On Thu, Feb 8, 2018 at 12:51 PM, Houser, Rick wrote:
> I didn’t think you could have two virtualhost entries with the same IP/port.
That's just name-based virtualhosts. The first one is the default.
-
[mailto:j...@sanger.ac.uk]
*Sent:* Thursday, February 08, 2018 12:18
*To:* users@httpd.apache.org
*Subject:* Re: [users@httpd] SSL Certificate Validation
*EXTERNAL EMAIL*
The easiest way to do this is to make sure you have the correct
hostname in the virtual host - the one that matches your
A Smith [mailto:j...@sanger.ac.uk]
Sent: Thursday, February 08, 2018 12:18
To: users@httpd.apache.org
Subject: Re: [users@httpd] SSL Certificate Validation
EXTERNAL EMAIL
The easiest way to do this is to make sure you have the correct hostname in the
virtual host - the one that matches your
]
*Sent:* Thursday, February 08, 2018 11:19
*To:* users@httpd.apache.org
*Subject:* Re: [users@httpd] SSL Certificate Validation
*EXTERNAL EMAIL*
On Thu, Feb 8, 2018 at 7:36 AM, Belmona, Nizar <nbelm...@cscgroup.com
<mailto:nbelm...@cscgroup.com>> wrote:
Thanks Rainer and Daniel
that might take aware the
incentive they see to disabling the hostname verification in the first place.
Rick Houser
Web Engineer
From: Eric Covener [mailto:cove...@gmail.com]
Sent: Thursday, February 08, 2018 11:19
To: users@httpd.apache.org
Subject: Re: [users@httpd] SSL Certificate Validation
On Thu, Feb 8, 2018 at 7:36 AM, Belmona, Nizar
wrote:
> Thanks Rainer and Daniel.
>
> Sorry for the confusion and please let me clarify.
>
>
>
> We have a web server with Apache 2.2.22 with OpenSSL 0.9.8t, the Apache
> service launches fine and the users/developers are
ay, February 8, 2018 12:38 PM
To: <users@httpd.apache.org> <users@httpd.apache.org>
Subject: Re: [users@httpd] SSL Certificate Validation
Hello Nizar,
You need to provide much more info on your current setup so we can provide any
meaningful advice. Which SSL verification? What configuration?
Rega
Hello Nizar,
You need to provide much more info on your current setup so we can provide
any meaningful advice. Which SSL verification? What configuration?
Regarding httpd what's needed in config, the basic thing to have
"SSLVerifyClient require" and a list of accepted CA's but that could be
Dear users,
We are currently using Apache 2.2.22 (mod_ssl 2.2.22, OpenSSL/0.9.8t) and we
have a security concern since developers are able to bypass the SSL certificate
verification when using HTTPS calls. Kindly advise what configuration is needed
to enforce the certificate verification? In