tomcat 4.1.27 + OpenSSL 0.9.7b on Win2k
Hello,
Has anyone tried/build a working configuration of these components
working together using JK (1)? Does JK (1) still work
ethereal:
http://www.ethereal.com/
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 9:17 AM
To: [EMAIL PROTECTED]
Subject: Off topic : any tools for testing mod_ssl/OpenSSL ???
Hi All.
I have got my Apache mod_ssl/OpenSSL talking
I forgot to add the frightening result of following test (like doctor
telling you that you've leukemia) :
[ssl]# openssl s_client -connect localhost:443 -state -debug
CONNECTED(0003)
SSL_connect:before/connect initialization
write to 0809D018 [0809D060] (124 bytes = 124 (0x7C))
- 80 7a 01
]
Subject: Off topic : any tools for testing mod_ssl/OpenSSL ???
Hi All.
I have got my Apache mod_ssl/OpenSSL talking with Tomcat nicely using
MSIE5, Netscape 6.2 and Mozilla.
On Netscape 7.1, it says I am transmiting in clear text for all to see
AFTER logging in and accepting
Hi All.
Problem : Netscape 6.2 would not redirectfrom http://my.first.com to
https://my.secure.dom
I have two vhost entries, first one listens on port 80 and secure one on
443.
My bjective : from the first web-site, creae a link to a secure one in
index.html using an anchor e.g. A HRED=http://my
Hi All.
I use .htpasswd to protect some directories/vhosts which are
OpenSSL-enabled.
Ideally I would like to use MD5 rather than Basic for logging on.
How does this work togethr with the OpenSSL encryption ?
This odd idea lingers in the back of my mind that OpenSSL might encrypt
the encrypted
I had some, for me, un-decipherable error messages when trying to sign
my own certificate.
First I created my private key and certificate signing request :
[ssl]# openssl genrsa -des3 -out sever.key 1024
[ssl]# openssl req -new -key server.key -out server.csr
Then I created my own
and certificate signing request :
[ssl]# openssl genrsa -des3 -out sever.key 1024
[ssl]# openssl req -new -key server.key -out server.csr
Then I created my own certificate authority:
[ssl]# openssl genrsa -des3 -out ca.key 1024
Next, I created a self-signed CA certificate with my rsa key:
[ssl
]# openssl genrsa -des3 -out sever.key 1024
[ssl]# openssl req -new -key server.key -out server.csr
Then I created my own certificate authority:
[ssl]# openssl genrsa -des3 -out ca.key 1024
Next, I created a self-signed CA certificate with my rsa key:
[ssl]# openssl req -new -x509 -days 365 -key
Hi. Sorry about being off-topic.
I had some, for me, un-decipherable error messages when trying to sign
my own certificate.
First I created my private key and certificate signing request :
[ssl]# openssl genrsa -des3 -out sever.key 1024
[ssl]# openssl req -new -key server.key -out server.csr
-topic.
I had some, for me, un-decipherable error messages when trying to sign
my own certificate.
First I created my private key and certificate signing request :
[ssl]# openssl genrsa -des3 -out sever.key 1024
[ssl]# openssl req -new -key server.key -out server.csr
Then I created my own
Hi.
My saga to sign my own CA with sign.sh continues, but I encountered this
error :
...
# ./sign.sh server.csr sign.log
Using configuration from ca.config
unable to load CA private key
2124:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:662:Expecting: ANY PRIVATE KEY
Hi. My quixotic tilt at mod_ssl continues...
I am into my second book on this subject matter. Okay, let's put that in
that too-hard basket for the moment.
Let's make OpenSSL work first. It does.
It asks me whether I want to DER or PEM. I take PEM.
Then it tells me not enough random data. So I did
1. Generate a private key:
openssl genrsa -des3 -out privkey.pem 2048
(this should prompt you for a
passphrase)http://www.openssl.org/docs/HOWTO/keys.txt
2. a) Generate a self-signed test certificate:
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
2. b) If you want to use
In RH7.1 under /etc/ssh there are several ssh_host_* keys and config
files.
They seem to be for remote client logins.
Would my newly generated OpenSSL keys and certificate conflict with them
???
What's the difference between the two ???
Sorry for the newbie questions...
Simon Pabst wrote:
1
+1000, you wrote:
In RH7.1 under /etc/ssh there are several ssh_host_* keys and config
files.
They seem to be for remote client logins.
Would my newly generated OpenSSL keys and certificate conflict with them
???
What's the difference between the two ???
Sorry for the newbie questions...
Simon Pabst
Hi Bill
In other words, the discussion about switching SSL on for Tomcat is
premised upon a stand-alone Tomcat rather a collaborative Apache-Tomcat
scenario ???
TIA
--
To unsubscribe, e-mail: mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]
in SSL.
So my questions are :
(1) Is there a need for openSSL between Tomcat and web-server ?
(2) If I implement openSSL between web-server and browser, how will this
affect Tomcat downstream, if at all ?
--
To unsubscribe, e-mail: mailto:tomcat-user-unsubscribe;jakarta.apache.org
For additional
the firewall.
Ideally, I would like to see anything between the web-server and the
browser encoded in SSL.
So my questions are :
(1) Is there a need for openSSL between Tomcat and web-server ?
(2) If I implement openSSL between web-server and browser, how will this
affect Tomcat downstream
firewall.
Ideally, I would like to see anything between the web-server and the
browser encoded in SSL.
So my questions are :
(1) Is there a need for openSSL between Tomcat and web-server ?
No, for the simple reason that none of the current Ajp connectors speak SSL.
AFAIK, the same is true of Wa
Subject: failed to enable SSL on Tomcat using a cert signed by using OpenSSL
From: tom [EMAIL PROTECTED]
===
I successfully enabled SSL on Tomcat 4.04 with using a Trail cert signed by
the Verisign.
Descrptions of the steps:
1. use c:\j2sdk1.4.0\bin\keytool to generate a key and a .keystore file
the private
key. In other words, I installed the certificate by converting it into DER
format, and then importing it into IE. Wrong!
What you MUST do is to combine both the certificate AND the private key
into a PKCS#12 format (using openssl pkcs12), and then install that in
IE. Once I did
The problem with homemade digital certificates generated with the
Keytool is that they are self signed, then IExplorer and other browsers
does
not trust them and does not let you use it for user authentication.
However if you make your own CA using openssl and you generates server and
client
Peter wrote:
this pretty much sounds like the same problem I was experiencing and
posted earlier today. Sadly, your link below only gives hints on how
to intall a SERVER certificate, but not on how to configure everything
to ask for a CLIENT cert.
This is what I found too. However, the
: Henrik Schultz [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 01, 2002 11:43 AM
To: tomcat-user
Subject: Tomcat 4 - OpenSSL - IE client certificate works partially
Greetings all...
For those not interested in client certificates at the deep technical
level, this is probably not your favorite cup
885 Main St, Suite 16
Moncton, NB
E1C 1G5
Ph: (506) 863-1014 x4
Fx: (506) 854-6886
http://www.romulin.com/
-Original Message-
From: Henrik Schultz [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 01, 2002 11:43 AM
To: tomcat-user
Subject: Tomcat 4 - OpenSSL - IE client certificate works
:
n.com Subject: RE: Tomcat 4 - OpenSSL - IE
client certificate works partially
the server asks for a client certificate.
Last night I succeeded. The right combination of keytool and openssl
maneuvres to setup a private CA, finally generated a certificate that
installed without a hitch in IE, and came up when I subsequently connected
to my SSL enabled Tomcat. So far so good
This is the answere:
http://www.comu.de/docs/tomcat_ssl.htm
and its really easy.
-Ursprungliche Nachricht-
Von: Henrik Schultz [mailto:[EMAIL PROTECTED]]
Gesendet: Montag, 1. Juli 2002 16:43
An: tomcat-user
Betreff: Tomcat 4 - OpenSSL - IE client certificate works partially
%jakarta.apache.org%NOTESSMTP
Sent: Monday, July 01, 2002 7:42 AM
Subject: Tomcat 4 - OpenSSL - IE client certificate works partially
Greetings all...
PS. If anyone is interested in a writeup or HOW-TO of making client
certificates for Tomcat, let me know. This is certainly tricky stuff
:[EMAIL PROTECTED]]
Gesendet: Montag, 1. Juli 2002 16:43
An: tomcat-user
Betreff: Tomcat 4 - OpenSSL - IE client certificate works partially
Greetings all...
For those not interested in client certificates at the deep
technical
level, this is probably not your favorite cup of tea
Sent: Monday, July 01, 2002 7:42 AM
Subject: Tomcat 4 - OpenSSL - IE client certificate works partially
Greetings all...
PS. If anyone is interested in a writeup or HOW-TO of making client
certificates for Tomcat, let me know. This is certainly tricky stuff!
--
To unsubscribe, e-mail
Hi
I am using Tomcat 4.0.3 and currently using JSSE for https.
JSSE is very slow.
If I use Apache for providing SSL support. it works fine and is fast.
But I do not want to put Apache just for supporting SSL.
Is anyone aware how can Tomcat be integrated with openssl directly ??
One
IS IT POSSIBLE TO DESCRIBE IN DETAIL WITH EXAMPLE.
I STILL DON'T GET YOU
-Original Message-
From: KUMAR,PANKAJ (HP-Cupertino,ex1) [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 24, 2002 1:39 AM
To: 'Tomcat Users List'
Subject: RE: Openssl
You can do this in one of the two ways
:39 AM
To: 'Tomcat Users List'
Subject: RE: Openssl
You can do this in one of the two ways:
A. Use keytool to generate certificate signing request and
openssl to sign
it.
Sub-steps:
1. Generate key-pair using keytool ( -genkey operation )
2. Generate Certificate Signing
Does anyone know how to generate cert using openssl an apply to tomcat
instead of keytool ?
You can do this in one of the two ways:
A. Use keytool to generate certificate signing request and openssl to sign
it.
Sub-steps:
1. Generate key-pair using keytool ( -genkey operation )
2. Generate Certificate Signing Request or CSR ( -certreq )
3. Sign CSR with openssl ( ca
Does anyone know how to generate cert using openssl an apply to tomcat
instead of keytool ?
Dear all,
I am sorry that I have to ask this question again. Is there anyone having
experience in integrating the Tomcat 4.0.x with OpenSSL, with maybe
mod_jk.dll or maybe Apache?
Please help me. Thank you very much.
Best regards,
Jordan Cheun Ngen
If Apache is an option, I'd use it, since current builds (for many
distros of linux) come with mod_ssl openssl built in. All you have to
do is install Tomcat, configure the apache connector 'mod_webapp' (there
are good links on the list for how to do that), then Apache will handle
all SSL
Dear all experts
I am a newbie of Tomcat. I have installed Apache-Tomcat-4.0 on my Windows
2000. However I wish to install OpenSSL, to handle the certificates. I am
not sure how to do it... I found some information about installing Tomcat3.2
with Openssl. But I couldn't find any about Tomcat4.0
Hi,
What is the difference betn OpenSSL and mod_ssl?
When l need my Apache server to be ssl enabled, which of the above should l
install along with Apache?
And what is Apache-ssl? Shall l go for this instead of the above
two?
Please Help
Thanq
Rams
winmail.dat
Description
What is the difference betn OpenSSL and mod_ssl?
When l need my Apache server to be ssl enabled, which of the above should l
install along with Apache?
And what is Apache-ssl? Shall l go for this instead of the above
two?
OpenSSL is a freeware package that provides cryptography
Hi. This is the description of my problem. I already have an
apache/openssl based webserver. Now I want to run tomcat in ssl mode
independent of apache.
One way to do it of course is to generate a private key using keytool,
generate a csr and get a certificate. In my case, this would mean
Hello,
I have a cert importation problem
here is the output of an openSSL command (openssl s_client -connect 127.0.0.1:8443
-cert cl_cert.pem -key cl_key.pem -state) :
Enter PEM pass phrase:
CONNECTED(0003)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello
Is it simply impossible to import a private key from openssl into a
keystore using keytool?
And, if so... then am I missing something? Doesn't this make it
impossible to use Tomcat's built-in SSL support with anything other
than a self-signed key, or a key generated by keytool itself
whare security provider are you using...
I've installed JSSE from SUN and
this works...
I've just been unable to load
a private key from openSSL to the JKS keystore...
however the certificates can be imported easily
-Message d'origine-
De: Steve Smale [mailto:[EMAIL PROTECTED
into https without any warnings appearing on the users
screens...
So I've looked at OpenSSL, and generated a key and signing-request, and
got a certificate via verisign, using openssl req -new -out REQ.csr
-keyout KEY.key, again, as in the tomcat faqs.
Whether i put this resulting key through verisi
hi
I want to use Apache + modssl + openssl + tomcat.
I found next memo during searching intenet .
===
If you want to use modSSL (with Apache and Tomcat), I have that
running on
my machine and can help. I have a step-by-step doc
74 matches
Mail list logo