Re: Basic auth with SSL - again
Trung Tran-Duc ha scritto: > > > > > "Ralf S. Engelschall" <[EMAIL PROTECTED]> wrote: > > [...] > > > Thanks for the answer, Ralf. My problem is that I can't build > > > applications under Win32 platform. > > > > > > Is anybody able to build and uplownload on > > > ftp://contrib:[EMAIL PROTECTED]/sw/mod_ssl/ (read/write > > > access). an update version of Apache (Win32) with mod_ssl/mod_ssl/2.2.5 > > > ? > > > > Perhaps one of the Win32 users can put a binary there. I cannot do it, > > because my Win32 box is still totally messed up. > > I've uploaded > > Apache_1.3.6-mod_ssl_2.2.6-openssl_0.9.2b-WIN32-i386.zip > > to the contrib area. > > (The mod_proxy source was patched to fix one crash bug and a bug preventing > cache GC from functioning) Thanks for the upload: I installed it and Apache works fine on my system, too. As Ralf forecasted, the current version of mod-ssl fixes the authentication problem I found on the old version of mod-ssl and that I reported few days ago. Bye, Achille. __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Basic auth with SSL - again
> > > "Ralf S. Engelschall" <[EMAIL PROTECTED]> wrote: > [...] > > > Thanks for the answer, Ralf. My problem is that I can't build > > applications under Win32 platform. > > > > Is anybody able to build and uplownload on > > ftp://contrib:[EMAIL PROTECTED]/sw/mod_ssl/ (read/write > > access). an update version of Apache (Win32) with mod_ssl/mod_ssl/2.2.5 > > ? > > Perhaps one of the Win32 users can put a binary there. I cannot do it, > because my Win32 box is still totally messed up. I've uploaded Apache_1.3.6-mod_ssl_2.2.6-openssl_0.9.2b-WIN32-i386.zip to the contrib area. (The mod_proxy source was patched to fix one crash bug and a bug preventing cache GC from functioning) __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Basic auth with SSL - again
On Tue, Mar 23, 1999, Achille M. Luongo wrote: > > > I installed Apache/1.3.3 (Win32) mod_ssl/mod_ssl/2.1b8 SSLeay/0.9.0b. > > > > 2.1b8? Oh, that's really _OLD_, I hope you now this. I've no clue on your > > problem, but this is the first version which ran on Win32, so I strongly > > suggest that you upgrade to 2.2.5. Because the chance is high that this was > > implicitly solved by the changes since 2.1b8. > > Thanks for the answer, Ralf. My problem is that I can't build > applications under Win32 platform. > > Is anybody able to build and uplownload on > ftp://contrib:[EMAIL PROTECTED]/sw/mod_ssl/ (read/write > access). an update version of Apache (Win32) with mod_ssl/mod_ssl/2.2.5 > ? Perhaps one of the Win32 users can put a binary there. I cannot do it, because my Win32 box is still totally messed up. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Basic auth with SSL - again
"Ralf S. Engelschall" ha scritto: > > On Mon, Mar 22, 1999, Achille M. Luongo wrote: > > > I installed Apache/1.3.3 (Win32) mod_ssl/mod_ssl/2.1b8 SSLeay/0.9.0b. > > 2.1b8? Oh, that's really _OLD_, I hope you now this. I've no clue on your > problem, but this is the first version which ran on Win32, so I strongly > suggest that you upgrade to 2.2.5. Because the chance is high that this was > implicitly solved by the changes since 2.1b8. Thanks for the answer, Ralf. My problem is that I can't build applications under Win32 platform. Is anybody able to build and uplownload on ftp://contrib:[EMAIL PROTECTED]/sw/mod_ssl/ (read/write access). an update version of Apache (Win32) with mod_ssl/mod_ssl/2.2.5 ? Bye, Achille. __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Basic auth with SSL - again
On Mon, Mar 22, 1999, Achille M. Luongo wrote: > I installed Apache/1.3.3 (Win32) mod_ssl/mod_ssl/2.1b8 SSLeay/0.9.0b. 2.1b8? Oh, that's really _OLD_, I hope you now this. I've no clue on your problem, but this is the first version which ran on Win32, so I strongly suggest that you upgrade to 2.2.5. Because the chance is high that this was implicitly solved by the changes since 2.1b8. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Basic auth with SSL - again
Hello!
Sorry: I post again my previous message for and important addendum.
I installed Apache/1.3.3 (Win32) mod_ssl/mod_ssl/2.1b8 SSLeay/0.9.0b.
I configured Apache to access a directory with the basic authentication
scheme (using htpasswd.users and htaccess file). The ".htaccess" file
is:
deny from all
AuthType Basic
AuthUserFile "/httpd/etc/htpasswd.users"
AuthName "special directory"
require valid-user
satisfy any
If I try to access the protected directory using the normal http
protocol (using the url http://127.0.0.1/Protected"), everything works
fine: the user/password window pops up, I give the correct user/password
sequence and Apache correctly lets me enter.
If I try to access the protected directory using the *https* protocol
(using the url https://127.0.0.1/Protected), the user/password window
pops up, I give the correct user/password sequence, but the Apache
server just wait few minutes and then Netscape shows me a window with
"No response from the server".
The SSL section in http.conf is the following:
=
DocumentRoot"/httpd/htdocs"
ServerAdmin [EMAIL PROTECTED]
ErrorLoglogs/error.log
TransferLog logs/access.log
CustomLog logs/ssl_request.log "%t %h %{version}c %{cipher}c
\"%r\" %b
%{subjectdn}c %{issuerdn}c"
SSLEngine on
[...snip... certificate stuff ...snip...]
SSLoptions -FakeBasicAuth
# Set the file containing CA certificates which are sent to the
# client on an `SSLv3 write certificate request A'. This is
# used with SSLv3 certificate chaining where the client loads
# intermediate certificates in the chain from the server to
# speedup processing of the server authentication. This
# defaults to SSLCACertificateFile but can be set to a
# different file when you want to use a different set of
# certificates you sent out to the client.
#SSLCACertificateReqFile c:/apps/apache/conf/ssl.crt/ca-bundle.crt
# Set client verification level: [RECOMMENDED]
# none: no certificate is required
# optional: the client may present a valid certificate
# require:the client must present a valid certificate
# optional_no_ca: the client may present a valid certificate
# but it is not required to have a valid CA
SSLVerifyClient optional_no_ca
# Set how deeply to verify the certificate issuer chain before
# deciding the certificate is not valid. [OPTIONAL]
SSLVerifyDepth 2
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list. [OPTIONAL]
#SSLCipherSuite RC4-MD5:RC4-SHA:IDEA-CBC-MD5:DES-CBC3-SHA
# With SSLRequire you can do access control based on
# arbitrary complex boolean expressions containing
# server variable checks and other lookup directives.
# The syntax is a mixture between C and Perl.
# See the mod_ssl documentation for more details.
#SSLRequire %{SSL_CIPHER} !~ m/^EXP-.*/ and \
# %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." and \
# %{REMOTE_ADDR} =~ m/^1\.2\.3\.[0-9]+$/
=
Why basic auth doesn't work with SSL ? Can anyone help me ?
Bye, Achille.
__
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
