Hi, Marco and all the readers.
I have similar problem, but it bothering me only at RA side, when I need to
sign requests.
All the .xml access control files are with such channel config:
<channel>
<type>mod_ssl</type>
<protocol>ssl</protocol>
<source>.*</source>
<asymmetric_cipher>.*</asymmetric_cipher>
<asymmetric_keylength>0</asymmetric_keylength>
<symmetric_cipher>.*</symmetric_cipher>
<symmetric_keylength>0</symmetric_keylength>
</channel>
I can browse RA, RA NODE, LDAP and PUB web interfaces, but at RA side I
can't sign request. This problem is only with OpenCA 0.9.2.5, older version
(I didn' remember which) without UTF8 support is working well. I think I
have such problem because of different openssl versions on the system -
OpenCA uses Openssl 0.9.8 and Apache uses Openssl 0.9.7. I will investigate
this problem later, because just of lack of time.
Cheers,
Dmitrij
________________________________
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marco Simon
Sent: Monday, May 29, 2006 3:27 PM
To: [EMAIL PROTECTED]; [email protected]
Subject: Re: [Openca-Users] Error 6251026 (wrong protocol)
Hi Jorge,
the httpd_protocol-option is set to https.
In the meanwhile I figured out that it
works if I change the following options:
config.xml:
httpd_protocol --> http (instead of https)
httpd_port --> 80 (instead of 43)
access_control/*.xls:
"<protocol>.*</protocol>" instead of "<protocol>ssl</protocol>"
"<symmetric_keylength>0</symmetric_keylength>" instead of
"<symmetric_keylength>128</symmetric_keylength>"
But I guess that deactivats the secure communication completly,
which can't be in the developers' sense.
So - what's the hatch ?
Look at the config.xml:
<!-- ======================== -->
<!-- web server configuration -->
<!-- ======================== -->
<option>
<name>httpd_protocol</name>
<value>https</value>
</option>
Be sure https is specified as httpd_protocol.
Greetings
Jorge
Marco Simon wrote:
> Hi everybody,
>
> I've set up an openca some days ago. It works quite fine
for
> the ca - module. My problem is:
>
> All the other modules (ldap, node, pub, ra) throw the
follwing
> error-messages as soon as I'm redirected to the modules:
>
>
> Error 6251026
>
> *General Error* Aborting connection -
you are using
> a wrong security protocol (http).
>
>
> The page's url is e.g.:
>
https://myserver/cgi-bin/ldap/ldap?cmd=getStaticPage&name=index
>
<https://myserver/cgi-bin/ldap/ldap?cmd=getStaticPage&name=index>
<https://myserver/cgi-bin/ldap/ldap?cmd=getStaticPage&name=index> -
> the transmission
> between my client and the server seems to be
encrypted/protected. My
> firefox confirms (via the page-properties)
> that the connection is encrypted. So I'm obviously using
https - which
> should be the correct protocol. Anyway -
> openca obviously doesnt notice that - for all modules but
the ca-module.
>
> Any hints ? Do you need any further information for giving
me a
> suitable answer ?
> Thanks in advance,
>
> Greetings,
> Marco
>
>
>
--__--__
-------------------------------------------------------
All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
