help
hi all iam using apache 1.3.12 on linux 6.2 iam would like to use ApacheSSSL iam able to install properly, but i ahve only one problem is iam not able to access my site with https://mydomain.com/ help balaji __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
help
I am running apache 1.3.13 and mod_ssl-2.6.6-1.3.12 I get the error Invalid method in request % and was looking for some help.. Is it possible to send me a working apache conf with this version? or do u know what is wrong.. thanks
Help
How to do create SSL client certificates signed by your own CA certificate ca.crt? Thank yjh --- 163µç×ÓÓʾ֣¬¸øÄú¸üÍêÃÀEmail·þÎñ£¡ http://www.163.net __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
HELP!!!
Goodmorning everybody! I've been getting headaches over this one. Attempting to build Apache 1.3.19 with mod_ssl 2.8.2, php4.0.4pl1 and mysql 2.23.37. I used OpenSSL 0.9.6a as well. This all is supposed to run on a SuSE box so the configure command I use is as follows: ./configure --with-apache=../apache_1.3.19 --with-ssl=../openssl-0.9.6a --wi th-layout=SuSE --enable-module=ssl --activate-module=src/modules/php4/libphp 4.a --enable-module=php4 --enable-shared=ssl configure gives no errors at all. make bails out though: gcc -c -I../../os/unix -I../../include -DLINUX=22 -DMOD_SSL=208102 -I/home/n ewApache/php-4.0.4pl1 -I/home/newApache/php-4.0.4pl1/main -I/home/newApache/ php-4.0.4pl1/main -I/home/newApache/php-4.0.4pl1/Zend -I/home/newApache/php- 4.0.4pl1/Zend -I/home/newApache/php-4.0.4pl1/TSRM -I/home/newApache/php-4.0. 4pl1/TSRM -I/home/newApache/php-4.0.4pl1 -DEAPI -DUSE_EXPAT -I../../lib/expa t-lite `../../apaci` -fpic -DSHARED_MODULE -DSSL_COMPAT -DSSL_USE_SDBM -I/home/newA pache/openssl-0.9.6a/include -DMOD_SSL_VERSION=\"2.8.2\" ssl_engine_mutex.c && mv ssl_engine_mutex.o ssl_engine_mutex.lo ssl_engine_mutex.c: In function `ssl_mutex_sem_create': ssl_engine_mutex.c:297: incompatible type for argument 4 of `semctl' ssl_engine_mutex.c:306: incompatible type for argument 4 of `semctl' ssl_engine_mutex.c: In function `ssl_mutex_sem_remove': ssl_engine_mutex.c:338: incompatible type for argument 4 of `semctl' make[4]: *** [ssl_engine_mutex.lo] Error 1 make[3]: *** [all] Error 1 make[2]: *** [subdirs] Error 1 make[2]: Leaving directory `/home/newApache/apache_1.3.19/src' make[1]: *** [build-std] Error 2 make[1]: Leaving directory `/home/newApache/apache_1.3.19' make: *** [build] Error 2 Any ideas? (I sure hope so!) Marcel - (SYSERR0599) Press any key to continue or any other key to quit... __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Help!!!!!
Title: Help! Hi ! I need a advice currently I am running Apache 1.2.5 on Solaries 2.6 and I have to set up SSL. The problem that I having is that I can not create rand.dat using ssleay ( ssleay md5 * > rand.dat) I need module which will allow me to Generate Certificate and Private Keys for VeriSign enrollment. ( Client requirements) What's my choices?
HELP!!!!!!
Is there a planned release in the near future for a version of mod_ssl that will work with Apache 1.3.9? Jason Charette __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
¡HELP!
I'm using an Apache 1.3.12 (win32), ApacheJServ 1.1, mod_ssl 2.6.0 and OpenSSL 0.9.4. Starting Apache a warning message is appearing "Loaded DSO [...]\ApacheModuleJServ.dll uses plain Apache 1.3 API, this module might crash under EAPI! (please recompile it with -DEAPI) I'm trying to do that but in Visual C++ 6.0 (cl command) there isn't a -DEAPI option. I think it's a compiler option and not a linker option. Does anybody knows which compiler option is the one i need? or, better, does anybody has an ApacheModuleJServ.dll already compiled with this option? Thanks in advance. ___ Do You Yahoo!? Consiga gratis su dirección @yahoo.es en http://correo.yahoo.es __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Help!!!
Hi Why do I get a "SSL Handshake interupted by system".? The computer that causes this error has a ip address of 10.3.0.192 and goes through a proxy 10.2.0.25 and again through a proxy 160.124.44.207. Thus tha actual packed arriving at the destination should have a source ip of 160.124.44.207. Irnest Schultz Mikros Systems South - Africa http://www.mikros.co.za TEL: +27128090970 FAX: +27128090974 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
help
ive just installed SSL support on SuSE linux on apache and when i start the web server i get the error /usr/lib/libssl.so.0 undefined symbol X509_free can anyone tell me what im doing wrong ive followed the instructions in an apache book by the letter. Cheers Kevin
Re: help
sir, u need to specify the port. Search for the SSL Port in httpd.conf and then say https://mydomain.com:8443/ & voila, u are ultimately able to access it!! MUGWUW, Parag. Balaji Hare Ram Balaji wrote: > > hi all > > iam using apache 1.3.12 on linux 6.2 > > iam would like to use ApacheSSSL > iam able to install properly, but i ahve only one problem is > iam not able to access my site with https://mydomain.com/ > > help > > balaji > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] -- -- Parag Warudkar Voice 080-2215010 x124 Senior Systems Engineer Fax 080-2271954 Wipro Technologies Cellular 9845077152 (e-Commerce Division) Business Email : [EMAIL PROTECTED] 40/1A, Lavelle Road Personal Email : [EMAIL PROTECTED] Bangalore India Visit us at www.wipro.com 560001 www.wipro.com/wiprowebsecure -- begin:vcard n:Warudkar;Parag tel;cell:9845077152 tel;fax:091-080-2271954 tel;home:09845077152 tel;work:091-080-2215010 x-mozilla-html:FALSE url:http://www.paragwarudkar.org org:Wipro Technologies;E-Commerce Division version:2.1 email;internet:[EMAIL PROTECTED] title:Sr. Systems Engineer adr;quoted-printable:;;Ground Floor,=0D=0A40/1A, Lavelle Road,;Bangalore;Karnataka;560001;India x-mozilla-cpt:;0 fn:Parag Warudkar end:vcard
help me!!
Dear Sir, I am facing the following problem, so help me. Thanks in advance. I installed the modssl according the instruction given in INSTALL file with modssl source. I followed the instruction given in the apache + modssl/openssl + perl/mod_perl section. It installed successfully and showing the module installed in apache when we restart it. Httpd process are also running with parameter DSSL when I start apache with startssl option. The server serve as http server but when I tried with https it is showing me error "Netscape encountered bad data from server. I tried by creating a virtual host on port 443 with following option SSLCACertificatePath /usr/local/apache/ SSLCACertificateFile /usr/local/apache/www.emedlife.com.crt SSLCertificateFile /usr/local/apache/www.emedlife.com.crt SSLLogFile /usr/local/apache/logs/ssl.log SSLPassPhraseDialog builtin http://www.hotmail.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: help
On Wed, Aug 30, 2000, bigs wrote: > I am running apache 1.3.13 and mod_ssl-2.6.6-1.3.12 > I get the error Invalid method in request % and was looking for some help.. > Is it possible to send me a working apache conf with this version? > or do u know what is wrong.. thanks This error usually means you're speaking HTTPS to a port where only HTTP is spoken. Check your server configuration and if all fails start from scratch by _closely_ following mod_ssl's INSTALL document and you will get a correctly pre-configured and working Apache with SSL/TLS support. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Please Help
Hey Folks, I got Apache running on this sucker, but I can't seem to get mod_SSL goin'. My httpd.conf file looks great and I've started and stopped the server correctly. My certificate and key are fine. Why can't I get this bad boy going on HTTPS? Any trouble shooting techniques out there? I was very precise when I set it up...I followed the instructions to a tee...wazzup with this junx? Rick -- Rick Dunetz Director of Web Development Telco Exchange 9900 Main Street Suite 302 Fairfax, VA 22031 Ph: 703.383.1400 Fax: 703.385.3788 Check our article on T1 Pricing in Network World Magazine: http://www.nwfusion.com/research/2000/0508feattele.html __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Help::Please
Hello everyone. I have been using the ModSSL for around 5 months now. Its running well. I have an uptime of 4 months on the apache server and I am my own CA. So all is well. Well, enough of that. Here is my problem or issue: I need to install the perl_mod to my apache server now. Some of the developers (including myself) are starting to go that way with our intranet. My question is, do I have to reinstall modssl and recompile apache after the perl module has been added?? Please let me know what I need to do. If anyone has done this in the past, shoot me a private email ([EMAIL PROTECTED]). I appreciate your time. Matt Williams __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
need help !!
hi all, apche fails to compile with mod -ssl on win nt ..says cant find ap_aquire_pool ap_make_shared_pool in apachecore.def thnks in advcne anish -- Choose the Internet payment standard! http://www.jalda.com http://www.ehpt.com ANISH.M Systems Engineerphone +91 116510101 internet payment systems mobile +91 9810304174 EHPT India Pvt Ltde:mail [EMAIL PROTECTED] [EMAIL PROTECTED]
pls help...
What does this error mesg. mean? = [Mon Apr 23 11:19:02 2001] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows) = THanx. - sm
Need help
I am trying to install a 3rd party user authentication product on one of our RH Linux/Apache intranet servers. Originally I was told that their product was only tested, approved and supported on Red Hat Linux 6.2 running an SSL enabled Apache 1.3.12. On Wednesday, with help from their tech support, I was able to finally get their product up and running on our test box, but I was informed that the "tested, approved and supported" version of mod_ssl was 2.8.1, not the 2.6.6 I had used. I see that there is a mod_ssl --force configuration option for installing to a version of Apache other than the one it was designed for. Today when ran the mod_ssl 2.8.1 configuration script with the --force option I was prompted for "File to patch:". Not knowing what to enter I hit ctrl-c to abort. I received 3 or 4 of these "File to patch:" prompts, hitting ctrl-c each time, before the configuration script aborted. I am unable to find additional information, in the documentation or on the mod_ssl web site, about the --force option or the file names I need to enter when prompted "File to patch". Here's the command line I used: ./configure --with-apache=../apache_1.3.12 --with-ssl=../openssl-0.9.6b --with-rsa=../rsaref-2.0/local --prefix=/usr/local/apache --enable-shared=ssl --force Any help would be greatly appreciated. Bill Irwin [EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Setup help
I have RH 7.1 server with Apache 1.3 installed and running,I need to get SSL up and running.I have mod_ssl downloaded and ready to install but I want to check what the is the best procedure first. 1: Where do I install mod_ssl and how do I configure to incorporate the super cert. I have purchased from Thawte ? 2: do I need to install openss ? Thanks
Urgent help
I want to use apache 2.0 how do I configure it with mod_ssl & openssl. Please guide its very very urgent. Reply at [EMAIL PROTECTED] [EMAIL PROTECTED] Regards sonu __ Do You Yahoo!? Yahoo! Games - play chess, backgammon, pool and more http://games.yahoo.com/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Some help
Title: Some help Hi All, I quite new to mod-ssl and apache 2.0.x, so i have a few question. With Apache 1.3.x, i was use to call openssl engine througth mod-ssl, with some compilation condition (--enable-rule=SSL_ExPERIMENTAL), and http.conf modification (SSLCryptoDevice ...). My problem comes with new Apache 2.0.x! Am i right if i try to compile mod-ssl with the same rule adding "--enable-rule=SSL_ExPERIMENTAL" when doing ./configure for apache? If i do not misundersand, we can have compilation directive for module (as mod-ssl) from apache configuration script? Should i be able to use an openssl engine using the same "SSLCryptoDevice ..."? Thanks in advance. Regards Fred
Re: Help!!!!!
On Tue, May 11, 1999, Genek Kubacki wrote: > I need a advice currently I am running Apache 1.2.5 on > Solaries 2.6 and I have to set up SSL. > The problem that I having is that I can not create rand.dat using > ssleay ( ssleay md5 * > rand.dat) > I need module which will allow me to > Generate Certificate and Private Keys for VeriSign enrollment. ( > Client requirements) To first read the mod_ssl FAQ, of course. There are details on how to use OpenSSL to generate CSR and certificates. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Please help.
Dear all, I have installed the RPM package apache-mod_ssl 1.3.6-2.3.0 on Linux 5.2 and it seems to work fine. But only the first connection can be achieved. If I click Reload on the browser, the error message "Network : IO Error" will appear. I have a look on the error log file "error_log" of Apache, it displayed [notice] child pid 18457 exit signal Segmentation fault (11) and the log file ssl_engine_log showed as below : [info] Connection to child 1 established (server winds.thinxshop.fr:443) I checked the connections on the server with the command, netstat, the connection wasn't closed, it was in the state TIME_WAIT, FIN_WAIT2 ... To re-establish the connection (by clicking Reload or retype the URL), I had to wait until the connection had been completely closed (the message from netstat command) or close and re-open the browser. Could you please let me know what is going on ? and what I can solve such troubles. Many thanks in advance, Regards, Prapan __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Help Needed
Hello, I have just installed a new web server about a month ago. I've tried to get two certificates working and have another one on the way. My previous Unix guy who initially installed mod-ssl is out of touch and I need to get something done about this. Is there anyone reading this list who can help me out here? I've got one programmer trying to traverse the mod-ssl highway and get these certs installed, but he's never done it before. And neither have I. We're giving it another go this morning. We've been at this for weeks. I'm not sure what version I have but would also like to upgrade to the latest version since nothing is working right now If there's someone who is familiar with all of this and would like to help out, I'm very eager to get this taken care of so I can move on. I'm available anytime. 310-274-2137 or 1-888-855-0101 vm/pager. PST. Thanks. Stephen "Ralf S. Engelschall" wrote: > Another round to make the stable 2.4 series even more robust and clean: > mod_ssl 2.4.7. The CHANGES entries are appended, as usual. If you're already > successfully running 2.4.6 you don't have to upgrade this time. If you're > running an older version (<= 2.4.6) I recommend you to now upgrade to mod_ssl > 2.4.7. No new features will be added to 2.4 and 2.4.7 is already considered > rock solid. There will be certainly 2.4.8 and 2.4.9 in the next weeks, but > they will not provide new major things. Because in the next weeks development > on mod_ssl 2.5 will slowly start and so it's a good time for you to upgrade > your installations to the latest and most stable version now. > > Fetch it now from: > > o http://www.modssl.org/source/ > o ftp://ftp.modssl.org/source/ > > Yours, >Ralf S. Engelschall >[EMAIL PROTECTED] >www.engelschall.com > > Changes with mod_ssl 2.4.7 (22-Oct-1999 to 02-Nov-1999) > >*) Added a check to mod_so to complain with a warning if one loads > a plain Apache 1.3 DSO under EAPI (which might work, but can also > segfault). > >*) Added more defensive programming checks in the cert/key handling. > >*) Added an entry to the FAQ about the commercial alternatives. > >*) Disabled SysV IPC semaphore based mutex variant for FreeBSD < 3.0 and > any OpenBSD and NetBSD platforms because of conflicts with their > non-POSIX conforming semctl(2) prototypes. > >*) Added an FAQ entry on how to enable Anonymous > Diffie-Hellman (ADH) ciphers. > >*) Now `make certificate' allows one to also change the > certificate validity time (default is still 365 days). > >*) Recreated the ssl.crt/ca-bundle.crt file with all CA certs found in > Netscape Communicator 4.7's cert7.db file. > > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] -- Stephen H. Kapit DreamTime Designs http://www.the-replicator.net DreamTime Designs is a highly specialized internet development company. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
mod_ssi help
Hello everybody, I really need your help regarding apache. I have red hat 6.1 and apache came with this 1.3.9 version. How do I enable ssl inside apache ? I also got mod_ssl_2.4.9 package and unpacked it, but I am not sure if I need to install it. Is it possible to integrate this inside current apache configuration or I need to reinstall apache ? I also got OpenSSL for this. Please help me if you can with this. Thanx, Darko __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: HELP!!!!!!
On Tue, Mar 07, 2000, Charette, Jason wrote: > Is there a planned release in the near future for a version of mod_ssl that > will work with Apache 1.3.9? E... what? A mod_ssl version in the future for an older Apache? No, I will certainly not provide this. What is your reason why you want to stick with Apache 1.3.9 and not use 1.3.12? But if you really want 2.6.2 to run with 1.3.9, it would be possible, of course. But you've to fiddle around yourself with the source tree and merge mod_ssl into it manually. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: ¡HELP!
On Wed, Mar 08, 2000, Augusto Alvares wrote: > I'm using an Apache 1.3.12 (win32), ApacheJServ 1.1, mod_ssl 2.6.0 and > OpenSSL 0.9.4. Starting Apache a warning message is appearing "Loaded > DSO [...]\ApacheModuleJServ.dll uses plain Apache 1.3 API, this module > might crash under EAPI! (please recompile it with -DEAPI) I'm trying > to do that but in Visual C++ 6.0 (cl command) there isn't a -DEAPI > option. I think it's a compiler option and not a linker option. Does > anybody knows which compiler option is the one i need? or, better, > does anybody has an ApacheModuleJServ.dll already compiled with this > option? The option is /DEAPI for the underpriviledged... ;) Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: HELP!!!!!!
Too right Ralf. The next thing we'll have is people asking if bugs can be put back into the code! I can imagine the posting "there was this really useful bug in ..." John -Original Message- From: Ralf S. Engelschall [mailto:[EMAIL PROTECTED]] Sent: 08 March 2000 10:02 To: [EMAIL PROTECTED] Subject: Re: HELP!! On Tue, Mar 07, 2000, Charette, Jason wrote: > Is there a planned release in the near future for a version of mod_ssl that > will work with Apache 1.3.9? E... what? A mod_ssl version in the future for an older Apache? No, I will certainly not provide this. What is your reason why you want to stick with Apache 1.3.9 and not use 1.3.12? But if you really want 2.6.2 to run with 1.3.9, it would be possible, of course. But you've to fiddle around yourself with the source tree and merge mod_ssl into it manually. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: HELP!!!!!!
On Tue, 7 Mar 2000, Charette, Jason wrote: > Is there a planned release in the near future for a version of mod_ssl that > will work with Apache 1.3.9? ftp://ftp.modssl.org/source/mod_ssl-2.4.10-1.3.9.tar.gz but why not just got apache 1.3.12 so you can get the newest and greatest features of mod_ssl? -- Nate Carlson <[EMAIL PROTECTED]> | Phone : (612)943-8700 http://www.real-time.com| Fax : (612)943-8500 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: ¡HELP!
> I'm using an Apache 1.3.12 (win32), ApacheJServ 1.1, > mod_ssl 2.6.0 and OpenSSL 0.9.4. > Starting Apache a warning message is appearing "Loaded > DSO [...]\ApacheModuleJServ.dll uses plain Apache 1.3 > API, this module might crash under EAPI! (please > recompile it with -DEAPI) > I'm trying to do that but in Visual C++ 6.0 (cl > command) there isn't a -DEAPI option. I think it's a > compiler option and not a linker option. Yes, it`s a compiler option. In the JServ makefile in Source\c\makefile.win32 should be a line like containing something like JSERV_DEFINE = /D "WIN32" /D "NDEBUG" /D "_WINDOWS" There you have to add /D "EAPI" to get JServ running without this error message. /me __ The OpenSA Project http://www.opensa.org/ Daniel S. Reichenbach [EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: HELP!!!!!!
On Wed, 8 Mar 2000, Airey, John wrote: > Too right Ralf. The next thing we'll have is people asking if bugs can be > put back into the code! I can imagine the posting "there was this really > useful bug in ..." > > John I do not agree with this comment, it is obvious that the guy that has asked about "support" for and older release of apache is not a very experimented administrator, in the life every body makes mistakes and every body makes "stupid" questions at least once. JImmy __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Help!!!
On Wed, Apr 05, 2000, Irnest Schultz wrote: > Why do I get a "SSL Handshake interupted by system".? The computer that > causes this error has a ip address of 10.3.0.192 and goes through a proxy > 10.2.0.25 and again through a proxy 160.124.44.207. Thus tha actual packed > arriving at the destination should have a source ip of 160.124.44.207. You usually get this if the user pressed the stop button while the data was still transferred. Usually nothing to worry about. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Help needed !
Hello, i still have problems on running ssl on my apache server (rh 6.1) The certicicate has been created with make certificate On launch with apachectl startssl i enter the passphrase and everything seems to be correct, the server starts-up giving as output : Server my.server.name:443 (RSA)Enter pass phrase: Ok: Pass Phrase Dialog successful../apachectl startssl: httpd started But when i try to connect to it using https:// i receive no answer. I also tried to scan the ports and it seems that port 443 is not open. This is the ssl related section of my httpd.conf file: Listen 80Listen 443 AddType application/x-x509-ca-cert .crtAddType application/x-pkcs7-crl .crl SSLPassPhraseDialog builtinSSLSessionCache dbm:/usr/local/apache/logs/ssl_scacheSSLSessionCacheTimeout 300SSLMutex file:/usr/local/apache/logs/ssl_mutexSSLRandomSeed startup builtinSSLRandomSeed connect builtin SSLLog /usr/local/apache/logs/ssl_engine_logSSLLogLevel info DocumentRoot /www/htdocs/ ErrorLog /usr/local/apache/logs/error_logTransferLog /usr/local/apache/logs/access_log SSLEngine onSSLVerifyClient requireSSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crtSSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.keySSLLogFile /usr/local/apache/logs/ssl_misc_log SSLOptions +StdEnvVars SSLOptions +StdEnvVars SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown This is the log in ssl_engine_log : [11/Apr/2000 08:11:30 01141] [info] Server: Apache/1.3.12, Interface: mod_ssl/2.6.2, Library: OpenSSL/0.9.5a[11/Apr/2000 08:11:30 01141] [info] Init: 1st startup round (still not detached)[11/Apr/2000 08:11:30 01141] [info] Init: Initializing OpenSSL library[11/Apr/2000 08:11:33 01141] [info] Init: Wiped out the queried pass phrases from memory[11/Apr/2000 08:11:33 01141] [info] Init: Seeding PRNG with 136 bytes of entropy[11/Apr/2000 08:11:33 01141] [info] Init: Generating temporary RSA private keys (512/1024 bits)[11/Apr/2000 08:11:34 01141] [info] Init: Configuring temporary DH parameters (512/1024 bits) Has anyone any advice which could help me? Thanks in advance Vagel Argyrakis
Need help !
Hi all, I have problems with ssl on my apache server (rh 6.1) The certicicate has been created with make certificate On launch with apachectl startssl i enter the passphrase and everything seems to be correct, the server starts-up giving as output : Server my.server.name:443 (RSA)Enter pass phrase: Ok: Pass Phrase Dialog successful../apachectl startssl: httpd started But when i try to connect to it using https:// i receive no answer. I also tried to scan the ports and it seems that port 443 is not open. This is the ssl related section of my httpd.conf file: Listen 80Listen 443 AddType application/x-x509-ca-cert .crtAddType application/x-pkcs7-crl .crl SSLPassPhraseDialog builtinSSLSessionCache dbm:/usr/local/apache/logs/ssl_scacheSSLSessionCacheTimeout 300SSLMutex file:/usr/local/apache/logs/ssl_mutexSSLRandomSeed startup builtinSSLRandomSeed connect builtin SSLLog /usr/local/apache/logs/ssl_engine_logSSLLogLevel info DocumentRoot /www/htdocs/ ErrorLog /usr/local/apache/logs/error_logTransferLog /usr/local/apache/logs/access_log SSLEngine onSSLVerifyClient requireSSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crtSSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.keySSLLogFile /usr/local/apache/logs/ssl_misc_log SSLOptions +StdEnvVars SSLOptions +StdEnvVars SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown This is the log in ssl_engine_log : [11/Apr/2000 08:11:30 01141] [info] Server: Apache/1.3.12, Interface: mod_ssl/2.6.2, Library: OpenSSL/0.9.5a[11/Apr/2000 08:11:30 01141] [info] Init: 1st startup round (still not detached)[11/Apr/2000 08:11:30 01141] [info] Init: Initializing OpenSSL library[11/Apr/2000 08:11:33 01141] [info] Init: Wiped out the queried pass phrases from memory[11/Apr/2000 08:11:33 01141] [info] Init: Seeding PRNG with 136 bytes of entropy[11/Apr/2000 08:11:33 01141] [info] Init: Generating temporary RSA private keys (512/1024 bits)[11/Apr/2000 08:11:34 01141] [info] Init: Configuring temporary DH parameters (512/1024 bits) When i manually test ssl with the command : # ./openssl s_client -connect localhost:443 -state -debug i receive the answer :connect: Connection refusedconnect:errno=111 Anyone could give me some help? Thanks in advance Vagel Argyrakis [EMAIL PROTECTED]
Install help
Hi, I need some help with Apache install/config. My environment: RedHat 6.1 Linux on Intel apache 1.3.12 Problem: I unpachaged and installed rsaref, open_ssl and mod_ssl. There was a previous install of Apache in the Machine from the same source directory. When I cd to the source directory and run make, I get the following: [root@devlinux apache_1.3.12]# make ===> src make[1]: Entering directory `/usr/local/apache_1.3.12' make[2]: Entering directory `/usr/local/apache_1.3.12/src' make[2]: *** No rule to make target `all'. Stop. make[2]: Leaving directory `/usr/local/apache_1.3.12/src' make[1]: *** [build-std] Error 2 make[1]: Leaving directory `/usr/local/apache_1.3.12' make: *** [build] Error 2 Any ideas, please? Wilmer Peres [EMAIL PROTECTED]
Need help !
Hi, Thanks for the ideas. I tried both using the ip address instead of localhost and i commented out the setting : SSLVerifyClient require, but it still doesn't work. Anything else that i could do? Thank you Vagel Try (instead of localhost:443) using 192.168.0.225:443, in your openssl s_client commandline. --- Mat Butler, Winged Wolf <[EMAIL PROTECTED]> SPASTIC Web Engineer SPASTIC Server Administrator Begin FurryCode v1.3 FCWw5amrsw A- C+ D H+++ M+[servercoder] P+ R++ T+++ W Z++ Sm++ RLCT/M*/LW* a cl/u/v>+ !d e- f> h++ iwf+++ j p->+ sm++ End FurryCode v1.3 On Fri, 14 Apr 2000, Vagel Argyrakis wrote: > Hi all, > > I have problems with ssl on my apache server (rh 6.1) > The certicicate has been created with make certificate > On launch with apachectl startssl i enter the passphrase and everything seems to be correct, the server starts-up giving as output : > > Server my.server.name:443 (RSA) > Enter pass phrase: > > Ok: Pass Phrase Dialog successful. > ./apachectl startssl: httpd started > > But when i try to connect to it using https:// i receive no answer. I also tried to scan the ports and it seems that port 443 is not open. > This is the ssl related section of my httpd.conf file: > > > Listen 80 > Listen 443 > AddType application/x-x509-ca-cert .crt > AddType application/x-pkcs7-crl .crl > > > SSLPassPhraseDialog builtin > SSLSessionCache dbm:/usr/local/apache/logs/ssl_scache > SSLSessionCacheTimeout 300 > SSLMutex file:/usr/local/apache/logs/ssl_mutex > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > > SSLLog /usr/local/apache/logs/ssl_engine_log > SSLLogLevel info > > > > DocumentRoot /www/htdocs/ > ErrorLog /usr/local/apache/logs/error_log > TransferLog /usr/local/apache/logs/access_log > SSLEngine on > SSLVerifyClient require > SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt > SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key > SSLLogFile /usr/local/apache/logs/ssl_misc_log > > > SSLOptions +StdEnvVars > > > SSLOptions +StdEnvVars > > > SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown > > > > > > This is the log in ssl_engine_log : > > [11/Apr/2000 08:11:30 01141] [info] Server: Apache/1.3.12, Interface: mod_ssl/2.6.2, Library: OpenSSL/0.9.5a > [11/Apr/2000 08:11:30 01141] [info] Init: 1st startup round (still not detached) > [11/Apr/2000 08:11:30 01141] [info] Init: Initializing OpenSSL library > [11/Apr/2000 08:11:33 01141] [info] Init: Wiped out the queried pass phrases from memory > [11/Apr/2000 08:11:33 01141] [info] Init: Seeding PRNG with 136 bytes of entropy > [11/Apr/2000 08:11:33 01141] [info] Init: Generating temporary RSA private keys (512/1024 bits) > [11/Apr/2000 08:11:34 01141] [info] Init: Configuring temporary DH parameters (512/1024 bits) > > > When i manually test ssl with the command : # ./openssl s_client -connect localhost:443 -state -debug > i receive the answer : > connect: Connection refused > connect:errno=111 > > Anyone could give me some help? > > Thanks in advance > > Vagel Argyrakis > > [EMAIL PROTECTED] > __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
help wanted
Hi, I am ganesh doke working on e-commerce project with platform webojects and apache server. Can someone give some idea to me. How do I change the http://www.servername.com/cgi-bin/WebObjects portion of the URL into e.g. http://www.servername.com/Apps? Please explain what changes are required to do in apache and in webobjects. my mail id is [EMAIL PROTECTED] Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Help needed
Dear mod_ssl engineers, I am Vijay,from India working day and night on apache Module mod_ssl to enable ssl on apache on windows_nt. I have followed all the instructions given in the readme.win32 file of mod_ssl software directory.The process has created ApacheModuleSSL.dll under apache\src\modules\ssl directory.I need to proceed further now to include this module in Apache.Please help me in guiding on how to proceed in a step by step instruction style as soon as possible and oblige. Thank u Vijay __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Pls help
Any help on this will be highly appreciated...thanx. > Hi there, > > I've a linux box running - > > Apache/1.3.26 (Unix) mod_ssl/2.8.9 OpenSSL/0.9.6d > > The box gets extremely loaded when I have - > > ... > SSLRandomSeed startup buildin > SSLRandomSeed connect buildin > ... > > in httpd.conf file. As soon as I change the connect > line with > > SSLRandomSeed connect file:/dev/urandom 1024 > > everything seems fine. > > Any idea what was causing the server busy? > > Thanx > - > Jays. > > Apache Interface to OpenSSL (mod_ssl) >www.modssl.org > User Support Mailing List > [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] __ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Help Required!
Respected Sir, MY Problem: I have to implement Apache+SSL to for the security of my web application, but i have only Password field and Billing amount field to store into the database i want to use SSL for encryption of the said fields... so keep me sure that which Cipher i can use that will encrypt the data over the wire through SSL and then decrypt it before storing.. And furhter.. is there any need of Certificates...where i want to authenticate my users only matching there password into the database... so is this better for me to use only any Cipher? and if u feel free then plz give me step by step solution to my problem...that how can i configure mod_ssl + openssl for my problem.. Regards SHAZ! __ Outgrown your current e-mail service? Get a 25MB Inbox, POP3 Access, No Ads and No Taglines with LYCOS MAIL PLUS. http://login.mail.lycos.com/brandPage.shtml?pageId=plus __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Please help !!!!
Hi ! I have configured Apache 2.0.43 with mod_ssl and I have created CA and client certificates but now I cannot acces my ssl server "https://myserver";. What have I made wrong? __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
NEED HELP!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Hi, Am Sorry for this message because it may get to you as supprise but it's because of the situation of things right now. I want use this opportunity to explain my problem. I was here in London on Vacation but yesterday thing change because i was mugged at hotel am staying. The worse of it is that bags, cash and cards and my cell phone was stolen at during the incident and it's such a crazy experience for me. Now, am stranded here without any money with me and i need flying back home. Although am so happy that am physically ok and my passport still save with me. I have been to police to make report about the inccident but the best help they could render to me is that they lead me to the embassy. Now, embassy have arrange a flight for me which was schedule on 25th of February 2010 but i dont want to wait long anymore before i can get back home. I have been able to raise some money through my friends and family but am short of $950 USD to complete the money for my flight ticket. Please, i need you to loan me with sum amount $950 USD and i promise you i will pay you back any amount you can afford to loan as soon as i get back home. You can check Western Union Website to locate the nearest outlet around you or wire the money online on their website (www.westernunion.com) I need you to wire the money to me via Western Union Money Transfer with my name: Receiver Name : Chris DiLorenzo My location : Dunstable Beds, LU5 5SD, United Kingdom. As soon as you wire the money you will need provide me the below information MTCN: ??? Amount Send: ??? Sender's Name: ??? So that i can visit any nearest Western Union Outlet to pick up the money with my passport here in United Kingdom. Please do not see this message as virus or spam and i will be very happy if you can help me out. Thank you Chris DiLorenzo
Help! Help! Not able to use HTTPS with Netscape!
Hello, I have installed open-ssl and mod-ssl in a machine using the apache-modssl and openssl rpms.I have also created certificates for the CA as well as for a web-server. Netscape also recognised the fact that the certificate was a new one and asked me whether I accepted it. I said yes. However, when I try to access a document from the web-server using HTTPS protocol, Netscape gives an error saying "Document contained no data". What could this be due to? Where does the HTTPS protocol look for documents? Does it also read the usual /home/httpd/index.html file like normal HTTP? Another error which Netscape gives at times is "Broken Pipe". What could that be due to? I have not been able to access even a single doc so far after installing ssl using https protocol. Could anyone help please ? Sri who me __ Get Your Private, Free Email at http://www.hotmail.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: help me!!
Quoting Kuldeep Tomar <[EMAIL PROTECTED]>: Kuldeep, what if you tried You're missing the ending ">" on the VirtualHost directives. Maybe this will fix it. -Jes > > ServerAdmin [EMAIL PROTECTED] > DocumentRoot /web/emedlife/html/ssl > DirectoryIndex index.html > ScriptAlias /cgi-bin/ /web/cgi-bin/ > ServerName emedmail.com > ErrorLog logs/sslerror.log > TransferLog logs/sslaccess.log > SSLCACertificatePath /usr/local/apache/ > > SSLCACertificateFile /usr/local/apache/www.emedlife.com.crt > SSLCertificateFile /usr/local/apache/www.emedlife.com.crt > > SSLCertificateKeyFile /usr/local/apache/www.emedlife.com.key > > SSLLogFile /usr/local/apache/logs/ssl.log > SSLVerifyClient 0 > SSLFakeBasicAuth > Regards, Jessie Bryan GETO Internet Services Systems Administrator Email: [EMAIL PROTECTED] Web: http://www.geto.net - This mail sent through GETO Webmail: https://webmail.geto.net __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Please, help me
Hello, I installed Apache_1.3.12+OpenSSL+Mod_SSL and I add this directive: SSLVerifyClient optional SSLVerifyDepth 1 # SSLCACertificateFile conf/ssl.crt/server.crt -> it make error if I uncomment SSLOptions +FakeBasicAuth +StrictRequire SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128 RewriteEngine on RewriteCond %{HTTPS} !=on RewriteRule .* - [F] Satisfy any Order deny,allow Deny from all AuthType basic AuthName "BAM Software SRL - Protected Server" AuthUserFile conf/.htpasswd Require valid-user The password for a user is not recognise . Where is the problem ? Gabriel Ciuloaica
Re: Please Help
Rick, Did you try stopping with apachectl stop and restarting with the command apachectl startssl? - Original Message - From: "Rick I Dunetz" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, September 27, 2000 12:14 PM Subject: Please Help > Hey Folks, > > I got Apache running on this sucker, but I can't seem to get mod_SSL > goin'. My httpd.conf file looks great and I've started and stopped the > server correctly. My certificate and key are fine. Why can't I get > this bad boy going on HTTPS? Any trouble shooting techniques out > there? I was very precise when I set it up...I followed the > instructions to a tee...wazzup with this junx? > > Rick > > -- > Rick Dunetz > Director of Web Development > Telco Exchange > 9900 Main Street > Suite 302 > Fairfax, VA 22031 > > Ph: 703.383.1400 > Fax: 703.385.3788 > > Check our article on T1 Pricing in Network World Magazine: > http://www.nwfusion.com/research/2000/0508feattele.html > > > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] > __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Please Help
It's a little hard to help without a little detail. In what way is it not working? Does the server respond to your HTTPS requests with anything at all? Are there any entries in the SSL logs that indicate (first) that a request has been received and (second) what it may have done with the request. Double check your ports. Is SSL enabled on the port you're attempting to use? (PLEASE don't try to use multiple name-based VirtuaHosts with SSL!) Your logs really are the first place to look for answers. > -Original Message- > From: Rick I Dunetz [mailto:[EMAIL PROTECTED]] > Sent: September 27, 2000 10:15 AM > To: [EMAIL PROTECTED] > Subject: Please Help > > > Hey Folks, > > I got Apache running on this sucker, but I can't seem to get mod_SSL > goin'. My httpd.conf file looks great and I've started and > stopped the > server correctly. My certificate and key are fine. Why can't I get > this bad boy going on HTTPS? Any trouble shooting techniques out > there? I was very precise when I set it up...I followed the > instructions to a tee...wazzup with this junx? > > Rick > > -- > Rick Dunetz > Director of Web Development > Telco Exchange > 9900 Main Street > Suite 302 > Fairfax, VA 22031 > > Ph: 703.383.1400 > Fax: 703.385.3788 > > Check our article on T1 Pricing in Network World Magazine: > http://www.nwfusion.com/research/2000/0508feattele.html > > > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] > __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
My server has not responded to any HTTPS commands. I haven't checked the SSL logs. I am using port 443 and I am only have 1 virtual host..for now. Rick "Hansknecht, Deborah A" wrote: > It's a little hard to help without a little detail. In what way is it not > working? Does the server respond to your HTTPS requests with anything at > all? Are there any entries in the SSL logs that indicate (first) that a > request has been received and (second) what it may have done with the > request. Double check your ports. Is SSL enabled on the port you're > attempting to use? (PLEASE don't try to use multiple name-based VirtuaHosts > with SSL!) > > Your logs really are the first place to look for answers. > > > -Original Message- > > From: Rick I Dunetz [mailto:[EMAIL PROTECTED]] > > Sent: September 27, 2000 10:15 AM > > To: [EMAIL PROTECTED] > > Subject: Please Help > > > > > > Hey Folks, > > > > I got Apache running on this sucker, but I can't seem to get mod_SSL > > goin'. My httpd.conf file looks great and I've started and > > stopped the > > server correctly. My certificate and key are fine. Why can't I get > > this bad boy going on HTTPS? Any trouble shooting techniques out > > there? I was very precise when I set it up...I followed the > > instructions to a tee...wazzup with this junx? > > > > Rick > > > > -- > > Rick Dunetz > > Director of Web Development > > Telco Exchange > > 9900 Main Street > > Suite 302 > > Fairfax, VA 22031 > > > > Ph: 703.383.1400 > > Fax: 703.385.3788 > > > > Check our article on T1 Pricing in Network World Magazine: > > http://www.nwfusion.com/research/2000/0508feattele.html > > > > > > __ > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager[EMAIL PROTECTED] > > > > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] -- Rick Dunetz Director of Web Development Telco Exchange 9900 Main Street Suite 302 Fairfax, VA 22031 Ph: 703.383.1400 Fax: 703.385.3788 Check our article on T1 Pricing in Network World Magazine: http://www.nwfusion.com/research/2000/0508feattele.html __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
I started the server correctly...when I start the server it asks me for a passphrase after I type it in is says OK, but it doesn't go back to the prompt. Rick Geoff Gilbert wrote: > Rick, > Did you try stopping with apachectl stop and restarting with the > command > apachectl startssl? > - Original Message - > From: "Rick I Dunetz" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, September 27, 2000 12:14 PM > Subject: Please Help > > > Hey Folks, > > > > I got Apache running on this sucker, but I can't seem to get mod_SSL > > goin'. My httpd.conf file looks great and I've started and stopped the > > server correctly. My certificate and key are fine. Why can't I get > > this bad boy going on HTTPS? Any trouble shooting techniques out > > there? I was very precise when I set it up...I followed the > > instructions to a tee...wazzup with this junx? > > > > Rick > > > > -- > > Rick Dunetz > > Director of Web Development > > Telco Exchange > > 9900 Main Street > > Suite 302 > > Fairfax, VA 22031 > > > > Ph: 703.383.1400 > > Fax: 703.385.3788 > > > > Check our article on T1 Pricing in Network World Magazine: > > http://www.nwfusion.com/research/2000/0508feattele.html > > > > > > __ > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager[EMAIL PROTECTED] > > > > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] -- Rick Dunetz Director of Web Development Telco Exchange 9900 Main Street Suite 302 Fairfax, VA 22031 Ph: 703.383.1400 Fax: 703.385.3788 Check our article on T1 Pricing in Network World Magazine: http://www.nwfusion.com/research/2000/0508feattele.html __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
You definitely need to check the ssl logs. In particular, I strongly recommend that you use debug mode for the ssl logs in your httpd.conf file. Be sure you restart the server after you make these changes. Lorrayne Rick I Dunetz wrote: > I started the server correctly...when I start the server it asks me for a > passphrase after I type it in is says OK, but it doesn't go back to the > prompt. > > Rick > > Geoff Gilbert wrote: > > > Rick, > > Did you try stopping with apachectl stop and restarting with the > > command > > apachectl startssl? > > - Original Message - > > From: "Rick I Dunetz" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Wednesday, September 27, 2000 12:14 PM > > Subject: Please Help > > > > > Hey Folks, > > > > > > I got Apache running on this sucker, but I can't seem to get mod_SSL > > > goin'. My httpd.conf file looks great and I've started and stopped the > > > server correctly. My certificate and key are fine. Why can't I get > > > this bad boy going on HTTPS? Any trouble shooting techniques out > > > there? I was very precise when I set it up...I followed the > > > instructions to a tee...wazzup with this junx? > > > > > > Rick > > > > > > -- > > > Rick Dunetz > > > Director of Web Development > > > Telco Exchange > > > 9900 Main Street > > > Suite 302 > > > Fairfax, VA 22031 > > > > > > Ph: 703.383.1400 > > > Fax: 703.385.3788 > > > > > > Check our article on T1 Pricing in Network World Magazine: > > > http://www.nwfusion.com/research/2000/0508feattele.html > > > > > > > > > __ > > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > > User Support Mailing List [EMAIL PROTECTED] > > > Automated List Manager[EMAIL PROTECTED] > > > > > > > __ > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager[EMAIL PROTECTED] > > -- > Rick Dunetz > Director of Web Development > Telco Exchange > 9900 Main Street > Suite 302 > Fairfax, VA 22031 > > Ph: 703.383.1400 > Fax: 703.385.3788 > > Check our article on T1 Pricing in Network World Magazine: > http://www.nwfusion.com/research/2000/0508feattele.html > > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
Rick, please be more specific, and provide more detailed information about your situtation. Read the mail archive(MARC) to get a feeling for what information you should be providing ( http://www.modssl.org/support <--marc is at the bottom of the page). Thanks, Robert Rick I Dunetz wrote: > > Hey Folks, > > I got Apache running on this sucker, but I can't seem to get mod_SSL > goin'. My httpd.conf file looks great and I've started and stopped the > server correctly. My certificate and key are fine. Why can't I get > this bad boy going on HTTPS? Any trouble shooting techniques out > there? I was very precise when I set it up...I followed the > instructions to a tee...wazzup with this junx? > > Rick __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Please Help
If you are using Apache/NT, I suspect that you have encountered the "famous" double prompt problem. I posted some patches for this some time ago which can be found on the archives of this list. To get around the problem do one of the following: a) run Apache with a -X parameter b) type the passphrase "blind" a send time when it appears hung c) decrypt your key file so that no passphrase is required > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Rick I Dunetz > Sent: Wednesday, September 27, 2000 12:51 PM > To: [EMAIL PROTECTED] > Subject: Re: Please Help > > > I started the server correctly...when I start the server it asks me for a > passphrase after I type it in is says OK, but it doesn't go back to the > prompt. > > Rick > > Geoff Gilbert wrote: > > > Rick, > > Did you try stopping with apachectl stop and restarting with the > > command > > apachectl startssl? > > - Original Message - > > From: "Rick I Dunetz" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Wednesday, September 27, 2000 12:14 PM > > Subject: Please Help > > > > > Hey Folks, > > > > > > I got Apache running on this sucker, but I can't seem to get mod_SSL > > > goin'. My httpd.conf file looks great and I've started and > stopped the > > > server correctly. My certificate and key are fine. Why can't I get > > > this bad boy going on HTTPS? Any trouble shooting techniques out > > > there? I was very precise when I set it up...I followed the > > > instructions to a tee...wazzup with this junx? > > > > > > Rick > > > > > > -- > > > Rick Dunetz > > > Director of Web Development > > > Telco Exchange > > > 9900 Main Street > > > Suite 302 > > > Fairfax, VA 22031 > > > > > > Ph: 703.383.1400 > > > Fax: 703.385.3788 > > > > > > Check our article on T1 Pricing in Network World Magazine: > > > http://www.nwfusion.com/research/2000/0508feattele.html > > > > > > > > > __ > > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > > User Support Mailing List [EMAIL PROTECTED] > > > Automated List Manager[EMAIL PROTECTED] > > > > > > > __ > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager[EMAIL PROTECTED] > > -- > Rick Dunetz > Director of Web Development > Telco Exchange > 9900 Main Street > Suite 302 > Fairfax, VA 22031 > > Ph: 703.383.1400 > Fax: 703.385.3788 > > Check our article on T1 Pricing in Network World Magazine: > http://www.nwfusion.com/research/2000/0508feattele.html > > > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] > __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
Sorry about that, I am running Apache 1.3.12...mod_ssl 2.6.6 on a pentium III 800 machine running Debian 2.2 Linux. I got a book on apache that had complete instructions on how to set up Apache and mod_ssl. I actaully FTP the packages over and installed from scratch. Everything went smoothly and I configured the server as specified. The basic web server works fine (http)...the SSL may be running, but I can't get it to work in the browser. It just times out. All I need is a way to troubleshoot this problem. I haven't looked at the log files and I don't know how to run in Debug mode... Anything you guys can give me would be terrific. I hope this is detailed enough...I don't have much more to give you. Rick "Robert L. Yelvington" wrote: > Rick, please be more specific, and provide more detailed information > about your situtation. Read the mail archive(MARC) to get a feeling for > what information you should be providing ( > http://www.modssl.org/support <--marc is at the bottom of the page). > > Thanks, > Robert > > Rick I Dunetz wrote: > > > > Hey Folks, > > > > I got Apache running on this sucker, but I can't seem to get mod_SSL > > goin'. My httpd.conf file looks great and I've started and stopped the > > server correctly. My certificate and key are fine. Why can't I get > > this bad boy going on HTTPS? Any trouble shooting techniques out > > there? I was very precise when I set it up...I followed the > > instructions to a tee...wazzup with this junx? > > > > Rick > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] -- Rick Dunetz Director of Web Development Telco Exchange 9900 Main Street Suite 302 Fairfax, VA 22031 Ph: 703.383.1400 Fax: 703.385.3788 Check our article on T1 Pricing in Network World Magazine: http://www.nwfusion.com/research/2000/0508feattele.html __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
How do you do this? Rick "Schaefer,Lorrayne J." wrote: > You definitely need to check the ssl logs. In particular, I strongly recommend > that you use debug mode for the ssl logs in your httpd.conf file. Be sure you > restart the server after you make these changes. > > Lorrayne > > Rick I Dunetz wrote: > > > I started the server correctly...when I start the server it asks me for a > > passphrase after I type it in is says OK, but it doesn't go back to the > > prompt. > > > > Rick > > > > Geoff Gilbert wrote: > > > > > Rick, > > > Did you try stopping with apachectl stop and restarting with the > > > command > > > apachectl startssl? > > > - Original Message - > > > From: "Rick I Dunetz" <[EMAIL PROTECTED]> > > > To: <[EMAIL PROTECTED]> > > > Sent: Wednesday, September 27, 2000 12:14 PM > > > Subject: Please Help > > > > > > > Hey Folks, > > > > > > > > I got Apache running on this sucker, but I can't seem to get mod_SSL > > > > goin'. My httpd.conf file looks great and I've started and stopped the > > > > server correctly. My certificate and key are fine. Why can't I get > > > > this bad boy going on HTTPS? Any trouble shooting techniques out > > > > there? I was very precise when I set it up...I followed the > > > > instructions to a tee...wazzup with this junx? > > > > > > > > Rick > > > > > > > > -- > > > > Rick Dunetz > > > > Director of Web Development > > > > Telco Exchange > > > > 9900 Main Street > > > > Suite 302 > > > > Fairfax, VA 22031 > > > > > > > > Ph: 703.383.1400 > > > > Fax: 703.385.3788 > > > > > > > > Check our article on T1 Pricing in Network World Magazine: > > > > http://www.nwfusion.com/research/2000/0508feattele.html > > > > > > > > > > > > __ > > > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > > > User Support Mailing List [EMAIL PROTECTED] > > > > Automated List Manager[EMAIL PROTECTED] > > > > > > > > > > __ > > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > > User Support Mailing List [EMAIL PROTECTED] > > > Automated List Manager[EMAIL PROTECTED] > > > > -- > > Rick Dunetz > > Director of Web Development > > Telco Exchange > > 9900 Main Street > > Suite 302 > > Fairfax, VA 22031 > > > > Ph: 703.383.1400 > > Fax: 703.385.3788 > > > > Check our article on T1 Pricing in Network World Magazine: > > http://www.nwfusion.com/research/2000/0508feattele.html > > > > __ > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager[EMAIL PROTECTED] > > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] -- Rick Dunetz Director of Web Development Telco Exchange 9900 Main Street Suite 302 Fairfax, VA 22031 Ph: 703.383.1400 Fax: 703.385.3788 Check our article on T1 Pricing in Network World Magazine: http://www.nwfusion.com/research/2000/0508feattele.html __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
I not running in NT..Debian 2.2 Rick Kirk Benson wrote: > If you are using Apache/NT, I suspect that you have encountered the "famous" > double prompt problem. I posted some patches for this some time ago which > can be found on the archives of this list. > > To get around the problem do one of the following: > > a) run Apache with a -X parameter > > b) type the passphrase "blind" a send time when it appears hung > > c) decrypt your key file so that no passphrase is required > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of Rick I Dunetz > > Sent: Wednesday, September 27, 2000 12:51 PM > > To: [EMAIL PROTECTED] > > Subject: Re: Please Help > > > > > > I started the server correctly...when I start the server it asks me for a > > passphrase after I type it in is says OK, but it doesn't go back to the > > prompt. > > > > Rick > > > > Geoff Gilbert wrote: > > > > > Rick, > > > Did you try stopping with apachectl stop and restarting with the > > > command > > > apachectl startssl? > > > - Original Message - > > > From: "Rick I Dunetz" <[EMAIL PROTECTED]> > > > To: <[EMAIL PROTECTED]> > > > Sent: Wednesday, September 27, 2000 12:14 PM > > > Subject: Please Help > > > > > > > Hey Folks, > > > > > > > > I got Apache running on this sucker, but I can't seem to get mod_SSL > > > > goin'. My httpd.conf file looks great and I've started and > > stopped the > > > > server correctly. My certificate and key are fine. Why can't I get > > > > this bad boy going on HTTPS? Any trouble shooting techniques out > > > > there? I was very precise when I set it up...I followed the > > > > instructions to a tee...wazzup with this junx? > > > > > > > > Rick > > > > > > > > -- > > > > Rick Dunetz > > > > Director of Web Development > > > > Telco Exchange > > > > 9900 Main Street > > > > Suite 302 > > > > Fairfax, VA 22031 > > > > > > > > Ph: 703.383.1400 > > > > Fax: 703.385.3788 > > > > > > > > Check our article on T1 Pricing in Network World Magazine: > > > > http://www.nwfusion.com/research/2000/0508feattele.html > > > > > > > > > > > > __ > > > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > > > User Support Mailing List [EMAIL PROTECTED] > > > > Automated List Manager[EMAIL PROTECTED] > > > > > > > > > > __ > > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > > User Support Mailing List [EMAIL PROTECTED] > > > Automated List Manager[EMAIL PROTECTED] > > > > -- > > Rick Dunetz > > Director of Web Development > > Telco Exchange > > 9900 Main Street > > Suite 302 > > Fairfax, VA 22031 > > > > Ph: 703.383.1400 > > Fax: 703.385.3788 > > > > Check our article on T1 Pricing in Network World Magazine: > > http://www.nwfusion.com/research/2000/0508feattele.html > > > > > > __ > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager[EMAIL PROTECTED] > > > > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] -- Rick Dunetz Director of Web Development Telco Exchange 9900 Main Street Suite 302 Fairfax, VA 22031 Ph: 703.383.1400 Fax: 703.385.3788 Check our article on T1 Pricing in Network World Magazine: http://www.nwfusion.com/research/2000/0508feattele.html __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
No sweat, Rick. As Lorrayne stated earlier check all logs. If you installed a standard apache from source...then you should look in /usr/local/apache/logs for the following files (or on debian logs may be in /var/log): error_log -> apache's error log ssl_engine_log -> ssl engine error log To specify "debug" for your apache (which is helpful, too!), edit your httpd.conf. You should already have a LogLevel entry like this: LogLevel info Simply change "info" to "debug". To specify "debug" for SSL, do the same...change SSLLogLevel from "info" to "debug". Now, save and exit httpd.conf and restart apache. I am curious, when you compiled apache w/mod_ssl, did you experience any compile probs? What were your compile settings? Rick I Dunetz wrote: > > Sorry about that, > > I am running Apache 1.3.12...mod_ssl 2.6.6 on a pentium III 800 machine > running Debian 2.2 Linux. I got a book on apache that had complete > instructions on how to set up Apache and mod_ssl. I actaully FTP the > packages over and installed from scratch. Everything went smoothly and I > configured the server as specified. The basic web server works fine > (http)...the SSL may be running, but I can't get it to work in the browser. > It just times out. All I need is a way to troubleshoot this problem. > > I haven't looked at the log files and I don't know how to run in Debug > mode... > > Anything you guys can give me would be terrific. > > I hope this is detailed enough...I don't have much more to give you. > > Rick > > "Robert L. Yelvington" wrote: > > > Rick, please be more specific, and provide more detailed information > > about your situtation. Read the mail archive(MARC) to get a feeling for > > what information you should be providing ( > > http://www.modssl.org/support <--marc is at the bottom of the page). > > > > Thanks, > > Robert __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
The compilation was smooth as silk...everything went as planned. The only thing I didn't do was add the RSA module...I didn't think it was necessary. Besides that I had no problems. What is supposed to happen in Debug mode? Thanks Rick "Robert L. Yelvington" wrote: > No sweat, Rick. > > As Lorrayne stated earlier check all logs. If you installed a standard > apache from source...then you should look in /usr/local/apache/logs for > the following files (or on debian logs may be in /var/log): > > error_log -> apache's error log > ssl_engine_log -> ssl engine error log > > To specify "debug" for your apache (which is helpful, too!), edit your > httpd.conf. You should already have a LogLevel entry like this: > > LogLevel info > > Simply change "info" to "debug". To specify "debug" for SSL, do the > same...change SSLLogLevel from "info" to "debug". Now, save and exit > httpd.conf and restart apache. > > I am curious, when you compiled apache w/mod_ssl, did you experience any > compile probs? What were your compile settings? > > Rick I Dunetz wrote: > > > > Sorry about that, > > > > I am running Apache 1.3.12...mod_ssl 2.6.6 on a pentium III 800 machine > > running Debian 2.2 Linux. I got a book on apache that had complete > > instructions on how to set up Apache and mod_ssl. I actaully FTP the > > packages over and installed from scratch. Everything went smoothly and I > > configured the server as specified. The basic web server works fine > > (http)...the SSL may be running, but I can't get it to work in the browser. > > It just times out. All I need is a way to troubleshoot this problem. > > > > I haven't looked at the log files and I don't know how to run in Debug > > mode... > > > > Anything you guys can give me would be terrific. > > > > I hope this is detailed enough...I don't have much more to give you. > > > > Rick > > > > "Robert L. Yelvington" wrote: > > > > > Rick, please be more specific, and provide more detailed information > > > about your situtation. Read the mail archive(MARC) to get a feeling for > > > what information you should be providing ( > > > http://www.modssl.org/support <--marc is at the bottom of the page). > > > > > > Thanks, > > > Robert > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] -- Rick Dunetz Director of Web Development Telco Exchange 9900 Main Street Suite 302 Fairfax, VA 22031 Ph: 703.383.1400 Fax: 703.385.3788 Check our article on T1 Pricing in Network World Magazine: http://www.nwfusion.com/research/2000/0508feattele.html __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
What is supposed to happen when I type in ./httpd -DSSL? When I do this it ask me for my PassPhrase and after I type it in...it just hangs...it doesn't go to prompt. Is there something worng with that? Rick "Robert L. Yelvington" wrote: > No sweat, Rick. > > As Lorrayne stated earlier check all logs. If you installed a standard > apache from source...then you should look in /usr/local/apache/logs for > the following files (or on debian logs may be in /var/log): > > error_log -> apache's error log > ssl_engine_log -> ssl engine error log > > To specify "debug" for your apache (which is helpful, too!), edit your > httpd.conf. You should already have a LogLevel entry like this: > > LogLevel info > > Simply change "info" to "debug". To specify "debug" for SSL, do the > same...change SSLLogLevel from "info" to "debug". Now, save and exit > httpd.conf and restart apache. > > I am curious, when you compiled apache w/mod_ssl, did you experience any > compile probs? What were your compile settings? > > Rick I Dunetz wrote: > > > > Sorry about that, > > > > I am running Apache 1.3.12...mod_ssl 2.6.6 on a pentium III 800 machine > > running Debian 2.2 Linux. I got a book on apache that had complete > > instructions on how to set up Apache and mod_ssl. I actaully FTP the > > packages over and installed from scratch. Everything went smoothly and I > > configured the server as specified. The basic web server works fine > > (http)...the SSL may be running, but I can't get it to work in the browser. > > It just times out. All I need is a way to troubleshoot this problem. > > > > I haven't looked at the log files and I don't know how to run in Debug > > mode... > > > > Anything you guys can give me would be terrific. > > > > I hope this is detailed enough...I don't have much more to give you. > > > > Rick > > > > "Robert L. Yelvington" wrote: > > > > > Rick, please be more specific, and provide more detailed information > > > about your situtation. Read the mail archive(MARC) to get a feeling for > > > what information you should be providing ( > > > http://www.modssl.org/support <--marc is at the bottom of the page). > > > > > > Thanks, > > > Robert > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] -- Rick Dunetz Director of Web Development Telco Exchange 9900 Main Street Suite 302 Fairfax, VA 22031 Ph: 703.383.1400 Fax: 703.385.3788 Check our article on T1 Pricing in Network World Magazine: http://www.nwfusion.com/research/2000/0508feattele.html __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Please Help
Title: I cannot help you if you are not more specific. As far as I know Apache+Mod_ssl starts a http daemon which allow you to use both. You simple have to follow the accurate documentation. If it doesn't work with your browser which error you get? Do you get an error when "http://your.domain.com or https://your.domain.com? A good troubleshooting is looking to the log files "error_log". Did you check the SSL section of your httpd.conf for correct path, certificate, etc.?Salvatore Ilardohttp://www.rokeby.com[EMAIL PROTECTED]-Original Message-From: [EMAIL PROTECTED][mailto:[EMAIL PROTECTED]]On Behalf Of Rick I DunetzSent: Wednesday, September 27, 2000 6:20 PMTo: [EMAIL PROTECTED]Subject: Re: Please HelpSorry about that,I am running Apache 1.3.12...mod_ssl 2.6.6 on a pentium III 800 machinerunning Debian 2.2 Linux. I got a book on apache that had completeinstructions on how to set up Apache and mod_ssl. I actaully FTP thepackages over and installed from scratch. Everything went smoothly and Iconfigured the server as specified. The basic web server works fine(http)...the SSL may be running, but I can't get it to work in the browser.It just times out. All I need is a way to troubleshoot this problem.I haven't looked at the log files and I don't know how to run in Debugmode...Anything you guys can give me would be terrific.I hope this is detailed enough...I don't have much more to give you.Rick"Robert L. Yelvington" wrote:> Rick, please be more specific, and provide more detailed information> about your situtation. Read the mail archive(MARC) to get a feeling for> what information you should be providing (> http://www.modssl.org/support <--marc is at the bottom of the page).>> Thanks,> Robert>> Rick I Dunetz wrote:> >> > Hey Folks,> >> > I got Apache running on this sucker, but I can't seem to get mod_SSL> > goin'. My httpd.conf file looks great and I've started and stopped the> > server correctly. My certificate and key are fine. Why can't I get> > this bad boy going on HTTPS? Any trouble shooting techniques out> > there? I was very precise when I set it up...I followed the> > instructions to a tee...wazzup with this junx?> >> > Rick> __> Apache Interface to OpenSSL (mod_ssl) www.modssl.org> User Support Mailing List [EMAIL PROTECTED]> Automated List Manager [EMAIL PROTECTED]--Rick DunetzDirector of Web DevelopmentTelco Exchange9900 Main StreetSuite 302Fairfax, VA 22031Ph: 703.383.1400Fax: 703.385.3788Check our article on T1 Pricing in Network World Magazine:http://www.nwfusion.com/research/2000/0508feattele.html__Apache Interface to OpenSSL (mod_ssl) www.modssl.orgUser Support Mailing List [EMAIL PROTECTED]Automated List Manager [EMAIL PROTECTED]
Re: Please Help
Please read previous messages...I have given you just about everything that I have as far as details. The biggest thing that I noticed (which is stated in a previous message), when I start the server...it asks me for my passphrase...I type in my pass phrase and then is says OK...then it just hangs. It doesn't take me back to a prompt and I have to control C to get back to the prompt. When I check whether or not the server process had been started (ps -aux)...nothing is there. I think this is the source of the problem, but I don't know how to fix it. Rick Salvo Ilardo wrote: > > > I cannot help you if you are not more specific. As far as I know > Apache+Mod_ssl starts a http daemon which allow you to use both. You > simple have to follow the accurate documentation. If it doesn't work > with your browser which error you get? Do you get an error when > "http://your.domain.com or https://your.domain.com? A good > troubleshooting is looking to the log files "error_log". > Did you check the SSL section of your httpd.conf for correct path, > certificate, etc.? > > Salvatore Ilardo > http://www.rokeby.com > [EMAIL PROTECTED] > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Rick I Dunetz > Sent: Wednesday, September 27, 2000 6:20 PM > To: [EMAIL PROTECTED] > Subject: Re: Please Help > > > Sorry about that, > > I am running Apache 1.3.12...mod_ssl 2.6.6 on a pentium III 800 > machine > running Debian 2.2 Linux. I got a book on apache that had complete > instructions on how to set up Apache and mod_ssl. I actaully FTP the > packages over and installed from scratch. Everything went smoothly > and I > configured the server as specified. The basic web server works fine > (http)...the SSL may be running, but I can't get it to work in the > browser. > It just times out. All I need is a way to troubleshoot this problem. > > I haven't looked at the log files and I don't know how to run in Debug > > mode... > > Anything you guys can give me would be terrific. > > I hope this is detailed enough...I don't have much more to give you. > > Rick > > "Robert L. Yelvington" wrote: > > > Rick, please be more specific, and provide more detailed information > > > about your situtation. Read the mail archive(MARC) to get a feeling > for > > what information you should be providing ( > > http://www.modssl.org/support <--marc is at the bottom of the > page). > > > > Thanks, > > Robert > > > > Rick I Dunetz wrote: > > > > > > Hey Folks, > > > > > > I got Apache running on this sucker, but I can't seem to get > mod_SSL > > > goin'. My httpd.conf file looks great and I've started and > stopped the > > > server correctly. My certificate and key are fine. Why can't I > get > > > this bad boy going on HTTPS? Any trouble shooting techniques out > > > there? I was very precise when I set it up...I followed the > > > instructions to a tee...wazzup with this junx? > > > > > > Rick > > > __ > > > Apache Interface to OpenSSL (mod_ssl) > www.modssl.org > > User Support Mailing List > [EMAIL PROTECTED] > > Automated List Manager > [EMAIL PROTECTED] > > -- > Rick Dunetz > Director of Web Development > Telco Exchange > 9900 Main Street > Suite 302 > Fairfax, VA 22031 > > Ph: 703.383.1400 > Fax: 703.385.3788 > > Check our article on T1 Pricing in Network World Magazine: > http://www.nwfusion.com/research/2000/0508feattele.html > > > __ > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager[EMAIL PROTECTED] -- Rick Dunetz Director of Web Development Telco Exchange 9900 Main Street Suite 302 Fairfax, VA 22031 Ph: 703.383.1400 Fax: 703.385.3788 Check our article on T1 Pricing in Network World Magazine: http://www.nwfusion.com/research/2000/0508feattele.html __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
Rick, by setting log levels to "debug", you will find that the logs will contain more verbose output regarding what is occurring (or in your case what is NOT occurring) as you start apache/ssl. Read the logs and forward their output to this list. Thanks, Rob Rick I Dunetz wrote: > > The compilation was smooth as silk...everything went as planned. The only thing > I didn't do was add the RSA module...I didn't think it was necessary. Besides > that I had no problems. > > What is supposed to happen in Debug mode? > > Thanks > > Rick > > "Robert L. Yelvington" wrote: > > > No sweat, Rick. > > > > As Lorrayne stated earlier check all logs. If you installed a standard > > apache from source...then you should look in /usr/local/apache/logs for > > the following files (or on debian logs may be in /var/log): > > > > error_log -> apache's error log > > ssl_engine_log -> ssl engine error log > > > > To specify "debug" for your apache (which is helpful, too!), edit your > > httpd.conf. You should already have a LogLevel entry like this: > > > > LogLevel info > > > > Simply change "info" to "debug". To specify "debug" for SSL, do the > > same...change SSLLogLevel from "info" to "debug". Now, save and exit > > httpd.conf and restart apache. > > > > I am curious, when you compiled apache w/mod_ssl, did you experience any > > compile probs? What were your compile settings? > > > > Rick I Dunetz wrote: > > > > > > Sorry about that, > > > > > > I am running Apache 1.3.12...mod_ssl 2.6.6 on a pentium III 800 machine > > > running Debian 2.2 Linux. I got a book on apache that had complete > > > instructions on how to set up Apache and mod_ssl. I actaully FTP the > > > packages over and installed from scratch. Everything went smoothly and I > > > configured the server as specified. The basic web server works fine > > > (http)...the SSL may be running, but I can't get it to work in the browser. > > > It just times out. All I need is a way to troubleshoot this problem. > > > > > > I haven't looked at the log files and I don't know how to run in Debug > > > mode... > > > > > > Anything you guys can give me would be terrific. > > > > > > I hope this is detailed enough...I don't have much more to give you. > > > > > > Rick > > > > > > "Robert L. Yelvington" wrote: > > > > > > > Rick, please be more specific, and provide more detailed information > > > > about your situtation. Read the mail archive(MARC) to get a feeling for > > > > what information you should be providing ( > > > > http://www.modssl.org/support <--marc is at the bottom of the page). > > > > > > > > Thanks, > > > > Robert __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
This is my ssl_error_log file. I took out my server name. Where it says "Wiped out the queried pass phrases from memory" I think that happened when I tried to get the prompt. When it hung after I entered my passphrase I control "C"ed to get me back to a prompt. [28/Sep/2000 11:19:57 03440] [info] Server: Apache/1.3.12, Interface: mod_ssl/2.6.6, Library: OpenSSL/0.9.6 [28/Sep/2000 11:19:57 03440] [info] Init: 1st startup round (still not detached) [28/Sep/2000 11:19:57 03440] [info] Init: Initializing OpenSSL library [28/Sep/2000 11:19:57 03440] [info] Init: Loading certificate & private key of SSL-aware server www.myserver.com:443 [28/Sep/2000 11:19:57 03440] [info] Init: Requesting pass phrase via builtin terminal dialog [28/Sep/2000 11:20:10 03440] [info] Init: Wiped out the queried pass phrases from memory [28/Sep/2000 11:22:46 03442] [info] Server: Apache/1.3.12, Interface: mod_ssl/2.6.6, Library: OpenSSL/0.9.6 [28/Sep/2000 11:22:46 03442] [info] Init: 1st startup round (still not detached) [28/Sep/2000 11:22:46 03442] [info] Init: Initializing OpenSSL library [28/Sep/2000 11:22:46 03442] [info] Init: Loading certificate & private key of SSL-aware server www.myserver.com:443 [28/Sep/2000 11:22:46 03442] [info] Init: Requesting pass phrase via builtin terminal dialog [28/Sep/2000 11:22:53 03442] [info] Init: Wiped out the queried pass phrases from memory [28/Sep/2000 11:26:34 03473] [info] Server: Apache/1.3.12, Interface: mod_ssl/2.6.6, Library: OpenSSL/0.9.6 [28/Sep/2000 11:26:34 03473] [info] Init: 1st startup round (still not detached) [28/Sep/2000 11:26:34 03473] [info] Init: Initializing OpenSSL library [28/Sep/2000 11:26:34 03473] [info] Init: Loading certificate & private key of SSL-aware server www.myserver.com:443 [28/Sep/2000 11:26:34 03473] [info] Init: Requesting pass phrase via builtin terminal dialog [28/Sep/2000 11:26:39 03473] [info] Init: Wiped out the queried pass phrases from memory [28/Sep/2000 11:27:41 03485] [info] Server: Apache/1.3.12, Interface: mod_ssl/2.6.6, Library: OpenSSL/0.9.6 [28/Sep/2000 11:27:41 03485] [info] Init: 1st startup round (still not detached) [28/Sep/2000 11:27:41 03485] [info] Init: Initializing OpenSSL library [28/Sep/2000 11:27:41 03485] [info] Init: Loading certificate & private key of SSL-aware server www.myserver.com:443 [28/Sep/2000 11:27:41 03485] [info] Init: Requesting pass phrase via builtin terminal dialog [28/Sep/2000 11:28:00 03485] [info] Init: Wiped out the queried pass phrases from memory [28/Sep/2000 11:46:02 03526] [info] Server: Apache/1.3.12, Interface: mod_ssl/2.6.6, Library: OpenSSL/0.9.6 [28/Sep/2000 11:46:02 03526] [info] Init: 1st startup round (still not detached) [28/Sep/2000 11:46:02 03526] [info] Init: Initializing OpenSSL library [28/Sep/2000 11:46:02 03526] [info] Init: Loading certificate & private key of SSL-aware server www.myserver.com:443 [28/Sep/2000 11:46:02 03526] [info] Init: Requesting pass phrase via builtin terminal dialog [28/Sep/2000 11:46:09 03526] [info] Init: Wiped out the queried pass phrases from memory [28/Sep/2000 11:58:46 03541] [info] Server: Apache/1.3.12, Interface: mod_ssl/2.6.6, Library: OpenSSL/0.9.6 [28/Sep/2000 11:58:46 03541] [info] Init: 1st startup round (still not detached) [28/Sep/2000 11:58:46 03541] [info] Init: Initializing OpenSSL library [28/Sep/2000 11:58:46 03541] [info] Init: Loading certificate & private key of SSL-aware server www.myserver.com:443 [28/Sep/2000 11:58:46 03541] [info] Init: Requesting pass phrase via builtin terminal dialog [28/Sep/2000 11:59:00 03541] [info] Init: Requesting pass phrase via builtin terminal dialog [28/Sep/2000 11:59:06 03541] [info] Init: Requesting pass phrase via builtin terminal dialog [28/Sep/2000 11:59:23 03541] [info] Init: Requesting pass phrase via builtin terminal dialog [28/Sep/2000 11:59:30 03541] [info] Init: Wiped out the queried pass phrases from memory [28/Sep/2000 12:04:27 03542] [info] Server: Apache/1.3.12, Interface: mod_ssl/2.6.6, Library: OpenSSL/0.9.6 [28/Sep/2000 12:04:27 03542] [info] Init: 1st startup round (still not detached) [28/Sep/2000 12:04:27 03542] [info] Init: Initializing OpenSSL library [28/Sep/2000 12:04:27 03542] [info] Init: Loading certificate & private key of SSL-aware server www.myserver.com:443 [28/Sep/2000 12:04:27 03542] [info] Init: Requesting pass phrase via builtin terminal dialog [28/Sep/2000 12:04:37 03542] [info] Init: Wiped out the queried pass phrases from memory [28/Sep/2000 12:04:48 03544] [info] Server: Apache/1.3.12, Interface: mod_ssl/2.6.6, Library: OpenSSL/0.9.6 [28/Sep/2000 12:04:48 03544] [info] Init: 1st startup round (still not detached) [28/Sep/2000 12:04:48 03544] [info] Init: Initializing OpenSSL library [28/Sep/2000 12:04:48 03544] [info] Init: Loading certificate & private key of SSL-aware server www.myserver.com:443 [28/Sep/2000 12:04:48 03544] [info] Init: Requesting pass phrase via builtin terminal dialog [28/Sep/2000 12:04:5
RE: Please Help
A couple of more points to examine: a) After you enter the passphrase (and before ^C): - try "ps -eaf" from another shell to see if any subprocesses have been spawned - if so, can you attach to the server b) Are you starting the server as root? c) If you decrypt the server key, it won't need to ask for a passphrase... try that d) try the -X parameter for debug single-process > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Rick I Dunetz > Sent: Wednesday, September 27, 2000 3:45 PM > To: [EMAIL PROTECTED] > Subject: Re: Please Help > > > Please read previous messages...I have given you just about everything > that I have as far as details. The biggest thing that I noticed (which > is stated in a previous message), when I start the server...it asks me > for my passphrase...I type in my pass phrase and then is says OK...then > it just hangs. It doesn't take me back to a prompt and I have to > control C to get back to the prompt. When I check whether or not the > server process had been started (ps -aux)...nothing is there. I think > this is the source of the problem, but I don't know how to fix it. > __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
This is the only thing that looks unusual in the error.log file. [Thu Sep 28 15:15:06 2000] [error] Cannot remove module mod_ssl.c: not found in module list [Thu Sep 28 15:15:10 2000] [info] mod_unique_id: using ip addr 555.555.555.55 Rick "Robert L. Yelvington" wrote: > Rick, by setting log levels to "debug", you will find that the logs will > contain more verbose output regarding what is occurring (or in your case > what is NOT occurring) as you start apache/ssl. Read the logs and > forward their output to this list. > > Thanks, > Rob > > Rick I Dunetz wrote: > > > > The compilation was smooth as silk...everything went as planned. The only thing > > I didn't do was add the RSA module...I didn't think it was necessary. Besides > > that I had no problems. > > > > What is supposed to happen in Debug mode? > > > > Thanks > > > > Rick > > > > "Robert L. Yelvington" wrote: > > > > > No sweat, Rick. > > > > > > As Lorrayne stated earlier check all logs. If you installed a standard > > > apache from source...then you should look in /usr/local/apache/logs for > > > the following files (or on debian logs may be in /var/log): > > > > > > error_log -> apache's error log > > > ssl_engine_log -> ssl engine error log > > > > > > To specify "debug" for your apache (which is helpful, too!), edit your > > > httpd.conf. You should already have a LogLevel entry like this: > > > > > > LogLevel info > > > > > > Simply change "info" to "debug". To specify "debug" for SSL, do the > > > same...change SSLLogLevel from "info" to "debug". Now, save and exit > > > httpd.conf and restart apache. > > > > > > I am curious, when you compiled apache w/mod_ssl, did you experience any > > > compile probs? What were your compile settings? > > > > > > Rick I Dunetz wrote: > > > > > > > > Sorry about that, > > > > > > > > I am running Apache 1.3.12...mod_ssl 2.6.6 on a pentium III 800 machine > > > > running Debian 2.2 Linux. I got a book on apache that had complete > > > > instructions on how to set up Apache and mod_ssl. I actaully FTP the > > > > packages over and installed from scratch. Everything went smoothly and I > > > > configured the server as specified. The basic web server works fine > > > > (http)...the SSL may be running, but I can't get it to work in the browser. > > > > It just times out. All I need is a way to troubleshoot this problem. > > > > > > > > I haven't looked at the log files and I don't know how to run in Debug > > > > mode... > > > > > > > > Anything you guys can give me would be terrific. > > > > > > > > I hope this is detailed enough...I don't have much more to give you. > > > > > > > > Rick > > > > > > > > "Robert L. Yelvington" wrote: > > > > > > > > > Rick, please be more specific, and provide more detailed information > > > > > about your situtation. Read the mail archive(MARC) to get a feeling for > > > > > what information you should be providing ( > > > > > http://www.modssl.org/support <--marc is at the bottom of the page). > > > > > > > > > > Thanks, > > > > > Robert > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] -- Rick Dunetz Director of Web Development Telco Exchange 9900 Main Street Suite 302 Fairfax, VA 22031 Ph: 703.383.1400 Fax: 703.385.3788 Check our article on T1 Pricing in Network World Magazine: http://www.nwfusion.com/research/2000/0508feattele.html __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please Help
That looks suspiciously like an httpd.conf error, you compiled mod_ssl as a static module, right? Someone suggested this to you earlier...what is the output of "httpd -l"? Also forward your apache configure options (or include the contents of "config.status" which should be in your build directory in the body of your next email message to this list). Thanks, Rob Rick I Dunetz wrote: > > This is the only thing that looks unusual in the error.log file. > > [Thu Sep 28 15:15:06 2000] [error] Cannot remove module mod_ssl.c: not found in >module > list > [Thu Sep 28 15:15:10 2000] [info] mod_unique_id: using ip addr 555.555.555.55 > > Rick > > "Robert L. Yelvington" wrote: > > > Rick, by setting log levels to "debug", you will find that the logs will > > contain more verbose output regarding what is occurring (or in your case > > what is NOT occurring) as you start apache/ssl. Read the logs and > > forward their output to this list. > > > > Thanks, > > Rob > > > > Rick I Dunetz wrote: > > > > > > The compilation was smooth as silk...everything went as planned. The only thing > > > I didn't do was add the RSA module...I didn't think it was necessary. Besides > > > that I had no problems. > > > > > > What is supposed to happen in Debug mode? > > > > > > Thanks > > > > > > Rick > > > > > > "Robert L. Yelvington" wrote: > > > > > > > No sweat, Rick. > > > > > > > > As Lorrayne stated earlier check all logs. If you installed a standard > > > > apache from source...then you should look in /usr/local/apache/logs for > > > > the following files (or on debian logs may be in /var/log): > > > > > > > > error_log -> apache's error log > > > > ssl_engine_log -> ssl engine error log > > > > > > > > To specify "debug" for your apache (which is helpful, too!), edit your > > > > httpd.conf. You should already have a LogLevel entry like this: > > > > > > > > LogLevel info > > > > > > > > Simply change "info" to "debug". To specify "debug" for SSL, do the > > > > same...change SSLLogLevel from "info" to "debug". Now, save and exit > > > > httpd.conf and restart apache. > > > > > > > > I am curious, when you compiled apache w/mod_ssl, did you experience any > > > > compile probs? What were your compile settings? > > > > > > > > Rick I Dunetz wrote: > > > > > > > > > > Sorry about that, > > > > > > > > > > I am running Apache 1.3.12...mod_ssl 2.6.6 on a pentium III 800 machine > > > > > running Debian 2.2 Linux. I got a book on apache that had complete > > > > > instructions on how to set up Apache and mod_ssl. I actaully FTP the > > > > > packages over and installed from scratch. Everything went smoothly and I > > > > > configured the server as specified. The basic web server works fine > > > > > (http)...the SSL may be running, but I can't get it to work in the browser. > > > > > It just times out. All I need is a way to troubleshoot this problem. > > > > > > > > > > I haven't looked at the log files and I don't know how to run in Debug > > > > > mode... > > > > > > > > > > Anything you guys can give me would be terrific. > > > > > > > > > > I hope this is detailed enough...I don't have much more to give you. > > > > > > > > > > Rick > > > > > > > > > > "Robert L. Yelvington" wrote: > > > > > > > > > > > Rick, please be more specific, and provide more detailed information > > > > > > about your situtation. Read the mail archive(MARC) to get a feeling for > > > > > > what information you should be providing ( > > > > > > http://www.modssl.org/support <--marc is at the bottom of the page). > > > > > > > > > > > > Thanks, > > > > > > Robert __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Please Help
Title: This is something that it should not to do. After the pass phrase, it should pop "OK" up and pass to root log in without stuck. It looks like it's not able to read the httpd.conf file or something is wrong on it. It's likely that the daemon will not start even if you try manually. As previously wrote an other friend, try manually with: 1) cp /dev/null error_log (this will clean error_log); 2) cp /dev/null access_log (this will clean access_log); 3) start apachectl startssl; 4) check with ps -aux whether the daemon starts or not; 5) check the error_log for errors. Regarding the other e-mail with your log file (ssl_engine_log), something is missing. I have Mod_ssl 2.6.3 but I bet that is almost the same this sequence. After: [28/Sep/2000 11:22:53 03442] [info] Init: Wiped out the queried pass phrases from memory SSL should generate RSA private keys and configuring DH parameters. It could be that you have made some mistakes generating your temporary keys. Check with "ca" if you are able to read it and they are corrects. In doubt, generate a new pair. I hope this helps. Salvatore Ilardohttp://www.rokeby.com[EMAIL PROTECTED] -Original Message-From: [EMAIL PROTECTED][mailto:[EMAIL PROTECTED]]On Behalf Of Rick I DunetzSent: Wednesday, September 27, 2000 8:45 PMTo: [EMAIL PROTECTED]Subject: Re: Please HelpPlease read previous messages...I have given you just about everythingthat I have as far as details. The biggest thing that I noticed (whichis stated in a previous message), when I start the server...it asks mefor my passphrase...I type in my pass phrase and then is says OK...thenit just hangs. It doesn't take me back to a prompt and I have tocontrol C to get back to the prompt. When I check whether or not theserver process had been started (ps -aux)...nothing is there. I thinkthis is the source of the problem, but I don't know how to fix it.RickSalvo Ilardo wrote:>>> I cannot help you if you are not more specific. As far as I know> Apache+Mod_ssl starts a http daemon which allow you to use both. You> simple have to follow the accurate documentation. If it doesn't work> with your browser which error you get? Do you get an error when> "http://your.domain.com or https://your.domain.com? A good> troubleshooting is looking to the log files "error_log".> Did you check the SSL section of your httpd.conf for correct path,> certificate, etc.?>> Salvatore Ilardo> http://www.rokeby.com> [EMAIL PROTECTED]>> -Original Message-> From: [EMAIL PROTECTED]> [mailto:[EMAIL PROTECTED]]On Behalf Of Rick I Dunetz> Sent: Wednesday, September 27, 2000 6:20 PM> To: [EMAIL PROTECTED]> Subject: Re: Please Help>>> Sorry about that,>> I am running Apache 1.3.12...mod_ssl 2.6.6 on a pentium III 800> machine> running Debian 2.2 Linux. I got a book on apache that had complete> instructions on how to set up Apache and mod_ssl. I actaully FTP the> packages over and installed from scratch. Everything went smoothly> and I> configured the server as specified. The basic web server works fine> (http)...the SSL may be running, but I can't get it to work in the> browser.> It just times out. All I need is a way to troubleshoot this problem.>> I haven't looked at the log files and I don't know how to run in Debug>> mode...>> Anything you guys can give me would be terrific.>> I hope this is detailed enough...I don't have much more to give you.>> Rick>> "Robert L. Yelvington" wrote:>> > Rick, please be more specific, and provide more detailed information>> > about your situtation. Read the mail archive(MARC) to get a feeling> for> > what information you should be providing (> > http://www.modssl.org/support <--marc is at the bottom of the> page).> >> > Thanks,> > Robert> >> > Rick I Dunetz wrote:> > >> > > Hey Folks,> > >> > > I got Apache running on this sucker, but I can't seem to get> mod_SSL> > > goin'. My httpd.conf file looks great and I've started and> stopped the> > > server correctly. My certificate and key are fine. Why can't I> get> > > this bad boy going on HTTPS? Any trouble shooting techniques out> > > there? I was very precise when I set it up...I followed the> > > instructions to a tee...wazzup with this junx?> > >> > > Rick> >> __>> > Apache Interface to OpenSSL (mod_ssl)> www.modssl.org> > User Support Mailing List> [EMAIL PROTECTED]> > Automated List Manager> [
need some help
where I can find rpm for mod ssl
plea for help
i realize this isn't really related to modssl but can anyone make sense of what could be goin on below? thanks -j bash-2.05# /usr/local/apache/bin/apachectl startssl Syntax error on line 207 of /usr/local/apache/conf/httpd.conf: Cannot load /usr/local/apache/libexec/libphp4.so into server: cannot open shared object file: cannot load shared object file: No such file or directory /usr/local/apache/bin/apachectl startssl: httpd could not be started bash-2.05# find / | grep libphp4.so /usr/src/php-4.0.5/libs/libphp4.so /usr/src/php-4.0.5/.libs/libphp4.so /usr/local/apache/libexec/libphp4.so bash-2.05# __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Need help
On Fri, 14 Sep 2001 [EMAIL PROTECTED] wrote: > Today when ran the mod_ssl 2.8.1 configuration script with the --force > option I was prompted for "File to patch:". Not knowing what to enter > I hit ctrl-c to abort. I received 3 or 4 of these "File to patch:" > prompts, hitting ctrl-c each time, before the configuration script > aborted. I am unable to find additional information, in the > documentation or on the mod_ssl web site, about the --force option or > the file names I need to enter when prompted "File to patch". Here's > the command line I used: This won't work well in general, particularly for widely varying versions of Apache. If you're going to get it to work at all, you'll probably have to apply the EAPI patches by hand (where "by hand" I mean actually open up the patch, see what change it's trying to make, find the equivalent code if it exists in the other version of Apache, and make the equivalent change). While this will sort of work, it's obviously a less-than-optimal solution. The company you're dealing with must support a mod_ssl version and an Apache version that match up. If they tell you to use a certain mod_ssl version, as I see it you have to assume that they want you to use the Apache version that that mod_ssl is designed to work with. Forcing people to patch Apache by hand is not conducive to a stable, supportable server, and I just can't believe that that's really what they want you to do. --Cliff -- Cliff Woolley [EMAIL PROTECTED] Charlottesville, VA __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Help with Certificates
Hello Everyone I need to create the key for my secure server I am just starting out with SSL so do not want to pay verisign yet later yes but now right now I am reading a decent webpage that tells you how to do it but there is a few paragraphs that I dont understand Here is the website. **begin paste* How can I create and use my own Certificate Authority (CA)?[L] The short answer is to use the CA.sh or CA.pl script provided by OpenSSL. The long and manual answer is this: Create a RSA private key for your CA (will be Triple-DES encrypted and PEM formatted): $ openssl genrsa -des3 -out ca.key 1024 Please backup this ca.key file and remember the pass-phrase you currently entered at a secure location. You can see the details of this RSA private key via the command $ openssl rsa -noout -text -in ca.key And you can create a decrypted PEM version (not recommended) of this private key via: $ openssl rsa -in ca.key -out ca.key.unsecure Create a self-signed CA Certificate (X509 structure) with the RSA key of the CA (output will be PEM formatted): $ openssl req -new -x509 -days 365 -key ca.key -out ca.crt You can see the details of this Certificate via the command: $ openssl x509 -noout -text -in ca.crt Prepare a script for signing which is needed because the ``openssl ca'' command has some strange requirements and the default OpenSSL config doesn't allow one easily to use ``openssl ca'' directly. So a script named sign.sh is distributed with the mod_ssl distribution (subdir pkg.contrib/). Use this script for signing. Now you can use this CA to sign server CSR's in order to create real SSL Certificates for use inside an Apache webserver (assuming you already have a server.csr at hand): $ ./sign.sh server.csr This signs the server CSR and results in a server.crt file. *end paste* I dont understand what they meen about preparing a script for signing. can someone help me created my first certificates thank you so much. Luc - This message sent using EMUmail -- http://www.emumail.com - Jumping through hoops to get E-mail on the road? You've got two choices: Join the circus, or use MollyMail. Molly Mail -- http://www.mollymail.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Setup help
Your best course would be to untar that modssl sourceball and read the documentation. Thanks, Ron DuFresne On Wed, 30 Jan 2002, Warren Macken wrote: > I have RH 7.1 server with Apache 1.3 installed and running,I need to get SSL > up and running.I have mod_ssl downloaded and ready to install but I want to > check what the is the best procedure first. > > 1: Where do I install mod_ssl and how do I configure to incorporate the > super cert. I have purchased from Thawte ? > 2: do I need to install openss ? > > Thanks > > > > -- ~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Setup help
mod_ssl is pre-packaged with with RH 7.1. The config items are in the /etc/httpd/conf/httpd.conf file, starting with: SSLEngine on When you say your "super cert" I'm guessing you mean your server cert. You need to put that cert in the /etc/httpd/conf/ssl.crt directory (and then run the 'make' command there), and then put your cert's corresponding private key file in the /etc/httpd/conf/ssl.key directory. Then, in your /etc/httpd/conf/httpd.conf file, you need to edit these two lines to point to your new cert and its key: SSLCertificateFile /etc/httpd/conf/ssl.crt/your-thawte-server-cert-filename.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/your-thawte-cert-private-key-filename.key Then, run /etc/init.d/httpd restart You should be able to see your default home page using https://your.site.name/ rather than http://your.site.name/ Warren Macken wrote: I have RH 7.1 server with Apache 1.3 installed and running,I need to get SSL up and running.I have mod_ssl downloaded and ready to install but I want to check what the is the best procedure first.1: Where do I install mod_ssl and how do I configure to incorporate the super cert. I have purchased from Thawte ?2: do I need to install openss ?Thanks -- Pete Palmer ([EMAIL PROTECTED])
Re: Urgent help
Dear Sonu, RE:>>> I want to use apache 2.0 how do I configure it with mod_ssl & openssl. AND RE:>>Please guide its very very urgent. Sorry to be the bearer of bad news, but it seems everyone who is in such a hurry frequently fails to do the most essential of things which are critical to their near term and long term success. This is a basic step which they probably already know but want to believe it to be otherwise. If you MUST start this endeavor, and it appears from your urgency that this is not an optional activity, then instead of going to the golf course, or enjoying time by the pool; or being with your family or friends and enjoying ESPN, or whatever else you could be doing, then, at least take the time to do your homework. Should you charge ahead without being somewhat cognizant of the complexity of it all, your experience will be encumbered by significant frustration and you will either end up badmouthing the product, your operating system, the people on this list, or whomever; when all of that could have easily been avoided by taking this one simple step. RTFM. I want to give you the absolute best advice of which I am cognizant, Sonu. You may think I'm being smart, arrogant, or simply rude, but I am going to pass on to you what some bright fellow from England recommended to me when "I" first wanted to install this package. And, it is a very important acronym to know if you are going to be successful in your endeavor. RTFM. "Read The Friendly Manual"... This is not your son's tricycle that you are going to be putting together. You might get away with skipping the directions when you decide to put minor projects together without taking the time to read the directions. However, IMO, this step CANNOT be avoided if you desire to attain success with your project. With that said, you can go the the Apache or modssl.org web site and pick up VOLUMES of information--for free!--helpful hints that will quickly get you on your way. Or, you can do like I did and immediately invest in at least one comprehensive text on the subject. I know there are several very excellent texts out there and some may have been written by others on this very list. I invested in one from Wrox Press called "Professional Apache" by Peter Wainwright. Again, there are several other excellent treatises on this subject and any of these will aid you IMMENSELY in your undertaking. These people have gone before you, to pave the way and relieve you of untold hours, days, or even weeks of frustration and anquish. The road is now clear and it is mostly smooth sailing, but you must have the roadmap if you are going to start the journey. So, Sonu, if it is indeed true that you need this in a "very very urgent" manner, then I would recommend that you do this ASAP.Spend the little bit of money and take the few hours required to AT LEAST read the basics for installation. If you don't want to spend the money, then you can study at numerous places on the web. In very short order, you can have your system up and running!--but you must start at the beginning. IF YOU CHOOSE NOT TO DO THIS, IMO, you'll be coming to this list all of the time, screaming "FIRE, FIRE", when in reality, there is no fire. There is only an illusion of fire, easily put out with your very own fire extinguisher--your mind. If you are not willing to start at the beginning then you might as well go play some golf and let someone else relieve you of the frustration you are about to experience... IMHO... Sincerely, Andrew Lietzow The ACL Group, Inc. > - Original Message - From: "Sonu Kishore" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, April 20, 2002 2:16 AM Subject: Urgent help > Please guide its very very urgent. > Reply at > [EMAIL PROTECTED] > [EMAIL PROTECTED] > > Regards > sonu > > __ > Do You Yahoo!? > Yahoo! Games - play chess, backgammon, pool and more > http://games.yahoo.com/ > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Urgent help
So much ergency, what perhaps 4 different "Urgent" requests?? Oh well... Thanks, Ron DuFresne -- ~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Some help
Hi, To compile your apache with this flags, --enable-rule is not working for me, so i did it like: bash# CFLAGS="-DSSL_EXPERIMENTAL -DSSL_ENGINE" ./configure regards Estrade Matthieu Le jeu 02/05/2002 à 20:16, Frederic DONNAT a écrit : > Hi All, > > I quite new to mod-ssl and apache 2.0.x, so i have a few question. > > With Apache 1.3.x, i was use to call openssl engine througth mod-ssl, with some >compilation condition (--enable-rule=SSL_ExPERIMENTAL), and http.conf modification >(SSLCryptoDevice ...). > > My problem comes with new Apache 2.0.x! > Am i right if i try to compile mod-ssl with the same rule adding >"--enable-rule=SSL_ExPERIMENTAL" when doing ./configure for apache? > If i do not misundersand, we can have compilation directive for module (as mod-ssl) >from apache configuration script? > Should i be able to use an openssl engine using the same "SSLCryptoDevice ..."? > > Thanks in advance. > Regards > Fred __ ifrance.com, l'email gratuit le plus complet de l'Internet ! vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP... http://www.ifrance.com/_reloc/email.emailif __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
install error - help!
Hi, I am trying to set up apache w/ mod_ssl, following the install guide on the web: http://www.engelschall.com/sw/mod_ssl/distrib/mod_ssl-SNAP/INSTALL My system is RHL5.2 on AMD K6-2. And I am using apache_1.3.4, mod_ssl-2.2.4-1.3.4, rsaref-2.0, openssl0.9.1c (w/ its patch) and nothing else. I did not modify rsaref-2.0/source/global.h file ('cause I didn't know how I should change it for my platform) Following the above mentioned guide, I did 'make' on openssl_0.9.1c , and received the following error messages. I don't know what to do now. Please help! /bin/rm -f ssleay gcc -o ssleay -DMONOLITH -I../include -DRSAref -O3 ssleay.o verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o -L. -L.. -L../.. -L../../.. -L.. -lssl -L.. -lcrypto -lRSAglue -Lpwd/../rsaref-2.0/local/ -lrsaref ld: cannot open -lrsaref: No such file or directory make[1]: *** [ssleay] Error 1 make[1]: Leaving directory `/home/down/openssl-0.9.1c/apps' making test... make[1]: Entering directory `/home/down/openssl-0.9.1c/test' gcc -I../include -DRSAref -O3 -c bntest.c -o bntest.o gcc -o bntest -I../include -DRSAref -O3 bntest.o -L. -L.. -L../.. -L../../.. -L.. -lcrypto -lRSAglue -Lpwd/../rsaref-2.0/local/ -lrsaref ld: cannot open -lrsaref: No such file or directory make[1]: *** [bntest] Error 1 make[1]: Leaving directory `/home/down/openssl-0.9.1c/test' making tools... make[1]: Entering directory `/home/down/openssl-0.9.1c/tools' make[1]: Nothing to be done for `all'. make[1]: Leaving directory `/home/down/openssl-0.9.1c/tools' [root@ny1 openssl-0.9.1c]# Thanks in advance, - Heewoon Chung [EMAIL PROTECTED] __ Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Help with mod_ssl.c.
Can anyone tell me what I'm doing wrong here? I get this error when I try to start httpd... Starting httpd: httpd Syntax error in line 110 of /etc/httpd/conf/httpd.conf: Cannot add module via name 'mod_ssl.c': not in list of loaded modules Thanks is advance. Chris Hearn [EMAIL PROTECTED]
need help! please..
Hi all, I try to create and use my own CA. I followed the steps in the F.A.Q. in modssl.org webpage and at the end I ran sign.sh script from mod_ssl-2.2.8 distribution. It gave me this message: error 7 at 0 depth lookup:certificate signature failure is that normal? but it also told me that the database has been updated,CA verifying: server.crt <-> CA cert. Please help! TIA pe' -- UNIX System Admin. Distributed Computing Services Lake Superior State University 650 W. Easterday Ave. Sault Ste. Marie. MI 49783 USA. -- __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please help.
There should be a much newer version of the RPM available at http://www.modssl.org/contrib/... give that a try. See Magnus Stenman's ANNOUNCE: message from earlier today for details. (PS: the current release of mod_ssl is 2.3.10, with 2.3.11 under development I believe.) -Cliff Cliff Woolley Central Systems Software Administrator Washington and Lee University http://www.wlu.edu/~jwoolley/ Work: (540) 463-8089 Pager: (540) 462-3472 >>> Prapan Chantavutsettee <[EMAIL PROTECTED]> 07/29/99 10:17AM >>> Dear all, I have installed the RPM package apache-mod_ssl 1.3.6-2.3.0 on Linux 5.2 and it seems to work fine. But only the first connection can be achieved. If I click Reload on the browser, the error message "Network : IO Error" will appear. I have a look on the error log file "error_log" of Apache, it displayed [notice] child pid 18457 exit signal Segmentation fault (11) and the log file ssl_engine_log showed as below : [info] Connection to child 1 established (server winds.thinxshop.fr:443) I checked the connections on the server with the command, netstat, the connection wasn't closed, it was in the state TIME_WAIT, FIN_WAIT2 ... To re-establish the connection (by clicking Reload or retype the URL), I had to wait until the connection had been completely closed (the message from netstat command) or close and re-open the browser. Could you please let me know what is going on ? and what I can solve such troubles. Many thanks in advance, Regards, Prapan __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please help.
This sounds similar to a problem I had under Slackware that turned out to be DBM session cache related when using a buggy vendor DBM library. I don't know much about the RH5.2 package, but it's possible that it's using the same broken DBM library as my copy of Slackware was. (Magnus, help me out here.) You could try using the built-in SDBM library, but it'll mean recompiling... -Cliff Cliff Woolley Central Systems Software Administrator Washington and Lee University http://www.wlu.edu/~jwoolley/ Work: (540) 463-8089 Pager: (540) 462-3472 >>> Prapan Chantavutsettee <[EMAIL PROTECTED]> 07/30/99 10:37AM >>> Many thanks. But I have tried the latest version and it couldn't solve such problem. Could you please help me t solve such trouble. I also installed PHP3 and Embeded Perl with the Apache-mod_ssl. Regards, Prapan Cliff Woolley wrote: > There should be a much newer version of the RPM available at > http://www.modssl.org/contrib/... > give that a try. See Magnus Stenman's ANNOUNCE: message from earlier > today for details. (PS: the current release of mod_ssl is 2.3.10, with > 2.3.11 under development I believe.) > > -Cliff > > Cliff Woolley > Central Systems Software Administrator > Washington and Lee University > http://www.wlu.edu/~jwoolley/ > > Work: (540) 463-8089 > Pager: (540) 462-3472 > > >>> Prapan Chantavutsettee <[EMAIL PROTECTED]> 07/29/99 10:17AM >>> > Dear all, > I have installed the RPM package apache-mod_ssl 1.3.6-2.3.0 on Linux > 5.2 and > it seems to work fine. But only the first connection can be achieved. > If I click > Reload on the browser, the error message "Network : IO Error" will > appear. > I have a look on the error log file "error_log" of Apache, it > displayed > [notice] child pid 18457 exit signal Segmentation fault (11) > and the log file ssl_engine_log showed as below : > [info] Connection to child 1 established (server > winds.thinxshop.fr:443) > I checked the connections on the server with the command, netstat, > the connection wasn't closed, it was in the state TIME_WAIT, FIN_WAIT2 > ... > To re-establish the connection (by clicking Reload or retype the URL), > I had to wait until the connection had been completely closed (the > message > from netstat command) or close and re-open the browser. >Could you please let me know what is going on ? and what I can > solve > such troubles. >Many thanks in advance, >Regards, >Prapan > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager [EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please help.
Many thanks. But I have tried the latest version and it couldn't solve such problem. Could you please help me t solve such trouble. I also installed PHP3 and Embeded Perl with the Apache-mod_ssl. Regards, Prapan Cliff Woolley wrote: > There should be a much newer version of the RPM available at > http://www.modssl.org/contrib/... > give that a try. See Magnus Stenman's ANNOUNCE: message from earlier > today for details. (PS: the current release of mod_ssl is 2.3.10, with > 2.3.11 under development I believe.) > > -Cliff > > Cliff Woolley > Central Systems Software Administrator > Washington and Lee University > http://www.wlu.edu/~jwoolley/ > > Work: (540) 463-8089 > Pager: (540) 462-3472 > > >>> Prapan Chantavutsettee <[EMAIL PROTECTED]> 07/29/99 10:17AM >>> > Dear all, > I have installed the RPM package apache-mod_ssl 1.3.6-2.3.0 on Linux > 5.2 and > it seems to work fine. But only the first connection can be achieved. > If I click > Reload on the browser, the error message "Network : IO Error" will > appear. > I have a look on the error log file "error_log" of Apache, it > displayed > [notice] child pid 18457 exit signal Segmentation fault (11) > and the log file ssl_engine_log showed as below : > [info] Connection to child 1 established (server > winds.thinxshop.fr:443) > I checked the connections on the server with the command, netstat, > the connection wasn't closed, it was in the state TIME_WAIT, FIN_WAIT2 > ... > To re-establish the connection (by clicking Reload or retype the URL), > I had to wait until the connection had been completely closed (the > message > from netstat command) or close and re-open the browser. >Could you please let me know what is going on ? and what I can > solve > such troubles. >Many thanks in advance, >Regards, >Prapan > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please help.
Could you please tell me where I can get the built-in SDRM library ??? and where I can see Magnus Stenman's ANNOUNCE ? Many thanks in advance Cliff Woolley wrote: > This sounds similar to a problem I had under Slackware that turned out > to be DBM session cache related when using a buggy vendor DBM library. > I don't know much about the RH5.2 package, but it's possible that it's > using the same broken DBM library as my copy of Slackware was. (Magnus, > help me out here.) You could try using the built-in SDBM library, but > it'll mean recompiling... > > -Cliff > > Cliff Woolley > Central Systems Software Administrator > Washington and Lee University > http://www.wlu.edu/~jwoolley/ > > Work: (540) 463-8089 > Pager: (540) 462-3472 > > >>> Prapan Chantavutsettee <[EMAIL PROTECTED]> 07/30/99 10:37AM >>> > Many thanks. But I have tried the latest version and it couldn't solve > such problem. Could you please help me t solve such trouble. > I also installed PHP3 and Embeded Perl with the Apache-mod_ssl. > Regards, > Prapan > > Cliff Woolley wrote: > > > There should be a much newer version of the RPM available at > > http://www.modssl.org/contrib/... > > give that a try. See Magnus Stenman's ANNOUNCE: message from > earlier > > today for details. (PS: the current release of mod_ssl is 2.3.10, > with > > 2.3.11 under development I believe.) > > > > -Cliff > > > > Cliff Woolley > > Central Systems Software Administrator > > Washington and Lee University > > http://www.wlu.edu/~jwoolley/ > > > > Work: (540) 463-8089 > > Pager: (540) 462-3472 > > > > >>> Prapan Chantavutsettee <[EMAIL PROTECTED]> 07/29/99 10:17AM > >>> > > Dear all, > > I have installed the RPM package apache-mod_ssl 1.3.6-2.3.0 on > Linux > > 5.2 and > > it seems to work fine. But only the first connection can be > achieved. > > If I click > > Reload on the browser, the error message "Network : IO Error" will > > appear. > > I have a look on the error log file "error_log" of Apache, it > > displayed > > [notice] child pid 18457 exit signal Segmentation fault (11) > > and the log file ssl_engine_log showed as below : > > [info] Connection to child 1 established (server > > winds.thinxshop.fr:443) > > I checked the connections on the server with the command, netstat, > > the connection wasn't closed, it was in the state TIME_WAIT, > FIN_WAIT2 > > ... > > To re-establish the connection (by clicking Reload or retype the > URL), > > I had to wait until the connection had been completely closed (the > > message > > from netstat command) or close and re-open the browser. > >Could you please let me know what is going on ? and what I can > > solve > > such troubles. > >Many thanks in advance, > >Regards, > >Prapan > > > __ > > Apache Interface to OpenSSL (mod_ssl) > www.modssl.org > > > > > User Support Mailing List > [EMAIL PROTECTED] > > > > > Automated List Manager > [EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Please help.
On Mon, Aug 02, 1999, Prapan Chantavutsettee wrote: > Could you please tell me where I can get the built-in SDRM library ??? In short: --enable-rule=SSL_SDBM In long: read the INSTALL document! Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Upgrade question... HELP!
Hello, A while ago I built apache 1.3.6 with mod_ssl-2.3.1-1.3.6 and mod_perl-1.19 on my sun solaris 2.7 PRODUCTION box. Everything has worked GREAT! QUESTION: I want to upgrade to apache1.3.9 and mod_ssl-2.4.8-1.3.9 and mod_perl-1.21, BUT I am not certain on the safe strategy for upgrading my PRODUCTION system. Given the steps BELOW for building and installing (from the INSTALL file), at what point will I disturb libaries/executables that the production system is using? Installing mod_ssl into the apache tree in STEP 1 below looks pretty safe. But when I try installing mod_perl in STEP 2 (make install) it wants to write to /usr/local/lib/. which concerns me, what if it overwrites a mod_perl file that the current system is using (with an incompatible version)? I assume in STEP 3 that I can simply direct apache to install to a new apache home directory then test it out, --if it works then install it to the current apache directory (it will leave my configs and app's alone, won't it)? OR do I need to create a new instance, and copy over my current apache web application to it? Please help, Thank You Keith - I am following the directions in the INSTALL file: STEP1 # apply mod_ssl to Apache source tree $ cd mod_ssl-2.4.x-1.3.x $ ./configure \ --with-apache=../apache_1.3.x $ cd .. STEP 2 - # apply mod_perl to Apache source tree # and build/install the Perl-side of mod_perl $ cd mod_perl-1.xx $ perl Makefile.PL \ EVERYTHING=1 \ APACHE_SRC=../apache_1.3.x/src \ USE_APACI=1 \ PREP_HTTPD=1 \ DO_HTTPD=1 $ make $ make install $ cd .. STEP 3 - # build/install Apache with mod_ssl and mod_perl $ cd apache_1.3.x $ SSL_BASE=/path/to/openssl ./configure \ --prefix=/path/to/apache \ --enable-module=ssl \ --activate-module=src/modules/perl/libperl.a \ --enable-module=perl $ make $ make certificate $ make install $ cd .. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: mod_ssi help
check out: http://www.modssl.org/source/exp/mod_ssl/pkg.mod_ssl/INSTALL you also have a copy of this document in the mod_ssl source directory. It gives complete instructions. Just follow step by step and it should work fine. cliff rayman genwax.com Darko wrote: > Hello everybody, > > I really need your help regarding apache. > I have red hat 6.1 and apache came with this 1.3.9 version. How do I > enable ssl inside apache ? > I also got mod_ssl_2.4.9 package and unpacked it, but I am not sure if I > need to install it. Is it possible to integrate this inside current > apache configuration or I need to reinstall apache ? > I also got OpenSSL for this. > Please help me if you can with this. > > Thanx, > > Darko > > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Help required : installation
I have already got an apache web-server running and now I am unable to install modssl and without the apache source tree. Can any one help ? __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Help on SSLRandomSeed
Hi, I've been trying to recompile ModSSL rel. 2.6.2 with Apache 1.3.12 and OpenSSL rel. 0.9.5. on a Sun UltraSPARC running Solaris 2.7. Of course I had the same problem that many others had before me. Once everything gets compiled I issue the following command: make certificate TYPE=custom And I get the following error message: .. .. Enter PEM pass phrase: * Verifying password - Enter PEM pass phrase: * unable to write key 17423:error:24064064:random number generator:SSLEAY_RAND_BYTES:prng not seeded:md_rand.c:470: mkcert.sh:Error: Failed to encrypt RSA private key make[1]: *** [certificate] Error 1 make[1]: Leaving directory `/usr/local/proxysrc/apache_1.3.12/src' make: *** [certificate] Error 2 Of course I've been reading everything about the SSLRandomSeed directive and in fact I've compiled and installed the truerand program and defined the following entry into the ./mod_ssl-2.6.2-1.3.12/pkg.sslcfg/sslcfg.patch file: SSLRandomSeed startup exec:/usr/local/bin/truerand 16 Still I get the same error. How can I use the SSLRandomSeed with a $HOME/.rnd file? Shall I use EGD? Of course my system (being a Solaris system) does not have either a /dev/random or a /dev/urandom device. Any suggestion would be really appreciated... Thank you very much in advance. Best regards, Costantino Imbrauglio Information Technology - Banca IMI - Milan " This message is confidential and solely for the intended addressee(s). If you are not the intended recipient of this message, please notify the sender immediately and delete it from your system. Unauthorised reproduction, disclosure, modification and/or distribution of this e-mail is strictly prohibited. The contents of this e-mail do not constitute a commitment by Banca d'Intermediazione Mobiliare IMI S.p.A. (Banca IMI), except where expressly provided for in a written agreement between you and Banca IMI. Banca dIntermediazione Mobiliare IMI S.p.A. is an authorised Bank in Italy. Banca dIntermediazione Mobiliare IMI S.p.A., London Branch, a member of the London Stock Exchange, is regulated by the Securities and Futures Authority for the conduct of investment business in the UK. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
HELP!! Part 2
I wrote: "I'm using an Apache 1.3.12 (win32), ApacheJServ 1.1, mod_ssl 2.6.0 and OpenSSL 0.9.4. Starting Apache a warning message is appearing "Loaded DSO [...]\ApacheModuleJServ.dll uses plain Apache 1.3 API, this module might crash under EAPI! (please recompile it with -DEAPI) I'm trying to do that but in Visual C++ 6.0 (cl command) there isn't a -DEAPI option. I think it's a compiler option and not a linker option. Does anybody knows which compiler option is the one i need? or, better, does anybody has an ApacheModuleJServ.dll already compiled with this option?" To compile Apache JServ I'm using nmake: c:\>nmake -f Makefile.Win32 APACHE_SRC=... PACKAGE=JServ VERSION=1.1 EAPI If we add "EAPI" to the command line, the makefile is setting: !IFDEF EAPI JSERV_DEFINE = $(JSERV_DEFINE) /D "EAPI" !ENDIF But nothing is doing the .c and .h files with this macro. If you take a look at the httpd.h file, the "EAPI" definition is used: #ifdef EAPI #include "ap_mm.h" #endif #include "alloc.h" /* * Include the Extended API headers. * Don't move the position. It has to be after alloc.h because it uses the * pool stuff but before buff.h because the buffer stuff uses the EAPI, too. */ #ifdef EAPI #include "ap_hook.h" #include "ap_ctx.h" #endif /* EAPI */ ¿?I don't know what to do. ___ Do You Yahoo!? Consiga gratis su dirección @yahoo.es en http://correo.yahoo.es __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
HELP !! Part 3
I've tried all, adding /D "EAPI" as a preprocessor symbol, -DEAPI as an option in the command line compiler options and more, but the warning in there all the time. My makefile is: # # Apache mod_jserv Makefile for Win32 systems # $Revision: 1.10 $ # # # Don't echo commands # #.SILENT: # Compiler and linker definition CC = $(CC) /nologo LINK = link /nologo # # Check for APACHE_SRC definition # !IFNDEF APACHE_SRC errormessage = Variable "APACHE_SRC" not defined. all: error !ENDIF ## # Check for PACKAGE definition ## !IFNDEF PACKAGE errormessage = Variable "PACKAGE" not defined. all: error !ENDIF ## # Check for VERSION definition ## !IFNDEF VERSION errormessage = Variable "VERSION" not defined. all: error !ENDIF ## # Compile time definitions ## JSERV_DEFINE = /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "EAPI" # Additional definition for STANDALONE !IFDEF STANDALONE JSERV_DEFINE = $(JSERV_DEFINE) /D "JSERV_STANDALONE" !ENDIF # Additional definition for EAPI !IFDEF EAPI JSERV_DEFINE = $(JSERV_DEFINE) /D "EAPI" !ENDIF # # Include search path definitions # JSERV_C_INCL = /I$(APACHE_SRC)\include /I$(APACHE_SRC)\os\win32 /I. # C Compiler options JSERV_C_OPTS = /nologo /MD /W3 /GX /O2 /YX /FD /c /Fp"ApacheModuleJServ.pch" \ /Fo".\\" /Fd".\\" /DEAPI # Linker options JSERV_L_OPTS = /nologo $(APACHE_SRC)\CoreR\ApacheCore.lib kernel32.lib user32.lib \ gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib \ ws2_32.lib /subsystem:console /incremental:no /machine:I386 \ /pdb:".\ApacheModuleJServ.pdb" /NODEFAULTLIB:LIBC ## # The target object files to build ## JSERV_OBJS=mod_jserv.obj \ jserv_protocols.obj \ jserv_mmap.obj \ jserv_watchdog.obj \ jserv_balance.obj \ jserv_utils.obj \ jserv_image.obj \ jserv_status.obj \ jserv_ajpv11.obj \ jserv_ajpv12.obj \ jserv_wrapper.obj \ jserv_wrapper_win.obj # Check if we need to build a module DLL or a StandAlone EXE !IFDEF STANDALONE build: jserv.h ApacheJServ.exe echo Done. !ELSE build: jserv.h $(APACHE_SRC)\CoreR\ApacheCore.lib ApacheModuleJServ.dll echo Done. !ENDIF # # Build rules # jserv.h: autochange.exe @autochange PACKAGE=$(PACKAGE) VERSION=$(VERSION) < jserv.h.in > jserv.h autochange.exe: autochange.c $(CC) autochange.c .c.obj: $(CC) $(JSERV_C_OPTS) $(JSERV_C_INCL) $(JSERV_DEFINE) $< ApacheModuleJServ.dll: $(JSERV_OBJS) $(LINK) $(JSERV_L_OPTS) $(JSERV_OBJS) /dll /out:"ApacheModuleJServ.dll" ApacheJServ.exe: $(JSERV_OBJS) $(LINK) $(JSERV_L_OPTS) $(JSERV_OBJS) /out:"ApacheModuleJServ.exe" ren ApacheModuleJServ.exe ApacheJServ.exe ## # Cleaning ## clean: erase *.obj erase *.idb erase jserv.h erase autochange.exe erase ApacheModuleJServ.exp erase ApacheModuleJServ.lib erase ApacheModuleJServ.pch distclean: clean erase ApacheJServ.exe erase ApacheModuleJServ.dll # # Help and error messages display # help: type << USAGE: nmake -f Makefile.Win32 APACHE_SRC=(apache source dir) PACKAGE=(package name) VERSION=(version number) [clean] << error: echo ERROR: $(errormessage) echo ERROR: Try "$(MAKE) /F Makefile.Win32 help" for help. But replacing the resulting ApacheModuleJServ.dll file nothing matters. What i doing wrong? Thanks. ___ Do You Yahoo!? Consiga gratis su dirección @yahoo.es en http://correo.yahoo.es __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
help with modules
Hi I've installed Apache 1.3.12 with openssl and modssl. My Apache server is working 100% with SSL enabled. But now comes the problem with adding in modules, in particular mod_expires module. How do I go about doing this, without having to re-compile Apache? In my httpd.conf I've added LoadModules expire_module /path/to/mod_expire.so but it gives invalid command errors. thanx for the help ~~ Martin __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Need help !
Try (instead of localhost:443) using 192.168.0.225:443, in your openssl s_client commandline. --- Mat Butler, Winged Wolf <[EMAIL PROTECTED]> SPASTIC Web Engineer SPASTIC Server Administrator Begin FurryCode v1.3 FCWw5amrsw A- C+ D H+++ M+[servercoder] P+ R++ T+++ W Z++ Sm++ RLCT/M*/LW* a cl/u/v>+ !d e- f> h++ iwf+++ j p->+ sm++ End FurryCode v1.3 On Fri, 14 Apr 2000, Vagel Argyrakis wrote: > Hi all, > > I have problems with ssl on my apache server (rh 6.1) > The certicicate has been created with make certificate > On launch with apachectl startssl i enter the passphrase and everything seems to be >correct, the server starts-up giving as output : > > Server my.server.name:443 (RSA) > Enter pass phrase: > > Ok: Pass Phrase Dialog successful. > ./apachectl startssl: httpd started > > But when i try to connect to it using https:// i receive no answer. I also tried to >scan the ports and it seems that port 443 is not open. > This is the ssl related section of my httpd.conf file: > > > Listen 80 > Listen 443 > AddType application/x-x509-ca-cert .crt > AddType application/x-pkcs7-crl.crl > > > SSLPassPhraseDialog builtin > SSLSessionCache dbm:/usr/local/apache/logs/ssl_scache > SSLSessionCacheTimeout 300 > SSLMutex file:/usr/local/apache/logs/ssl_mutex > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > > SSLLog /usr/local/apache/logs/ssl_engine_log > SSLLogLevel info > > > > DocumentRoot /www/htdocs/ > ErrorLog /usr/local/apache/logs/error_log > TransferLog /usr/local/apache/logs/access_log > SSLEngine on > SSLVerifyClient require > SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt > SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key > SSLLogFile /usr/local/apache/logs/ssl_misc_log > > > SSLOptions +StdEnvVars > > > SSLOptions +StdEnvVars > > > SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown > > > > > > This is the log in ssl_engine_log : > > [11/Apr/2000 08:11:30 01141] [info] Server: Apache/1.3.12, Interface: >mod_ssl/2.6.2, Library: OpenSSL/0.9.5a > [11/Apr/2000 08:11:30 01141] [info] Init: 1st startup round (still not detached) > [11/Apr/2000 08:11:30 01141] [info] Init: Initializing OpenSSL library > [11/Apr/2000 08:11:33 01141] [info] Init: Wiped out the queried pass phrases from >memory > [11/Apr/2000 08:11:33 01141] [info] Init: Seeding PRNG with 136 bytes of entropy > [11/Apr/2000 08:11:33 01141] [info] Init: Generating temporary RSA private keys >(512/1024 bits) > [11/Apr/2000 08:11:34 01141] [info] Init: Configuring temporary DH parameters >(512/1024 bits) > > > When i manually test ssl with the command : # ./openssl s_client -connect >localhost:443 -state -debug > i receive the answer : > connect: Connection refused > connect:errno=111 > > Anyone could give me some help? > > Thanks in advance > > Vagel Argyrakis > > [EMAIL PROTECTED] > __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Need help !
On Fri, Apr 14, 2000 at 08:16:18AM +0200, Vagel Argyrakis wrote: [SNIP] > SSLVerifyClient require By having this setting, you require that the client should present a valid certificate signed by a CA given in either SSLCACertificateFile or SSLCACertificatePath - but you don't seem to have either of those two set. You should probably start out by commenting out SSLVerifyClient. vh Mads Toftum __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Need help !
--Original Message Text--- From: Vagel Argyrakis Date: Fri, 14 Apr 2000 08:16:18 +0200 >Hi all, >I have problems with ssl on my apache server (rh 6.1) >The certicicate has been created with make certificate >On launch with apachectl startssl i enter the passphrase and everything seems to be >correct, the server starts-up >giving as output : > >Server my.server.name:443 (RSA) >Enter pass phrase: > >Ok: Pass Phrase Dialog successful. >./apachectl startssl: httpd started > >But when i try to connect to it using https:// i receive no answer. I also tried to >scan the ports and it seems that >port 443 is not open. >This is the ssl related section of my httpd.conf file: I had same problem in Win NT, but, when I removed the password from the key certificate because I didn' t want to digit the password when Apache starts everything went the right way. Hope it helps. Regards. --- "On a day not different than the one now dawning, Leonardo drew the first strokes of the Mona Lisa, Shakespeare wrote the first words of Hamlet, and Beethoven began work on his Ninth Symphony." And Windows98 Crashed! --- Francesco D'Inzeo WinTech S.r.l. Via Lisbona 7 35127 PADOVA (Italy) Tel. (+39)-(0)49-8703033 Fax. (+39)-(0)49-8703045 e-mail [EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Need help !
On Wed, Apr 19, 2000 at 10:24:48AM +0200, Vagel Argyrakis wrote: > Hi, > > Thanks for the ideas. I tried both using the ip address instead of localhost and i >commented out the setting : SSLVerifyClient require, but it still doesn't work. > > Anything else that i could do? > I'm sure that you have to do it without SSLVerifyClient - other things that could be wrong is a bit harder to guess ;-) There is one thing you could try - checking to see wether the server is listening on the SSL port at all, because the error you get from s_client looks exactly like what I get when my server isn't started yet. So my guess is that you don't get any connect because there is no server to answer s_client. You could try some of the steps that I've mentioned in http://marc.theaimsgroup.com/?l=apache-modssl&m=95631272704634&w=2. You could also set SSLLogLevel to debug to get extra info. vh Mads Toftum -- `Darn it, who spiked my coffee with water?!' - lwall __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
ODP: Need help !
Thanks for the ideas. I tried both using the ip address instead of localhost and i commented out the setting : SSLVerifyClient require, but it still doesn't work. Anything else that i could do? You can check also: netstat -vat - to see if httpd is listening on https port (443) and /or ipchains -L -v - to see if your port is open __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: help wanted
Try mod_rewrite http://www.apache.org/docs/mod/mod_rewrite.html -carlos Ganesh Doke wrote: > Hi, >I am ganesh doke working on e-commerce project with platform webojects > and apache server. > Can someone give some idea to me. > > How do I change the http://www.servername.com/cgi-bin/WebObjects portion of > the URL into e.g. http://www.servername.com/Apps? > >Please explain what changes are required to do in apache and in > webobjects. >my mail id is >[EMAIL PROTECTED] > > > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] -- --- Carlos Ramirez + Boeing + Reusable Space Systems + 714.372.4181 --- __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: help wanted
Our you could just change the setting file section: E.g. ScriptAlias /cgi-bin/ "d:/PROGRA~1/OpenSA/Apache/cgi-bin/" to ScriptAlias /Apps/ "d:/PROGRA~1/OpenSA/Apache/cgi-bin/WebObjects" Lars __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Help needed
My suggestion - download/install the prebuilt binaries from www.opensa.org. You will have a system that needs only have the httpd.conf file edited to enable a working server. The comments in the httpd.conf file plus the mod_ssl reference manual should be sufficiently step-by-step. cheers Kirk > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > [EMAIL PROTECTED] > Sent: Tuesday, May 23, 2000 11:55 PM > To: [EMAIL PROTECTED] > Subject: Help needed > > > Dear mod_ssl engineers, > > I am Vijay,from India working day and night on apache Module mod_ssl > to enable ssl on apache on windows_nt. > I have followed all the instructions given in the readme.win32 file of > mod_ssl software directory.The process has created ApacheModuleSSL.dll > under apache\src\modules\ssl directory.I need to proceed further now to > include this module in Apache.Please help me in guiding on how to proceed > in a step by step instruction style as soon as possible and oblige. > > Thank u > Vijay > __ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager[EMAIL PROTECTED] > __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Error message help
Hi all, I'm new to the list and to mod_ssl, and well ssl in general, so I hope you'll forgive what may be dumb questions. I've been tasked with setting up a ssl site for a small company that wants to sell online. I've never done anything other than plain sites before, so I'm having to learn. I've done what all the docs have told me to, as near as I can tell, and I've gotten pretty far along. I'm still fuzzy on the exact syntax of the directives, but I've gotten it nearly working I think. This is all being done on a stock Caldera 3.11 server box. Now, the error I'm getting now that I can't seem to find any help on, in the error_log is: OpenSSL: error:0D06B078:asn1 encoding routines:ASN1_get_object:header too long I've googled on it, and searched FAQ's, etc, and nothing of help has appeared. I'd appreciate some help on this, I hate when I can't find help in the docs, I hate having to bother anyone. Thanks -- Matt __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Help with install
Hi everyone, I am new to the list, and I have built Apache 1.3.26 on Solaris 8 with mod_ssl 2.8.10 and mod_perl 1.27. There is no problem with apachectl start. However, starting the SSL server produces the following error: /opt/apache/bin/apachectl startssl Syntax error on line 206 of /opt/apache/conf/httpd.conf: Can't locate API module structure 'SSL' in file /opt/apache/libexec/libssl.so: ld.so.1: /opt/apache/bin/httpd: fatal: SSL: can't find symbol What have I done wrong? Any assistance would be greatly appreciated. Thanks! Erich C. Beyrent
Client Certificates (Help!)
Hi, Does anyone have any good URLs or instructions about how to create client certificates for browsers so that only browsers with the certificate can connect to the server (or view certain directories on the server)? I tried one procedure I found on the web, and it ended up with Apache complaining about the keys and certificates it had. The best I could do myself was a self-signed SSL certificate (which worked fine), but the client certificates didn't work out. I'll try any procedures anyone supplies, and if that doesn't work I'll post detailed information about what I tried and what went wrong. The site, by the way, is www.e-collab.com. The self-signed SSL certificate for Apache worked fine. It was just the more advanced stuff that eluded me. Thanks a lot! Merry Christmas! Dave Ashley. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]