Re: MOD_SSL + MSIE 5.x
RTFM: http://www.modssl.org/docs/2.7/ssl_reference.html#ToC19 What version of Apache/mod_ssl/openssl are you using? How did you build/install it? On what platform? -Dave On Tue, Nov 14, 2000 at 01:45:17AM -0600, Brendon Maragia wrote: > Boy err..turn up debugging? I'm not quite sure how can somebody explain? > As for server certificates I THINK i'm using RSAREF-2.0 that or > server.crt/.csr. > > > >From: David Rees <[EMAIL PROTECTED]> > >Reply-To: [EMAIL PROTECTED] > >To: [EMAIL PROTECTED] > >Subject: Re: MOD_SSL + MSIE 5.x > >Date: Mon, 13 Nov 2000 23:38:51 -0800 > > > >What type of certificate are you using? If you turn up debugging, what > >does the ssl_engine.log say? > > > >-Dave > > > >On Mon, Nov 13, 2000 at 10:13:20PM -0600, Brendon Maragia wrote: > > > I just finished configuration of mod_ssl + apache to find that I can't > > > connect through MSIE 5.5 >:(. I read up at modssl.org and did as they > > > suggested in my vhost directive in httpd.conf... > > > > > > #%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#% > > > > > > SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP > > > > > > SetEnvIf User-Agent ".*MSIE.*" \ > > > nokeepalive ssl-unclean-shutdown \ > > > downgrade-1.0 force-response-1.0 > > > > > > #%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#% > > > > > > no use, doesn't work :( does anybody have any suggestions or work > >arounds > > > that I can use? > > > > > > -Brendon __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: MOD_SSL + MSIE 5.x
Boy err..turn up debugging? I'm not quite sure how can somebody explain? As for server certificates I THINK i'm using RSAREF-2.0 that or server.crt/.csr. >From: David Rees <[EMAIL PROTECTED]> >Reply-To: [EMAIL PROTECTED] >To: [EMAIL PROTECTED] >Subject: Re: MOD_SSL + MSIE 5.x >Date: Mon, 13 Nov 2000 23:38:51 -0800 > >What type of certificate are you using? If you turn up debugging, what >does the ssl_engine.log say? > >-Dave > >On Mon, Nov 13, 2000 at 10:13:20PM -0600, Brendon Maragia wrote: > > I just finished configuration of mod_ssl + apache to find that I can't > > connect through MSIE 5.5 >:(. I read up at modssl.org and did as they > > suggested in my vhost directive in httpd.conf... > > > > #%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#% > > > > SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP > > > > SetEnvIf User-Agent ".*MSIE.*" \ > > nokeepalive ssl-unclean-shutdown \ > > downgrade-1.0 force-response-1.0 > > > > #%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#% > > > > no use, doesn't work :( does anybody have any suggestions or work >arounds > > that I can use? > > > > -Brendon >__ >Apache Interface to OpenSSL (mod_ssl) www.modssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager[EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: MOD_SSL + MSIE 5.x
What type of certificate are you using? If you turn up debugging, what does the ssl_engine.log say? -Dave On Mon, Nov 13, 2000 at 10:13:20PM -0600, Brendon Maragia wrote: > I just finished configuration of mod_ssl + apache to find that I can't > connect through MSIE 5.5 >:(. I read up at modssl.org and did as they > suggested in my vhost directive in httpd.conf... > > #%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#% > > SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP > > SetEnvIf User-Agent ".*MSIE.*" \ > nokeepalive ssl-unclean-shutdown \ > downgrade-1.0 force-response-1.0 > > #%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#% > > no use, doesn't work :( does anybody have any suggestions or work arounds > that I can use? > > -Brendon __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
MOD_SSL + MSIE 5.x
I just finished configuration of mod_ssl + apache to find that I can't connect through MSIE 5.5 >:(. I read up at modssl.org and did as they suggested in my vhost directive in httpd.conf... #%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#% SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 #%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#%#% no use, doesn't work :( does anybody have any suggestions or work arounds that I can use? -Brendon _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: test
Just a silly filter that was set by our very keen IT team. Thanks for your reply > -Original Message- > From: Rolle, Ted [mailto:[EMAIL PROTECTED]] > Sent: 10 November 2000 20:17 > To: '[EMAIL PROTECTED]' > Subject: RE: test > > > Virtually, or Really? > > -Original Message- > From: Corinne Dive-Reclus [mailto:[EMAIL PROTECTED]] > Sent: Friday, November 10, 2000 12:06 > To: [EMAIL PROTECTED] > Subject: test > > > Anyone alive today ? > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] > __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Apache, SSL and CRL Managing !
ok ! i'll restart apache :/ thanks you for your answer ! Thierry -Message d'origine- De: Owen Boyle [mailto:[EMAIL PROTECTED]] Date: lundi 13 novembre 2000 14:10 À: [EMAIL PROTECTED] Objet: Re: Apache, SSL and CRL Managing ! BERWART Thierry wrote: > All's working but i must update the crl every day. > And when i replace the crl file, apache don't reload the crl ! > and so, i must restart apache :( I'm not sure what your problem actually is! I assume you mean that something external to apache makes you update the crl file every day but you don't like to have to restart apache. If so, then I'm afraid there is no solution. Apache always needs some form of restart to force it to reload *any* configuration information. You could try "# apachectl graceful" which will send the server a -USR1 signal. This will cause a reload of httpd.conf without breaking any existing HTTP transactions (so no user will get a broken link - even momentarily). If you have to update the crl file anyway then maybe "doing a graceful" isn't so hard... Rgds, owen Boyle. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Apache, SSL and CRL Managing !
BERWART Thierry wrote: > All's working but i must update the crl every day. > And when i replace the crl file, apache don't reload the crl ! > and so, i must restart apache :( I'm not sure what your problem actually is! I assume you mean that something external to apache makes you update the crl file every day but you don't like to have to restart apache. If so, then I'm afraid there is no solution. Apache always needs some form of restart to force it to reload *any* configuration information. You could try "# apachectl graceful" which will send the server a -USR1 signal. This will cause a reload of httpd.conf without breaking any existing HTTP transactions (so no user will get a broken link - even momentarily). If you have to update the crl file anyway then maybe "doing a graceful" isn't so hard... Rgds, owen Boyle. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Apache, SSL and CRL Managing !
Hello, I have a big problem : I must manage the CRL files on a secure site (apache, mod-ssl) All's working but i must update the crl every day. And when i replace the crl file, apache don't reload the crl ! ( SSLCARevocationFile /opt/Applications/apache_1.3.12/conf/test_crl/crl.pem ) and so, i must restart apache :( Do you have another solution for my problem ??? Thanks Thierry __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: cgi-bin
> Having problems running a cgi script and I'm not sure why although its > probably something really simple! > > My error log says this.. > > (2)No such file or directory: exec of /home/video/cgi-bin/test.cgi > failed > Premature end of script headers: /home/video/cgi-bin/test.cgi > > The directory and script do exist and those paths are correct! What am I > missing? > In the first line of your cgi script you'll probably have something like: #!/usr/bin/perl Check that: (a) this path exists and is executable. (b) you are using unix line endings -- windows line endings usually don't work. Olly. _ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
ssl engine log
Hi, I found out something strange in my ssl engine log. That is, [info] Connection to child 9 closed with unclean shutdown (server admin.3dsources.com:443, client 192.168.42.2). I wonder what is wrong with my server. Thank you so much Mark LO __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Does it cache?
Keith Stropus wrote: > > I just set up modssl and it works find but I just noticed when I edit any > documents, the changes don't show up in my browser. I even went as far as > to rename half the documents in my htdocs folder, but it still loads > them!! Whats going on? Its driving me mad, I can't edit my web page. I > tried removing all of netscapes cache, even deleteing the cache directory, > but it did nothing, still loads the old documents. You *must* have an error in the configuration file. It's true that browser caches can be a bit annoying but -Reload forces a reload and bypasses the cache. Deleting the cache directory usually works too! So the problem must be with the configuration. I appreciate that it's driving you mad, but you must chill... get frosty... get mean... Now, read httpd.conf *very* carefully. First of all, do you have two sets of HTML (e.g. a development directory and a published directory)? This is usually the root cause of these types of problems. If so: - Could the DocumentRoot be pointing at the wrong one? - Do you have two instances of the server (one of which is serving the wrong tree)? - Do you have two virtualhosts (remember the first one usually gets picked if there is contention) one of which points at the wrong tree? It has to be getting the data from somewhere, you just have to find out where... Rgds, owen boyle. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: cgi-bin
Rob wrote: > > Having problems running a cgi script and I'm not sure why although its > probably something really simple! Try switching on CGI logging. This will give you a lot more information than you find in the error log: The directive to use is: ScriptLog /logs/common_script_log Be careful of a few things with this directive (read the appropriate documentation for it first): - The logfile should be owned by the user apache runs as (e.g. "apached"). This is different from most apache logfiles which are owned by root. - Do not continue to use this directive after you have debugged the problem. It produces a lot of output and slows the server. Other tips: - Try to execute the program from the command line to verify that it works. - Check that you are printing the CGI header before any other output. Rgds, OWen Boyle. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]