ModSSL Problem: SSLCache DBM file not present
Hi guys, after a reboot of my httpd service, normally scheduled via crontab, I experienced a problem. I have two systems with Redhat 6.2, Apache 1.3.14, mod-ssl 2.7.1, Openssl 0.9.6: first of all I have to say that this configuration is driven by a third part commercial software ( SAP ITS, wgate) installed on this systems. After my reboot I had a lot of entries in my ssl_engine.log like these: ***BOF*** [14/Jul/2003 06:45:16 03384] [error] Cannot open SSLSessionCache DBM file `/opt/httpd/logs/ssl_scache' for reading (fetch) (System error follows) [14/Jul/2003 06:45:16 03384] [error] System: File o directory inesistente * (errno: 2) ***EOF*** Excuse me for pasting log with italian entries; the * non existence file or directory. After another reboot aka re-reading my httpd.conf I can see in my log directory the files created by mod_ssl MY question would be: why I had this problems ? what kind of problem I experienced ? I didn't changed my file/directory permissions. Any ideas ? Regards, A. Andrea Iacopini, Technology Solutions, Networking and Security Competence Center REALTECH Italia S.p.A. - Technology drives e-Business Via Paolo di Dono, 73 - 00142 Roma, Italy [EMAIL PROTECTED] Mobile + 39 335 123.44.93 Tel. +39 06 51.95.981, Fax. +39 06 51.96.36.74 Valued IEEE Member, Member NO: 41412812 Real hackers don't die, just their TTL expires. [Unknown] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
[ANNOUNCE] mod_ssl 2.8.15 for Apache 1.3.28
As you've certainly recognized, Apache 1.3.28 was released. I've prepared the companion mod_ssl 2.8.15 which cleanly (without any conflicts) patches into its source tree. As usual, you can find it under: http://www.modssl.org/source/ ftp://ftp.modssl.org/source/ Yours, Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: [ANNOUNCE] mod_ssl 2.8.15 for Apache 1.3.28
fix the link - Original Message - From: Ralf S. Engelschall [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, July 18, 2003 1:20 PM Subject: [ANNOUNCE] mod_ssl 2.8.15 for Apache 1.3.28 As you've certainly recognized, Apache 1.3.28 was released. I've prepared the companion mod_ssl 2.8.15 which cleanly (without any conflicts) patches into its source tree. As usual, you can find it under: http://www.modssl.org/source/ ftp://ftp.modssl.org/source/ Yours, Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: [ANNOUNCE] mod_ssl 2.8.15 for Apache 1.3.28
Ihor Bilyy wrote: fix the link Where are your manners? Say please next time. -ste __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Handshake Issue ?
Hi all, i am Using Apache/1.3.27 Server with mod ssl. I have following question and i will highly appreciate if someone of you can spare some time for the answers. 1- I have specified a SSLCACertificateFile directive and have also required for client authentication. When i try to access that directory through Internet Explorer, it does not ask me which client certificate to select but displays a message that i am accessing private item, then asks for user name and password and then shows Server Certificate Message - if i select YES then it displays the contents. As it is displaying the contents i am assuming that everything went fine. BUT why i am not getting selection of client certificates - i have three different certs installed for client. 2- How can i mention more than 1 CAs as trusted CAs in httpd.conf file ? The log shows following [18/Jul/2003 15:43:16 22122] [info] Connection to child 0 established (server cddfs1.nj.ssmb.com:8443, client 168.109.64.190) [18/Jul/2003 15:43:16 22123] [info] Seeding PRNG with 1160 bytes of entropy [18/Jul/2003 15:43:16 22122] [info] Seeding PRNG with 1160 bytes of entropy [18/Jul/2003 15:43:16 22122] [info] Connection: Client IP: 168.109.64.190, Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits) [18/Jul/2003 15:43:16 22122] [info] Initial (No.1) HTTPS request received for child 0 (server cddfs1.nj.ssmb.com:8443) [18/Jul/2003 15:43:16 22122] [info] Connection to child 0 closed with unclean shutdown (server cddfs1.nj.ssmb.com:8443, client 168.109.64.190) [18/Jul/2003 15:43:16 22123] [info] Connection: Client IP: 168.109.64.190, Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits) [18/Jul/2003 15:43:16 22123] [info] Initial (No.1) HTTPS request received for child 1 (server cddfs1.nj.ssmb.com:8443) [18/Jul/2003 15:43:16 22123] [info] Connection to child 1 closed with unclean shutdown (server cddfs1.nj.ssmb.com:8443, client 168.109.64.190) i don't see any SSL handshake or verification for this transaction ? Any help will be highly appreciated. Regards, Nauman -Original Message- From: Shaun T. Erickson [mailto:[EMAIL PROTECTED] Sent: Friday, July 18, 2003 1:40 PM To: [EMAIL PROTECTED] Subject: Re: [ANNOUNCE] mod_ssl 2.8.15 for Apache 1.3.28 Ihor Bilyy wrote: fix the link Where are your manners? Say please next time. -ste __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]