Re: SSLeay
On Mon, May 15, 2000 at 06:05:30PM +0800, Mark Lo wrote: Hi, Where Can I get the latest SSLeay, so that I can install with the Apache 1.3.12 and mod_ssl. That is OpenSSL you want - go http://www.openssl.org/ vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: VeriSign keys.
place a SSLCertificateKeyfile and a SSLCertificatePrivateKey (must look like that, not sure of the grammar) in each of your virtual host ... (the good one naturally) Woops it works !!! Is'nt Apache the best Web server ?? -Message d'origine- De : Zohar Friling [mailto:[EMAIL PROTECTED]] Envoyé : lundi 15 mai 2000 17:23 À : [EMAIL PROTECTED] Objet : VeriSign keys. Hi, I have several domains name and for each I have a separate key from VeriSign. How could I use them In the same httpd.conf If I want to hosts them on the same sever, using virtual server. which directive I should place beneath each virtual host section. Where can I look for example conf file? Please advise, Thanks. Zohar. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Mod_SSL Running...
..but where? I'm able to start apache with mod_ssl, and the ssl_engine log verifies that it has started, but when I go to https://localhost:443, it's not there. Interestingly enough however, if I go to http://localhost:443, I get the content from port 8080. I know that it's listening to both ports, but why doesn't https work? Tim Willis IS Technician Code Rite [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
FW: Mod_SSL Running...
..but where? I'm able to start apache with mod_ssl, and the ssl_engine log verifies that it has started, but when I go to https://localhost:443, it's not there. Interestingly enough however, if I go to http://localhost:443, I get the content from port 8080. I know that it's listening to both ports, but why doesn't https work? Additional information: In the error.log, each time I try to access https://localhost:443, I find this entry: [Mon May 15 12:09:51 2000] [error] [client 127.0.0.1] Invalid method in request a __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
mod_so
John, mod_so.c comes as part of the "JOE AVERAGE" installation only if mod_ssl is built as a DSO module with --enable-shared=ssl. I chose not to do that. I re-built as per the FOR REAL HACKERS mod_ssl instructions, still without --enable-shared=ssl, but with --enable-module=so to get DSO capability even though I didn't want DSO for ssl. Diana Shepard At 10:42 AM 5/10/00 +0100, you wrote: Type httpd -l To show what modules are compiled. I believe that mod_so.c comes as part of the "JOE AVERAGE" installation. If you have that, you can use apxs to add modules to Apache-mod_ssl. Having said that, I've yet to get an added module working! John -Original Message- From: Diana Shepard [mailto:[EMAIL PROTECTED]] Sent: 09 May 2000 18:16 To: [EMAIL PROTECTED] Subject: I've successfully built Apache 1.3.12 with mod_ssl 2.6.4-1.3.12 and OpenSSL via the JOE AVERAGE mod_ssl INSTALL instructions. That INSTALL document says "You...get no intermediate chance to add more third party Apache modules.." Does that mean never once Apache is installed? That is, can I now add mod_so, for example, or do I have to start all over again? Also, has any one added module mod_jrun? The JRUN Apache instructions say to compile apache for DSO support (hence the need for mod_so above) and then to "Run the connector wizard..". How is that done? Many thanks. Diana Shepard University of Colorado, Boulder __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Mod_SSL Running...
On Mon, May 15, 2000 at 11:53:27AM -0500, Tim Willis wrote: ..but where? I'm able to start apache with mod_ssl, and the ssl_engine log verifies that it has started, but when I go to https://localhost:443, it's not there. Interestingly enough however, if I go to http://localhost:443, I get the content from port 8080. I know that it's listening to both ports, but why doesn't https work? What does you Listen directives say? And what about the VirtualHost host directive - the latest versions of apache+mod_ssl will start on ports 8080 and 8433 if it is installed by a non root user. Note that both the http and https ports point to the same document root by default. vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: FW: Mod_SSL Running...
On Mon, May 15, 2000 at 12:13:32PM -0500, Tim Willis wrote: In the error.log, each time I try to access https://localhost:443, I find this entry: [Mon May 15 12:09:51 2000] [error] [client 127.0.0.1] Invalid method in request a That looks like somebody trying to connect without SSL on an SSL port. You could try out your connection with openssl: openssl s_client -connect localhost:443 -debug vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Mod_SSL Running...
Hi Tim, Try writing a Perl script to print out the environment variables and run it in both http and https to check where the document root for each is pointed to. In my case, I had to same symthoms... to correct my problem, I recompile mod_ssl with "--prefix=/path/to/apache". Luke [EMAIL PROTECTED] -Original Message- From: Tim Willis [EMAIL PROTECTED] To: Mod_SSL List [EMAIL PROTECTED] Date: Tuesday, May 16, 2000 4:05 AM Subject: Mod_SSL Running... ..but where? I'm able to start apache with mod_ssl, and the ssl_engine log verifies that it has started, but when I go to https://localhost:443, it's not there. Interestingly enough however, if I go to http://localhost:443, I get the content from port 8080. I know that it's listening to both ports, but why doesn't https work? Tim Willis IS Technician Code Rite [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
when use https ,pop safe warning windows
modssl-users: when I use "https://my webserver/" to request my webserver,my IE5 will pop a message button to tell me: "message that you exchange this site can noe be read and changed by others man,but certificate on this site have problem. 1 this certificate was signed by company you don't select,you may check certificate in order to confirm trusted authority. 2 date of this certificate is valid 3 certificate name match site name ". why to pop this message windows? I want to cancel this message windows,what to do? how should I config httpd.conf ? my httpd.conf about ssl config: SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt Directory / SSLVerifyClient optional SSLVerifyClient none SSLVerifyDepth 5 SSLOptions +FakeBasicAuth +StrictRequire SSLRequireSSL /Directory when I "make certificate",I use default value to get it. wen [EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
SSLeay
Hi, Where Can I get the latest SSLeay, so that I can install with the Apache 1.3.12 and mod_ssl. Thank You Mark __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]