date:20180207

[users@httpd] SSL Certificate Validation

2018-02-07 Thread Belmona, Nizar

Dear users,
We are currently using Apache 2.2.22 (mod_ssl 2.2.22, OpenSSL/0.9.8t) and we 
have a security concern since developers are able to bypass the SSL certificate 
verification when using HTTPS calls. Kindly advise what configuration is needed 
to enforce the certificate verification? In other words should anyone tries to 
bypass this verification, the call fails returning some kind of error code.
Please note that our environment is a simple one; it consists of one web server 
with no proxies.

Your help is greatly appreciated.

Regards,


Nizar Belmona
Deputy Section Head

Card Management System Department | CSCBank SAL 
[cid:imaged5b512.JPG@243f48e4.45b02783]
t +961 1 742555 | ext. 1647 | f +961 1 352281
e nbelm...@cscgroup.com | w www.cscgroup.com
150 Commodore Street, Hamra | Beirut, 1103 2120, Lebanon

[cid:image358861.JPG@be4d6a98.4e95e270]

[cid:image48f45c.JPG@5ba7acc8.489e0939] Save a tree. Please consider the 
environment before printing this email.

Re: [users@httpd] symbol SSLv2_client_method

2018-02-07 Thread Stefan Eissing

No, because I do not have it. Afraid, you need to hunt on the internet yourself.

> Am 07.02.2018 um 11:05 schrieb Pietro Pesce :
> 
> hello
> 
> tnx for the response, you can give me the procedure?
> 
> pls
> 
> 2018-02-07 11:03 GMT+01:00 Stefan Eissing :
> Your openssl is not the version that your apache was compiled
> against. If you updated it, you need to also re-compile
> any executables that link it.
> 
> Note that running SSL without staying on current software
> versions is highly discouraged. For example, Apache does
> not support versions 2.0 or 2.2 any longer.
> 
> -Stefan
> 
> > Am 07.02.2018 um 10:44 schrieb Pietro Pesce :
> >
> > hello
> >
> > i have a solaris zone whit apache:
> >
> > # /app/apache/bin/httpd -version
> > Server version: Apache/2.0.59
> > Server built:   Jun 18 2007 14:27:08
> >
> > when a try to start receive this error:
> >
> > yntax error on line 32 of /app/apache/conf/httpd.conf:
> > Cannot load /app/apache/modules/mod_ssl.so into server: ld.so.1: httpd: 
> > fatal: relocation error: file /app/apache/modules/mod_ssl.so: symbol 
> > SSLv2_client_method: referenced symbol not found
> >
> > # ldd /app/apache/modules/mod_ssl.so
> > libc.so.1 => /lib/libc.so.1
> > libgcc_s.so.1 => /usr/sfw/lib/libgcc_s.so.1
> > libm.so.2 => /lib/libm.so.2
> > /lib/libm/libm_hwcap1.so.2
> > /platform/sun4v/lib/libc_psr.so.1
> >
> > ldd /lib/libc.so.1
> > libm.so.2 => /lib/libm.so.2
> > /lib/libm/libm_hwcap1.so.2
> > /platform/sun4v/lib/libc_psr.so.1
> >
> >
> > can help please?
> >
> > tnx
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] symbol SSLv2_client_method

2018-02-07 Thread Pietro Pesce

hello

tnx for the response, you can give me the procedure?

pls

2018-02-07 11:03 GMT+01:00 Stefan Eissing :

> Your openssl is not the version that your apache was compiled
> against. If you updated it, you need to also re-compile
> any executables that link it.
>
> Note that running SSL without staying on current software
> versions is highly discouraged. For example, Apache does
> not support versions 2.0 or 2.2 any longer.
>
> -Stefan
>
> > Am 07.02.2018 um 10:44 schrieb Pietro Pesce :
> >
> > hello
> >
> > i have a solaris zone whit apache:
> >
> > # /app/apache/bin/httpd -version
> > Server version: Apache/2.0.59
> > Server built:   Jun 18 2007 14:27:08
> >
> > when a try to start receive this error:
> >
> > yntax error on line 32 of /app/apache/conf/httpd.conf:
> > Cannot load /app/apache/modules/mod_ssl.so into server: ld.so.1: httpd:
> fatal: relocation error: file /app/apache/modules/mod_ssl.so: symbol
> SSLv2_client_method: referenced symbol not found
> >
> > # ldd /app/apache/modules/mod_ssl.so
> > libc.so.1 => /lib/libc.so.1
> > libgcc_s.so.1 => /usr/sfw/lib/libgcc_s.so.1
> > libm.so.2 => /lib/libm.so.2
> > /lib/libm/libm_hwcap1.so.2
> > /platform/sun4v/lib/libc_psr.so.1
> >
> > ldd /lib/libc.so.1
> > libm.so.2 => /lib/libm.so.2
> > /lib/libm/libm_hwcap1.so.2
> > /platform/sun4v/lib/libc_psr.so.1
> >
> >
> > can help please?
> >
> > tnx
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

Re: [users@httpd] symbol SSLv2_client_method

2018-02-07 Thread Stefan Eissing

Your openssl is not the version that your apache was compiled
against. If you updated it, you need to also re-compile
any executables that link it.

Note that running SSL without staying on current software
versions is highly discouraged. For example, Apache does
not support versions 2.0 or 2.2 any longer.

-Stefan

> Am 07.02.2018 um 10:44 schrieb Pietro Pesce :
> 
> hello
> 
> i have a solaris zone whit apache:
> 
> # /app/apache/bin/httpd -version
> Server version: Apache/2.0.59
> Server built:   Jun 18 2007 14:27:08
> 
> when a try to start receive this error:
> 
> yntax error on line 32 of /app/apache/conf/httpd.conf:
> Cannot load /app/apache/modules/mod_ssl.so into server: ld.so.1: httpd: 
> fatal: relocation error: file /app/apache/modules/mod_ssl.so: symbol 
> SSLv2_client_method: referenced symbol not found
> 
> # ldd /app/apache/modules/mod_ssl.so 
> libc.so.1 => /lib/libc.so.1
> libgcc_s.so.1 => /usr/sfw/lib/libgcc_s.so.1
> libm.so.2 => /lib/libm.so.2
> /lib/libm/libm_hwcap1.so.2
> /platform/sun4v/lib/libc_psr.so.1
> 
> ldd /lib/libc.so.1
> libm.so.2 => /lib/libm.so.2
> /lib/libm/libm_hwcap1.so.2
> /platform/sun4v/lib/libc_psr.so.1
> 
> 
> can help please?
> 
> tnx


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] symbol SSLv2_client_method

2018-02-07 Thread Pietro Pesce

hello

i have a solaris zone whit apache:

# /app/apache/bin/httpd -version
Server version: Apache/2.0.59
Server built:   Jun 18 2007 14:27:08

when a try to start receive this error:

yntax error on line 32 of /app/apache/conf/httpd.conf:
Cannot load /app/apache/modules/mod_ssl.so into server: ld.so.1: httpd:
fatal: relocation error: file /app/apache/modules/mod_ssl.so: symbol
SSLv2_client_method: referenced symbol not found

# ldd /app/apache/modules/mod_ssl.so
libc.so.1 => /lib/libc.so.1
libgcc_s.so.1 => /usr/sfw/lib/libgcc_s.so.1
libm.so.2 => /lib/libm.so.2
/lib/libm/libm_hwcap1.so.2
/platform/sun4v/lib/libc_psr.so.1

ldd /lib/libc.so.1
libm.so.2 => /lib/libm.so.2
/lib/libm/libm_hwcap1.so.2
/platform/sun4v/lib/libc_psr.so.1


can help please?

tnx

[users@httpd] SSL Certificate Validation

Re: [users@httpd] symbol SSLv2_client_method

Re: [users@httpd] symbol SSLv2_client_method

Re: [users@httpd] symbol SSLv2_client_method

[users@httpd] symbol SSLv2_client_method

5 matches

Site Navigation

Mail list logo

Footer information