subject:"\[BackupPC\-users\] Backup PC on SSL"

Re: [BackupPC-users] Backup PC on SSL

2016-06-02 Thread FLORENT Philippe

Damned the default ssl site was not enabled.. f@#king apache

-Original Message-
From: Michael Stowe [mailto:mst...@chicago.us.mensa.org] 
Sent: mercredi 1 juin 2016 18:05
To: General list for user discussion, questions and support
Subject: Re: [BackupPC-users] Backup PC on SSL

On 2016-06-01 06:53, FLORENT Philippe wrote:
> It is a fresh unmodified debian/apache install

I note that fresh, unmodified debian/apache installations do not come with SSL 
configured, nor do they come with SSL certificates, naturally.  
If you want to use SSL, of course, you'll need to set this up yourself.

--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic 
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity planning 
reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] Backup PC on SSL

2016-06-02 Thread FLORENT Philippe

The ssl mod is enabled by default, I don't know about the certificates...

But I think I installed a wabmin like interface like ajile or something, and I 
am wondering if it could be the problem


-Original Message-
From: Michael Stowe [mailto:mst...@chicago.us.mensa.org] 
Sent: mercredi 1 juin 2016 18:05
To: General list for user discussion, questions and support
Subject: Re: [BackupPC-users] Backup PC on SSL

On 2016-06-01 06:53, FLORENT Philippe wrote:
> It is a fresh unmodified debian/apache install

I note that fresh, unmodified debian/apache installations do not come with SSL 
configured, nor do they come with SSL certificates, naturally.  
If you want to use SSL, of course, you'll need to set this up yourself.

--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic 
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity planning 
reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] Backup PC on SSL

2016-06-01 Thread Les Mikesell

On Wed, Jun 1, 2016 at 11:05 AM, Michael Stowe
 wrote:
> On 2016-06-01 06:53, FLORENT Philippe wrote:
>> It is a fresh unmodified debian/apache install
>
> I note that fresh, unmodified debian/apache installations do not come
> with SSL configured, nor do they come with SSL certificates, naturally.
> If you want to use SSL, of course, you'll need to set this up yourself.

However, note that different distributions have their own ways of
packaging and configuring things.  Be sure to follow a guide specific
to your OS distro - perhaps like this:
https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-debian-8

-- 
  Les Mikesell
lesmikes...@gmail.com

--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] Backup PC on SSL

2016-06-01 Thread Michael Stowe

On 2016-06-01 06:53, FLORENT Philippe wrote:
> It is a fresh unmodified debian/apache install

I note that fresh, unmodified debian/apache installations do not come 
with SSL configured, nor do they come with SSL certificates, naturally.  
If you want to use SSL, of course, you'll need to set this up yourself.

--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] Backup PC on SSL

2016-06-01 Thread FLORENT Philippe

It is a fresh unmodified debian/apache install

-Original Message-
From: Dmitry Katsubo [mailto:dm...@mail.ru] 
Sent: mardi 31 mai 2016 22:54
To: General list for user discussion, questions and support
Subject: Re: [BackupPC-users] Backup PC on SSL

On 2016-05-31 11:06, FLORENT Philippe wrote:
> 
> It's the defaut config file after install, the problem is that it's a 
> config, not a virtual host And I have no ide how to set that up
> 
> Ssl seems to work
> 
> CONNECTED(0003)
> 140357952337552:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown 
> protocol:s23_clnt.c:795:

This error message means that your server is not talking SSL over the port you 
used to connect. For comparison try the following:

openssl s_client -connect google.com:80
-- this will result the same error you provided in your email.

openssl s_client -connect google.com:443
-- this will result completely different picture; your server should return 
something similar.

Try adding -debug option (openssl s_client -debug -connect ...) -- if you see 
something like this:

read from 0x839e558 [0x83a47f0] (7 bytes => 7 (0x7))
 - 48 54 54 50 2f 31 2e  HTTP/1.

then you server is talking plain HTTP.

Try to start from the beginning: check that ssl module is loaded (apache2ctl 
-M) and enabled, grep for 443 (should find "Listen 443"), check logs, etc.

Anyway this is not BackupPC problem.

> ---
> no peer certificate available
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 7 bytes and written 289 bytes
> ---
> New, (NONE), Cipher is (NONE)
> Secure Renegotiation IS NOT supported
> Compression: NONE
> Expansion: NONE

--
With best regards,
Dmitry

--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic 
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity planning 
reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] Backup PC on SSL

2016-05-31 Thread Dmitry Katsubo

On 2016-05-31 11:06, FLORENT Philippe wrote:
> 
> It's the defaut config file after install, the problem is that it's a config, 
> not a virtual host
> And I have no ide how to set that up
> 
> Ssl seems to work
> 
> CONNECTED(0003)
> 140357952337552:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown 
> protocol:s23_clnt.c:795:

This error message means that your server is not talking SSL over the port you
used to connect. For comparison try the following:

openssl s_client -connect google.com:80
-- this will result the same error you provided in your email.

openssl s_client -connect google.com:443
-- this will result completely different picture; your server should return
something similar.

Try adding -debug option (openssl s_client -debug -connect ...) -- if you see
something like this:

read from 0x839e558 [0x83a47f0] (7 bytes => 7 (0x7))
 - 48 54 54 50 2f 31 2e  HTTP/1.

then you server is talking plain HTTP.

Try to start from the beginning: check that ssl module is loaded
(apache2ctl -M) and enabled, grep for 443 (should find "Listen 443"),
check logs, etc.

Anyway this is not BackupPC problem.

> ---
> no peer certificate available
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 7 bytes and written 289 bytes
> ---
> New, (NONE), Cipher is (NONE)
> Secure Renegotiation IS NOT supported
> Compression: NONE
> Expansion: NONE

-- 
With best regards,
Dmitry

--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] Backup PC on SSL

2016-05-31 Thread FLORENT Philippe


It's the defaut config file after install, the problem is that it's a config, 
not a virtual host
And I have no ide how to set that up

Ssl seems to work

CONNECTED(0003)
140357952337552:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown 
protocol:s23_clnt.c:795:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 289 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

--
 config file
Alias /backuppc /usr/share/backuppc/cgi-bin/


AllowOverride None
Allow from all

# Uncomment the line below to ensure that nobody can sniff importanti
# info from network traffic during editing of the BackupPC config or
# when browsing/restoring backups.
# Requires that you have your webserver set up for SSL (https) access.
#SSLRequireSSL

Options +ExecCGI +FollowSymlinks
AddHandler cgi-script .cgi
DirectoryIndex index.cgi

AuthUserFile /etc/backuppc/htpasswd
AuthType basic
AuthName "BackupPC admin"
require valid-user



-- default ssl 
apache file


ServerAdmin webmaster@localhost

DocumentRoot /var/www/html

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

SSLEngine on

SSLCertificateFile  /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key


SSLOptions +StdEnvVars


SSLOptions +StdEnvVars


BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown







-Original Message-
From: Dmitry Katsubo [mailto:dm...@mail.ru] 
Sent: lundi 30 mai 2016 14:51
To: General list for user discussion, questions and support
Subject: Re: [BackupPC-users] Backup PC on SSL

Hi,

It's difficult to guess, perhaps you could provide a complete vhost 
declaration? My guess could be completely unrelated, but have you checked that 
you have enabled SSL vhost:


 SSLEngine on
 ...


If so, try connecting to port 443 with telnet, or better with openssl:

$ openssl s_client -connect your.host:443

If that also works then try another more permissive browser, e.g. lynx.

P.S. BackupPC is working under SSL just fine for me.

On 2016-05-30 11:09, FLORENT Philippe wrote:
> Hi Everyone,
> 
> I tried to enabling the SSL web interface by uncommenting 
> SSLRequireSSL (debian 2.4)
> 
> Althought it says I cant connect anymore in firefox with http, it 
> gives an ssl connection error as I try https
> 
> Is there not some block of options for https virtual hosts in this 
> case? .. and certificates involved too ?
> 
> (on Debian 2.4, the installation is not perfect since I had to add
> +ExecCGI to have the web page work)
> 
> Thanks
> 
> Phil


--
With best regards,
Dmitry

--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic 
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity planning 
reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] Backup PC on SSL

2016-05-30 Thread Dmitry Katsubo

Hi,

It's difficult to guess, perhaps you could provide a complete vhost 
declaration? My guess could be completely unrelated, but have you 
checked that you have enabled SSL vhost:


 SSLEngine on
 ...


If so, try connecting to port 443 with telnet, or better with openssl:

$ openssl s_client -connect your.host:443

If that also works then try another more permissive browser, e.g. lynx.

P.S. BackupPC is working under SSL just fine for me.

On 2016-05-30 11:09, FLORENT Philippe wrote:
> Hi Everyone,
> 
> I tried to enabling the SSL web interface by uncommenting SSLRequireSSL 
> (debian 2.4)
> 
> Althought it says I cant connect anymore in firefox with http, it gives 
> an ssl connection error as I try https
> 
> Is there not some block of options for https virtual hosts in this 
> case? .. and certificates involved too ?
> 
> (on Debian 2.4, the installation is not perfect since I had to add 
> +ExecCGI to have the web page work)
> 
> Thanks
> 
> Phil


-- 
With best regards,
Dmitry

--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

[BackupPC-users] Backup PC on SSL

2016-05-30 Thread FLORENT Philippe

Hi Everyone,

I tried to enabling the SSL web interface by uncommenting SSLRequireSSL (debian 
2.4)

Althought it says I cant connect anymore in firefox with http, it gives an ssl 
connection error as I try https

Is there not some block of options for https virtual hosts in this case? .. and 
certificates involved too ?

(on Debian 2.4, the installation is not perfect since I had to add +ExecCGI to 
have the web page work)

Thanks

Phil
--
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] Backup PC on SSL

Re: [BackupPC-users] Backup PC on SSL

Re: [BackupPC-users] Backup PC on SSL

Re: [BackupPC-users] Backup PC on SSL

Re: [BackupPC-users] Backup PC on SSL

Re: [BackupPC-users] Backup PC on SSL

Re: [BackupPC-users] Backup PC on SSL

Re: [BackupPC-users] Backup PC on SSL

[BackupPC-users] Backup PC on SSL

9 matches

Site Navigation

Mail list logo

Footer information