Re: [users@httpd] SSL Certificate Validation

2018-02-09 Thread Eric Covener
On Thu, Feb 8, 2018 at 12:51 PM, Houser, Rick wrote: > I didn’t think you could have two virtualhost entries with the same IP/port. That's just name-based virtualhosts. The first one is the default. -

Re: [users@httpd] SSL Certificate Validation

2018-02-09 Thread Dr James A Smith
[mailto:j...@sanger.ac.uk] *Sent:* Thursday, February 08, 2018 12:18 *To:* users@httpd.apache.org *Subject:* Re: [users@httpd] SSL Certificate Validation *EXTERNAL EMAIL* The easiest way to do this is to make sure you have the correct hostname in the virtual host - the one that matches your

RE: [users@httpd] SSL Certificate Validation

2018-02-08 Thread Houser, Rick
A Smith [mailto:j...@sanger.ac.uk] Sent: Thursday, February 08, 2018 12:18 To: users@httpd.apache.org Subject: Re: [users@httpd] SSL Certificate Validation EXTERNAL EMAIL The easiest way to do this is to make sure you have the correct hostname in the virtual host - the one that matches your

Re: [users@httpd] SSL Certificate Validation

2018-02-08 Thread Dr James A Smith
] *Sent:* Thursday, February 08, 2018 11:19 *To:* users@httpd.apache.org *Subject:* Re: [users@httpd] SSL Certificate Validation *EXTERNAL EMAIL* On Thu, Feb 8, 2018 at 7:36 AM, Belmona, Nizar <nbelm...@cscgroup.com <mailto:nbelm...@cscgroup.com>> wrote: Thanks Rainer and Daniel

RE: [users@httpd] SSL Certificate Validation

2018-02-08 Thread Houser, Rick
that might take aware the incentive they see to disabling the hostname verification in the first place. Rick Houser Web Engineer From: Eric Covener [mailto:cove...@gmail.com] Sent: Thursday, February 08, 2018 11:19 To: users@httpd.apache.org Subject: Re: [users@httpd] SSL Certificate Validation

Re: [users@httpd] SSL Certificate Validation

2018-02-08 Thread Eric Covener
On Thu, Feb 8, 2018 at 7:36 AM, Belmona, Nizar wrote: > Thanks Rainer and Daniel. > > Sorry for the confusion and please let me clarify. > > > > We have a web server with Apache 2.2.22 with OpenSSL 0.9.8t, the Apache > service launches fine and the users/developers are

RE: [users@httpd] SSL Certificate Validation

2018-02-08 Thread Belmona, Nizar
ay, February 8, 2018 12:38 PM To: <users@httpd.apache.org> <users@httpd.apache.org> Subject: Re: [users@httpd] SSL Certificate Validation Hello Nizar, You need to provide much more info on your current setup so we can provide any meaningful advice. Which SSL verification? What configuration? Rega

Re: [users@httpd] SSL Certificate Validation

2018-02-08 Thread Daniel
Hello Nizar, You need to provide much more info on your current setup so we can provide any meaningful advice. Which SSL verification? What configuration? Regarding httpd what's needed in config, the basic thing to have "SSLVerifyClient require" and a list of accepted CA's but that could be

[users@httpd] SSL Certificate Validation

2018-02-07 Thread Belmona, Nizar
Dear users, We are currently using Apache 2.2.22 (mod_ssl 2.2.22, OpenSSL/0.9.8t) and we have a security concern since developers are able to bypass the SSL certificate verification when using HTTPS calls. Kindly advise what configuration is needed to enforce the certificate verification? In