Re: Basic auth with SSL - again
Trung Tran-Duc ha scritto: > > > > > "Ralf S. Engelschall" <[EMAIL PROTECTED]> wrote: > > [...] > > > Thanks for the answer, Ralf. My problem is that I can't build > > > applications under Win32 platform. > > > > > > Is anybody able to build and uplownload on > > > ftp://contrib:[EMAIL PROTECTED]/sw/mod_ssl/ (read/write > > > access). an update version of Apache (Win32) with mod_ssl/mod_ssl/2.2.5 > > > ? > > > > Perhaps one of the Win32 users can put a binary there. I cannot do it, > > because my Win32 box is still totally messed up. > > I've uploaded > > Apache_1.3.6-mod_ssl_2.2.6-openssl_0.9.2b-WIN32-i386.zip > > to the contrib area. > > (The mod_proxy source was patched to fix one crash bug and a bug preventing > cache GC from functioning) Thanks for the upload: I installed it and Apache works fine on my system, too. As Ralf forecasted, the current version of mod-ssl fixes the authentication problem I found on the old version of mod-ssl and that I reported few days ago. Bye, Achille. __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Basic auth with SSL - again
> > > "Ralf S. Engelschall" <[EMAIL PROTECTED]> wrote: > [...] > > > Thanks for the answer, Ralf. My problem is that I can't build > > applications under Win32 platform. > > > > Is anybody able to build and uplownload on > > ftp://contrib:[EMAIL PROTECTED]/sw/mod_ssl/ (read/write > > access). an update version of Apache (Win32) with mod_ssl/mod_ssl/2.2.5 > > ? > > Perhaps one of the Win32 users can put a binary there. I cannot do it, > because my Win32 box is still totally messed up. I've uploaded Apache_1.3.6-mod_ssl_2.2.6-openssl_0.9.2b-WIN32-i386.zip to the contrib area. (The mod_proxy source was patched to fix one crash bug and a bug preventing cache GC from functioning) __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Basic auth with SSL - again
On Tue, Mar 23, 1999, Achille M. Luongo wrote: > > > I installed Apache/1.3.3 (Win32) mod_ssl/mod_ssl/2.1b8 SSLeay/0.9.0b. > > > > 2.1b8? Oh, that's really _OLD_, I hope you now this. I've no clue on your > > problem, but this is the first version which ran on Win32, so I strongly > > suggest that you upgrade to 2.2.5. Because the chance is high that this was > > implicitly solved by the changes since 2.1b8. > > Thanks for the answer, Ralf. My problem is that I can't build > applications under Win32 platform. > > Is anybody able to build and uplownload on > ftp://contrib:[EMAIL PROTECTED]/sw/mod_ssl/ (read/write > access). an update version of Apache (Win32) with mod_ssl/mod_ssl/2.2.5 > ? Perhaps one of the Win32 users can put a binary there. I cannot do it, because my Win32 box is still totally messed up. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Basic auth with SSL - again
"Ralf S. Engelschall" ha scritto: > > On Mon, Mar 22, 1999, Achille M. Luongo wrote: > > > I installed Apache/1.3.3 (Win32) mod_ssl/mod_ssl/2.1b8 SSLeay/0.9.0b. > > 2.1b8? Oh, that's really _OLD_, I hope you now this. I've no clue on your > problem, but this is the first version which ran on Win32, so I strongly > suggest that you upgrade to 2.2.5. Because the chance is high that this was > implicitly solved by the changes since 2.1b8. Thanks for the answer, Ralf. My problem is that I can't build applications under Win32 platform. Is anybody able to build and uplownload on ftp://contrib:[EMAIL PROTECTED]/sw/mod_ssl/ (read/write access). an update version of Apache (Win32) with mod_ssl/mod_ssl/2.2.5 ? Bye, Achille. __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Basic auth with SSL - again
On Mon, Mar 22, 1999, Achille M. Luongo wrote: > I installed Apache/1.3.3 (Win32) mod_ssl/mod_ssl/2.1b8 SSLeay/0.9.0b. 2.1b8? Oh, that's really _OLD_, I hope you now this. I've no clue on your problem, but this is the first version which ran on Win32, so I strongly suggest that you upgrade to 2.2.5. Because the chance is high that this was implicitly solved by the changes since 2.1b8. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Basic auth with SSL - again
Hello! Sorry: I post again my previous message for and important addendum. I installed Apache/1.3.3 (Win32) mod_ssl/mod_ssl/2.1b8 SSLeay/0.9.0b. I configured Apache to access a directory with the basic authentication scheme (using htpasswd.users and htaccess file). The ".htaccess" file is: deny from all AuthType Basic AuthUserFile "/httpd/etc/htpasswd.users" AuthName "special directory" require valid-user satisfy any If I try to access the protected directory using the normal http protocol (using the url http://127.0.0.1/Protected"), everything works fine: the user/password window pops up, I give the correct user/password sequence and Apache correctly lets me enter. If I try to access the protected directory using the *https* protocol (using the url https://127.0.0.1/Protected), the user/password window pops up, I give the correct user/password sequence, but the Apache server just wait few minutes and then Netscape shows me a window with "No response from the server". The SSL section in http.conf is the following: = DocumentRoot"/httpd/htdocs" ServerAdmin [EMAIL PROTECTED] ErrorLoglogs/error.log TransferLog logs/access.log CustomLog logs/ssl_request.log "%t %h %{version}c %{cipher}c \"%r\" %b %{subjectdn}c %{issuerdn}c" SSLEngine on [...snip... certificate stuff ...snip...] SSLoptions -FakeBasicAuth # Set the file containing CA certificates which are sent to the # client on an `SSLv3 write certificate request A'. This is # used with SSLv3 certificate chaining where the client loads # intermediate certificates in the chain from the server to # speedup processing of the server authentication. This # defaults to SSLCACertificateFile but can be set to a # different file when you want to use a different set of # certificates you sent out to the client. #SSLCACertificateReqFile c:/apps/apache/conf/ssl.crt/ca-bundle.crt # Set client verification level: [RECOMMENDED] # none: no certificate is required # optional: the client may present a valid certificate # require:the client must present a valid certificate # optional_no_ca: the client may present a valid certificate # but it is not required to have a valid CA SSLVerifyClient optional_no_ca # Set how deeply to verify the certificate issuer chain before # deciding the certificate is not valid. [OPTIONAL] SSLVerifyDepth 2 # List the ciphers that the client is permitted to negotiate. # See the mod_ssl documentation for a complete list. [OPTIONAL] #SSLCipherSuite RC4-MD5:RC4-SHA:IDEA-CBC-MD5:DES-CBC3-SHA # With SSLRequire you can do access control based on # arbitrary complex boolean expressions containing # server variable checks and other lookup directives. # The syntax is a mixture between C and Perl. # See the mod_ssl documentation for more details. #SSLRequire %{SSL_CIPHER} !~ m/^EXP-.*/ and \ # %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." and \ # %{REMOTE_ADDR} =~ m/^1\.2\.3\.[0-9]+$/ = Why basic auth doesn't work with SSL ? Can anyone help me ? Bye, Achille. __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]