make fails with db1/ndbm.h: No suh file
Hello, I am trying to install mod_ssl on SuSE 7.1(kernel 2.4) with apache 1.3.19 and openssl-0.9.6a. The mod_ssl make failes with db1/ndbm.h: no such fail And I don't see that header in my installation Any help on this is deeply appreciated. Regards, sundar __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: SSLCertificateChain file for Intermediate CA
On Sun, 20 May 2001, Damon Maria wrote: > I may as well, I'm running out of other options. If that fails, there's always Windows... muahahahahaha. -- Regards, Juha PGP fingerprint: B7E1 CC52 5FCA 9756 B502 10C8 4CD8 B066 12F3 9544 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: SSLCertificateChain file for Intermediate CA
Juha Saarinen wrote: > > On Sun, 20 May 2001, Damon Maria wrote: > > > One thing I haven't mentioned previously is that I'm running Apache > > 1.3.12 and mod_ssl 2.6. But I presume there shouldn't be a problem with > > either of these versions. > > Well... Can't hurt to upgrade, can it? I'm running Apache 1.3.19 with > mod_ssl 2.8.1-1.6.0 (weird versioning courtesy of the RPM packager), and > it uses the SSLCertificateChain thang without problems. I may as well, I'm running out of other options. thanks again for the help, Damon. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: SSLCertificateChain file for Intermediate CA
On Sun, 20 May 2001, Damon Maria wrote: > One thing I haven't mentioned previously is that I'm running Apache > 1.3.12 and mod_ssl 2.6. But I presume there shouldn't be a problem with > either of these versions. Well... Can't hurt to upgrade, can it? I'm running Apache 1.3.19 with mod_ssl 2.8.1-1.6.0 (weird versioning courtesy of the RPM packager), and it uses the SSLCertificateChain thang without problems. -- Regards, Juha PGP fingerprint: B7E1 CC52 5FCA 9756 B502 10C8 4CD8 B066 12F3 9544 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: SSLCertificateChain file for Intermediate CA
> Without going through mod_ssl's source: did you try to put the complete > chain into the ChainFile? Tried this, but it didn't make any difference. > With respect to the error message, mod_ssl can write more messages > than that into e.g. an ssl_engine_log. Did you check all possible > logfiles? I've checked, even with SSLLogLevel debug I couldn't get anymore out of it. I've since looked through the mod_ssl source and if there is any kind of error while trying to load the ChainFile then the generic "Failed to configure CA certificate chain!" messge is produced. Not very helpful really since there are many possibilities. I have also tried using SSLCACertificateFile instead of and in conjunction with SSLCertificateChainFile. This was described at http://www.verisign.com/support/tlc/class3_install_docs/ssleay/v00g.html as the instructions for ApacheSSL rather than mod_ssl. If used instead of SSLCertificateChainFile no init errors happen and the following is reported in ssl_engine_log: [20/May/2001 15:10:19 11541] [trace] Init: (www.motorweb.co.nz:443) Configuring client authentication [20/May/2001 15:10:19 11541] [trace] CA certificate: /O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign So it appears there is nothing wrong with my Intermediate Certificate (since that's what the trace is outputing) or Apache's ability to read it. Why oh why then doesn't it work with SSLCertificateChainFile, agh! Thanks for the help and suggestions, but I'm still stuck. One thing I haven't mentioned previously is that I'm running Apache 1.3.12 and mod_ssl 2.6. But I presume there shouldn't be a problem with either of these versions. regards, Damon. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
R: R: Cert signed by own CA and IE
Sorry for delay, I was on beach... :) I saw you solved your problem. Great. --- Cordiali saluti / Best regards Andrea Cerrito ^^ Net.Admin @ Centro MultiMediale di Terni S.p.A. P.zzale Bosco 3A 05100 Terni IT Tel. +39 744 5441330 Fax. +39 744 5441372 > -Messaggio originale- > Da: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]Per conto di Paul-Catalin Oros > Inviato: venerdi 18 maggio 2001 17.59 > A: [EMAIL PROTECTED] > Oggetto: Re: R: Cert signed by own CA and IE > > > Hi Arcady! > > Have you solved your problem? I wasw able to install your > Certificate, after I installed your self-signed CA certificate. > Is it possible this to be the missing step in your testing? The > CA cert has to be added to your root auth., then you'll be able > to install the actual server certificate. > > Hope this help, > > Paul > > PS: I am using IE 5.0 > > On Wed, 16 May 2001, Arcady Genkin wrote: > > > "Andrea Cerrito" <[EMAIL PROTECTED]> writes: > > > > > > > > Connecting to a secure site with a certificate signed > by own CA, IE > > > > > > seems to provide no obvious way of permanently adding > the cert to the > > > > > > browser's configuration. As a result, a warning that > "The security > > > > > > certificate is issued by a company you have not chosen > to trust..." is > > > > > > displayed every time I'm trying to establish a > connection. Is there a > > > > > > fool-proof way to permanently add a certificate or tell > IE that the CA > > > > > > is to be trusted? > > > > > > > > > > Show Certificate / Install Certificate. > > > > > > > > I tried that, and it didn't work. It told me that the > certificate was > > > > installed successfully, but once I quit IE, restart it, and load the > > > > page again, it displays the same warning again. > > > > > > > > The minimal html page I'm experimenting with is at https://www.thpoon.com > > > If anyone would try to install the certificate from it in IE: maybe I > > > did something wrong with configuration? > > > > I wasn't able to install it. Can u print your conf? > > You mean from httpd.conf? Since it's huge, I've posted it at > > http://www.thpoon.com/tmp/httpd.conf > > rather than sending to the list. The SSL-related stuff is at the > bottom of it. > > Thanks! > > p.s. This is a repost, since I have replied from a different email > address than the one I've subscribed from and I'm afraid that it > didn't come through. Sorry if this is a dupe. > -- > Arcady Genkin > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] -- Bills travel through the mail at twice the speed of checks __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
