Re: problem with simple redirection
Lanny Baron wrote: Hello, I have a simple redirection for our web based mail that goes from a http to https. The problem seems to be that if anyone from outside the LAN tries to get to http://webmail.freebsdsystems.com they simply can't. Our virtualhost container is: VirtualHost 216.126.94.34 ServerAdmin [EMAIL PROTECTED] ServerName webmail.FreeBSDsystems.COM Redirect / https://secure.freebsdsystems.com/cgi-bin/sqwebmail/sqwebmail ErrorLog /var/log/www/webmail.freebsdsystems.com-error_log TransferLog /var/log/www/webmail.freebsdsystems.com-access_log /VirtualHost Just tested it and it works fine. What is the problem? Rgds, Owen Boyle. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
multi certificates on one server
I want to configure apache to use two or more key files and certificate files, but i couldn't. When i configure two virtual hosts with diffrent key files and certs, the second one uses the cert of first one. Thank you for your helps... -- Mecit Bilir Medyatext
Re: multi certificates on one server
On Mon, Jul 23, 2001 at 03:59:19PM +0300, Mecit Bilir wrote: I want to configure apache to use two or more key files and certificate files, but i couldn't. When i configure two virtual hosts with diffrent key files and certs, the second one uses the cert of first one. This is in the FAQ: http://www.modssl.org/docs/2.8/ssl_faq.html#vhosts vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: mod_ssl and name-based virtual hosts
http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47 [EMAIL PROTECTED] wrote: can some one send me the proper syntax for setting up name-based virtual host with ssl? I have tried several things and only nonvitrual host seem to work. thanks Robert -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael Grant Sent: Wednesday, July 18, 2001 3:52 AM To: [EMAIL PROTECTED] Subject: Re: mod_ssl and name-based virtual hosts Jeff wrote: What is the host name (common name) in the certificates ??? I suspect you have used *.mydomain.dom - correct ??? Hmm, I'm also using name based virtual hosting with ssl as well, but my cert isn't *.domain.dom, it's just cn=domain.dom. The virtual hosts are of the form sub1.domain.dom and sub2.domain.dom. When I first accessed the domain, my browser asked me to accept the cert, it never said anything about the domain names not matching. I do, however, get the following errors in my apache_ssl_engine_log: Init: (sub1.domain.dom:443) RSA server certificate CommonName (CN) `domain.dom' does NOT match server name!? but otherwise, it doesn't seem to cause any problems except that I have this annoying floating point error... For those who asked previously, I'm running % httpd -version Server version: Apache/1.3.20 (Unix) Server built: May 24 2001 17:21:45 % gcc --version 2.95.3 % uname -v FreeBSD 4.3-STABLE #0: Sat Apr 28 11:05:39 EDT 2001 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Certificate revocation
Hi, i would like to know how can i revocate a certificate in a system using linux 7, apache with modssl 2.6, and how can i send this certificate to a CRL in case that is not occurs automatically. thanks. Juan Carlos Albores Aguilar
mod_ssl/apache problem
Hi, I am getting the following error: [Mon Jul 23 10:58:05 2001] [error] [client 158.222.3.191] Invalid method in request F when trying to go to my box via https. Does anyone have any clues they can offer as to what might be wrong? Thanks In Advance Drew __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Certificate revocation
On Mon, Jul 23, 2001 at 01:26:58PM -0500, Juan Carlos Albores Aguilar wrote: Hi, i would like to know how can i revocate a certificate in a system using linux 7, apache with modssl 2.6, and how can i send this certificate to a CRL in case that is not occurs automatically. Take a look at http://www.apacheweek.com/issues/00-12-22#crl and http://www.openssl.org/docs/apps/crl.html vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: mod_ssl/apache problem
On Mon, Jul 23, 2001 at 11:57:02AM -0700, Drew Wilder-Goodwin wrote: Hi, I am getting the following error: [Mon Jul 23 10:58:05 2001] [error] [client 158.222.3.191] Invalid method in request F when trying to go to my box via https. Does anyone have any clues they can offer as to what might be wrong? Possibly trying to use HTTPS on a HTTP port or the other way around. you could try: openssl s_client -connect localhost:443 vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: mod_ssl/apache problem
A good suggestion is to search the list archives at http://marc.theaimsgroup.com/?l=apache-modssl;. I did and found the following entry from Ralf back in March of 2000: The problem is just that you are speaking HTTPS to a port where only HTTP is spoken. I seem to remember a similar error when I hadn't properly set up my Listen directive for port 443 in httpd.conf e.g. IfDefine SSL Listen 80 Listen 443 /IfDefine Jay -Original Message- From: Drew Wilder-Goodwin [mailto:[EMAIL PROTECTED]] Sent: Monday, July 23, 2001 1:57 PM To: [EMAIL PROTECTED] Subject: mod_ssl/apache problem Hi, I am getting the following error: [Mon Jul 23 10:58:05 2001] [error] [client 158.222.3.191] Invalid method in request F when trying to go to my box via https. Does anyone have any clues they can offer as to what might be wrong? Thanks In Advance Drew -- Jay Burgess Delano Technology Corporation mailto:[EMAIL PROTECTED] (913) 438-9444 x154 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: mod_ssl/apache problem
I think that might be the problem in this case as well, but in a different spot.. I had already changed the listen lines for the correct ports, but I overlooked the VirtaulHost line, which still read 8443. I just fixed it a min ago and am going to see if it works in a few, thanks for the input. Drew On Mon, 23 Jul 2001, Jay Burgess wrote: A good suggestion is to search the list archives at http://marc.theaimsgroup.com/?l=apache-modssl;. I did and found the following entry from Ralf back in March of 2000: The problem is just that you are speaking HTTPS to a port where only HTTP is spoken. I seem to remember a similar error when I hadn't properly set up my Listen directive for port 443 in httpd.conf e.g. IfDefine SSL Listen 80 Listen 443 /IfDefine Jay -Original Message- From: Drew Wilder-Goodwin [mailto:[EMAIL PROTECTED]] Sent: Monday, July 23, 2001 1:57 PM To: [EMAIL PROTECTED] Subject: mod_ssl/apache problem Hi, I am getting the following error: [Mon Jul 23 10:58:05 2001] [error] [client 158.222.3.191] Invalid method in request F when trying to go to my box via https. Does anyone have any clues they can offer as to what might be wrong? Thanks In Advance Drew -- Jay Burgess Delano Technology Corporation mailto:[EMAIL PROTECTED] (913) 438-9444 x154 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Why does Listen 80 have to be commented out for HTTPS towork?
Apache-1.3.12/Mod_SSL-2.6.6/OpenSSL-0.9.5a/SuSE7.0 The httpd.conf file has the following as the default: #Port: The port to which the standalone server listens... Port 80 ## SSL Support ## When we also provide SSL we have to listen to the ## standard HTTP port (see above) and to the HTTPS port IfDefine SSL Listen 80 Listen 443 /IfDefine SSL Leaving the above as is, allows me to connect to HTTP, but not to HTTPS (Netscape's network connection was refused by the server...) On the other hand, if I comment out the line Listen 80, then I can connect to both HTTP and HTTPS. Why is this? I'm I doing something wrong? (Why doesn't the default work?) Thanks in advance. Jorge Jorge Emilio Jo Senior Software Test Engineer Infrastructure Enablement Group Advanced Micro Devices, Inc. Phone: (408) 749-3712 mailto:[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: mod_ssl/apache problem
Try ensuring the SSLRequire directive are in vhosts on port 443 only, along with SSLEngine on ... and that all other vhosts (particularly the ones on port 80) have an SSLEngine off. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jay Burgess Sent: Monday, July 23, 2001 3:31 PM To: [EMAIL PROTECTED] Subject: RE: mod_ssl/apache problem A good suggestion is to search the list archives at http://marc.theaimsgroup.com/?l=apache-modssl;. I did and found the following entry from Ralf back in March of 2000: The problem is just that you are speaking HTTPS to a port where only HTTP is spoken. I seem to remember a similar error when I hadn't properly set up my Listen directive for port 443 in httpd.conf e.g. IfDefine SSL Listen 80 Listen 443 /IfDefine Jay -Original Message- From: Drew Wilder-Goodwin [mailto:[EMAIL PROTECTED]] Sent: Monday, July 23, 2001 1:57 PM To: [EMAIL PROTECTED] Subject: mod_ssl/apache problem Hi, I am getting the following error: [Mon Jul 23 10:58:05 2001] [error] [client 158.222.3.191] Invalid method in request F when trying to go to my box via https. Does anyone have any clues they can offer as to what might be wrong? Thanks In Advance Drew -- Jay Burgess Delano Technology Corporation mailto:[EMAIL PROTECTED] (913) 438-9444 x154 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Certificate Request
Hi, i have created my own CA and i would like to know how can i ask this CA for a certificate from a remote host, i mean, from a different host i create the .csr, but how a ask for my CA to sign this csr and build a certificate, and finally, how my CA send the certificate, is all this made by my own ways, manually, or openssl and modssl help with all this procedures. thanks juan carlos albores aguilar __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
No CRL
I have a system with apache and modssl 2.6 and i've created my own CA but i don't find the CRL, as i've read, i should have a ca.crl file wich i don't have, should i create it?? or something is wrong with my setting up, please help me, thanks juan carlos albores aguilar __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]