NEED HELP!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

[Chris DiLorenzo]

Hi, Am Sorry for this message because it may get to you as supprise but it's
because of the situation of things right now. I want use this opportunity to
explain my problem. I was here in London on Vacation but yesterday thing
change because i was mugged at hotel am staying.

The worse of it is that bags, cash and cards and my cell phone was stolen at
during the incident and it's such a crazy experience for me. Now, am
stranded here without any money with me and i need flying back home.
Although am so happy that am physically ok and my passport still save with
me.

I have been to police to make report about the inccident but the best help
they could render to me is that they lead me to the embassy. Now, embassy
have arrange a flight for me which was schedule on 25th of February 2010 but
i dont want to wait long anymore before i can get back home.

I have been able to raise some money through my friends and family but am
short of $950 USD to complete the money for my flight ticket. Please, i need
you to loan me with sum amount $950 USD and i promise you i will pay you
back any amount you can afford to loan as soon as i get back home.

You can check Western Union Website to locate the nearest outlet around you
or wire the money online on their website (www.westernunion.com)

I need you to wire the money to me via Western Union Money Transfer with my
name:

Receiver Name : Chris DiLorenzo

My location : Dunstable Beds, LU5 5SD, United Kingdom.

As soon as you wire the money you will need provide me the below information

MTCN: ???

Amount Send: ???

Sender's Name: ???

So that i can visit any nearest Western Union Outlet to pick up the money
with my passport here in United Kingdom. Please do not see this message as
virus or spam and i will be very happy if you can help me out.

Thank you

Chris DiLorenzo

Need help with configure.bat

[Nate Davis]

I am running apache under win2k... when i run the 
configure.bat file it gives me an error saying "No Perl script found in input". 
That is with the command line syntax of:

configure --with-ssl=c:/openssl 
--with-apache=--with-apache=C:/Program Files/Apache Group/Apache

any help someone could provide would be much 
apreciated, thanks

- Nate

I need help please!

[MARTIN Pierre]

Hi, im usingan apache server with mod_ssl.  
(the last one, newest one version...)
I get the error

724:error:140770FC:SSL 
routines:SSL23_GET_SERVER_HELLO:unknown 
protocol:D:\MyProjects\Applications\opensa\openssl\ssl\s23_clnt.c:460:

When i'm trying to connect. I can only read this 
with the openssl s_client mode, because the broser just search forever when i 
type the secured domain name.

Notice that the number of the error is sometimes 
724, sometimes 982, sometimes 972,...

I red about my config was pointing to a wrong port 
and i may had "Listen 80" instead of "Port 80". That is all i found about this 
error, and it was already done in my config.

Thanks a lot,
Regards, MARTIN Pierre


PS: Sorry for my bad english...

http://hickscorp.dyndns.orghttp://3dMeeting.dyndns.orghttp://Iloa.dyndns.orghttp://StatsAGogo.dyndns.orghttp://www.Lv4-26.com

MSN: [EMAIL PROTECTED]ICQ: 
73133239

Re: I need help please!

[Owen Boyle]

 MARTIN Pierre wrote:
 
 Hi, im using an apache server with mod_ssl. (the last one, newest one
 version...)
 I get the error
 
 724:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
 protocol:D:\MyPro
 jects\Applications\opensa\openssl\ssl\s23_clnt.c:460:
 
 When i'm trying to connect. I can only read this with the openssl
 s_client mode, because the broser just search forever when i type the
 secured domain name.
 
 Notice that the number of the error is sometimes 724, sometimes 982,
 sometimes 972,...
 
 I red about my config was pointing to a wrong port and i may had
 Listen 80 instead of Port 80. That is all i found about this
 error, and it was already done in my config.

You're trying to connect to an SSL-aware server with plain HTTP.

Do you want an SSL server? If so, you must set up a VH on port 443 then
access it using https://servername/;  -- NB https, *not* http.

rgds,

Owen Boyle.
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Need help

[Bill_Irwin]

I am trying to install a 3rd party user authentication product on one of our RH
Linux/Apache intranet servers.  Originally I was told that their product was
only tested, approved and supported on Red Hat Linux 6.2 running an SSL enabled
Apache 1.3.12.  On Wednesday, with help from their tech support, I was able to
finally get their product up and running on our test box, but I was informed
that the tested, approved and supported version of mod_ssl was 2.8.1, not the
2.6.6 I had used.  I see that there is a mod_ssl --force configuration option
for installing to a version of Apache other than the one it was designed for.
Today when ran the mod_ssl 2.8.1 configuration script with the --force option I
was prompted for File to patch:.  Not knowing what to enter I hit ctrl-c to
abort.  I received 3 or 4 of these File to patch: prompts, hitting ctrl-c each
time, before the configuration script aborted.  I am unable to find additional
information, in the documentation or on the mod_ssl web site, about the --force
option or the file names I need to enter when prompted File to patch.  Here's
the command line I used:

./configure --with-apache=../apache_1.3.12 --with-ssl=../openssl-0.9.6b
--with-rsa=../rsaref-2.0/local --prefix=/usr/local/apache --enable-shared=ssl
--force

Any help would be greatly appreciated.

Bill Irwin
[EMAIL PROTECTED]



__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: Need help

[Cliff Woolley]

On Fri, 14 Sep 2001 [EMAIL PROTECTED] wrote:

 Today when ran the mod_ssl 2.8.1 configuration script with the --force
 option I was prompted for File to patch:.  Not knowing what to enter
 I hit ctrl-c to abort.  I received 3 or 4 of these File to patch:
 prompts, hitting ctrl-c each time, before the configuration script
 aborted.  I am unable to find additional information, in the
 documentation or on the mod_ssl web site, about the --force option or
 the file names I need to enter when prompted File to patch.  Here's
 the command line I used:

This won't work well in general, particularly for widely varying versions
of Apache.  If you're going to get it to work at all, you'll probably have
to apply the EAPI patches by hand (where by hand I mean actually open up
the patch, see what change it's trying to make, find the equivalent code
if it exists in the other version of Apache, and make the equivalent
change).  While this will sort of work, it's obviously a less-than-optimal
solution.

The company you're dealing with must support a mod_ssl version and an
Apache version that match up.  If they tell you to use a certain mod_ssl
version, as I see it you have to assume that they want you to use the
Apache version that that mod_ssl is designed to work with.  Forcing people
to patch Apache by hand is not conducive to a stable, supportable server,
and I just can't believe that that's really what they want you to do.

--Cliff

--
   Cliff Woolley
   [EMAIL PROTECTED]
   Charlottesville, VA


__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

need help !!

[Anish M (EHPT)]

hi 
all,
apche fails to 
compile with mod -ssl on win nt ..says cant find 

ap_aquire_pool
ap_make_shared_pool
in apachecore.def
thnks in 
advcne
anish

-- Choose the Internet payment 
standard!  http://www.jalda.com  http://www.ehpt.com
ANISH.M
Systems Engineerphone +91 116510101
internet payment systems   	mobile +91 9810304174
EHPT India Pvt Ltde:mail [EMAIL PROTECTED]  
 [EMAIL PROTECTED] 

Re: I need help with a very tricky problem

[Carlos Ramirez]

Probably your best bet is to use mod_perl, Apache::Session or write your
own module to handle sessions.
These basically create a session file (cookie based or local file)
with a timestamp. This session file for is checked for every subsequent
request and force re-authentication if session expired (i.e. (now-timestamp)
> expiration). This way logging off is automatic.
Hope this helps
-Carlos

Doug Poulin wrote:

I
need to figure out how to log a user off our web site and ensure that they
re-authenticate the next time they hit our site. On
the surface this seems like a very simple problem but it is not.
Here is what happens. A
user logs on to our site using modauth, from an IE5 browser. They
do a bunch of things and then they go off to some other URL, or for a coffee.
If they don't close every single browser window then they remain authenticated
to our site FOREVER! They (or anyone else sharing the same PC) can
return to our site and they get access right away without any authentication.
We have hospitals using our site who have
many staff sharing a PC, who each need to be able to sit down, look up
some info, then log off without a lot of hassles. Sending
a 401 Unauthorized doesn't work because I can't tell the difference between
someone legitimately logging in properly and one returning from a previous
session. There doesn't seem
to be anything in the browser you can shut off, modify or otherwise fool.
CGI scripts come into play far too late since all of the authenticating
(or non-authenticating) has already passed. I tried looking at the
SSL_SESSION_ID but it appears to be different for every single hit to our
web site from the same PC and browser window. My
httpd.conf file is pretty much default. SSLSessionCache is set to
shm:/var/cache/ssl_scache(512000)
SSLSessionCacheTimeout is set to 300 I
can get back onto my site hours later (certainly more than 5 minutes) without
re-authenticating. Does anyone have any ideas where to go from here?
I'm really stumped...

--
---
Carlos Ramirez + Boeing + Reusable Space Systems + 714.372.4181
---

RE: Need Help with Virtual Hosts

[Airey, John]

That doesn't sound simple to me! You'd either have to do it as either a
multi-pass for each virtual host, or parse the log file once to give several
output files. You'd also have to write the name of the virtual host into
every log file entry, which I don't believe is done by default. Seems like
using a sledgehammer to crack a nut. 

No doubt though some sed or awk guru can figure the code to do this in their
head!

I'd rather find a way to continue to write multiple log files, via ulimit
etc...

John

-Original Message-
From: James Treworgy [mailto:[EMAIL PROTECTED]]
Sent: 23 May 2000 18:05
To: [EMAIL PROTECTED]
Subject: Re: Need Help with Virtual Hosts


Wouldn't it be simpler to set up a little cron job to break up your log 
file by virtual host every day?

At 09:03 AM 5/23/00 -0400, [EMAIL PROTECTED] wrote:
The per process file opening limit was a configurable parameter of your OS.
It was either a user resource limit (ulimit) or a tunable kernel config
found
in
param.c or param.h (NFILES??) or UNIX has invented yet another way to put
reins on processes.

So, you just might be able to make one log per process, if you change the
ulimit's for the user the web server is running as OR you tune your kernel
and rebuild.

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

RE: Need Help with Virtual Hosts

[Steve Fairhead]

James Treworgy [[EMAIL PROTECTED]] said:

 Wouldn't it be simpler to set up a little cron job to break up your log
file by virtual host every day? 

My tuppence worth: I have separate access/error log files for each of the 40
or so (and rising) virtual hosts on my system, running OpenBSD 2.6. They are
also rotated by syslogd with no problem. I don't recall what/where the
file-open limit is off-hand, but it's not been an issue here - yet :).

Steve

--
Steve Fairhead - SFD - Solutions by Design
   www: http://www.sfdesign.co.uk
--

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: Need Help with Virtual Hosts

[rwidmer]

Addressed to: [EMAIL PROTECTED]
  "Pete Navarra" [EMAIL PROTECTED]

** Reply to note from "Pete Navarra" [EMAIL PROTECTED] Mon, 22 May 2000 14:50:53 
-0500
   
 Hi! I need some help with using Virtual Hosts on Apache. I realize
 that this isn't really something about SSL, but I use SSL and have
 been a regular reader of this newsgroup, so I thought I would post
 this message.
   
 I'm currently using Apache 1.3.9 with mod_ssl 2.4.6. Not having any
 problems there, but I'm trying to setup Apache for Name Virual Hosts.
 I've read and reread the Apache Documentation on Virtual Hosts, and
 have been unable to get a configuration that will work for me. I have
 one IP address, but want to link different domain names to the same
 IP, but use a different set of logs, and host different websites. I
 can get IP based virtual hosting to work, but I can't for the life of
 me get Non-IP based Name Virtual Hosting to work.
   


Sorry about the second post, I just reread your message and noticed
your desire to use separate log files.  Be aware that will severely
reduce the number of VirtualHosts you can have.  There is a per-process
limit on the number of open files, and if I remember right I ran out of
file handles around 30 VirtualHosts when I allowed each to have its own
access and error logs.  I am now over 60 VirtualHosts with no problems
after eliminating private log files.


Rick Widmer
http://www.developersdesk.com


P.S.  If these replies are not helpful, maybe you should be more
specific about what you want to do, and how it fails.




__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: Need Help with Virtual Hosts

[rwidmer]

Addressed to: [EMAIL PROTECTED]
  "Pete Navarra" [EMAIL PROTECTED]

** Reply to note from "Pete Navarra" [EMAIL PROTECTED] Mon, 22 May 2000 14:50:53 
-0500
   
 Hi! I need some help with using Virtual Hosts on Apache. I realize
 that this isn't really something about SSL, but I use SSL and have
 been a regular reader of this newsgroup, so I thought I would post
 this message.
   
 I'm currently using Apache 1.3.9 with mod_ssl 2.4.6. Not having any
 problems there, but I'm trying to setup Apache for Name Virual Hosts.
 I've read and reread the Apache Documentation on Virtual Hosts, and
 have been unable to get a configuration that will work for me. I have
 one IP address, but want to link different domain names to the same
 IP, but use a different set of logs, and host different websites. I
 can get IP based virtual hosting to work, but I can't for the life of
 me get Non-IP based Name Virtual Hosting to work.


There are examples here.

   http://www.apache.org/docs/vhosts/examples.html


Be aware, you only get _ONE_ SSL enabled VirualHost per NameVirtualHost
block. (or per IP address)  Sorry, that is just the way SSL works.
There is an explination in the FAQ on why, and we just finished a long
thread on that and the use of NameVirtualHost.  I won't repeat it here,
but you can look in the archive for a recent (the last 3 days or so)
thread on:  VeriSign keys.


Bottom line, one IP address - one SSL Virtual Host.  You can have all
the non-SSL virtual hosts you want, but there is no way around needing
an IP address for each SSL host.  (Using different ports may be a
possiblity, but I have not yet done it, and don't know anyone who has.)
If you get it to work, let us know.  Also let us know how customers
respond to it.  It will require a somewhat unusual URL.


Rick Widmer
http://www.developersdesk.com







__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: Need Help with Virtual Hosts

[JoshNarins]

Rick Widmer ([EMAIL PROTECTED]) writes:
Sorry about the second post, I just reread your message and noticed
your desire to use separate log files.  Be aware that will severely
reduce the number of VirtualHosts you can have.  There is a per-process
limit on the number of open files, and if I remember right I ran out of
file handles around 30 VirtualHosts when I allowed each to have its own
access and error logs.  I am now over 60 VirtualHosts with no problems
after eliminating private log files.

The per process file opening limit was a configurable parameter of your OS.
It was either a user resource limit (ulimit) or a tunable kernel config found 
in 
param.c or param.h (NFILES??) or UNIX has invented yet another way to put
reins on processes.

So, you just might be able to make one log per process, if you change the
ulimit's for the user the web server is running as OR you tune your kernel
and rebuild.
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: Need Help with Virtual Hosts

[James Treworgy]

Wouldn't it be simpler to set up a little cron job to break up your log 
file by virtual host every day?

At 09:03 AM 5/23/00 -0400, [EMAIL PROTECTED] wrote:
The per process file opening limit was a configurable parameter of your OS.
It was either a user resource limit (ulimit) or a tunable kernel config found
in
param.c or param.h (NFILES??) or UNIX has invented yet another way to put
reins on processes.

So, you just might be able to make one log per process, if you change the
ulimit's for the user the web server is running as OR you tune your kernel
and rebuild.

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: Need Help with Virtual Hosts

[Rusty Wright]

I'll send him a copy of my config file.
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Need Help with Virtual Hosts

[Pete Navarra]

Hi!  I need some help with using Virtual Hosts on Apache.  I realize that
this isn't really something about SSL, but I use SSL and have been a regular
reader of this newsgroup, so I thought I would post this message.

I'm currently using Apache 1.3.9 with mod_ssl 2.4.6.  Not having any
problems there, but I'm trying to setup Apache for Name Virual Hosts.  I've
read and reread the Apache Documentation on Virtual Hosts, and have been
unable to get a configuration that will work for me.  I  have one IP
address, but want to link different domain names to the same IP, but use a
different set of logs, and host different websites.  I can get IP based
virtual hosting to work, but I can't for the life of me get Non-IP based
Name Virtual Hosting to work.

Please Help!


Pete Navarra
Infinium Web Services

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: Need Help with Virtual Hosts

[Mike King]

Pete,

How about some clues on what your setup is ?

Have you set up your DNS entries correctly ?

#
# If you want to use name-based virtual hosts you need to define at
# least one IP address (and port number) for them.
#
NAMEVIRTUALHOST 216.117.143.120:80

The VirtualHost directive should look something like this:

VirtualHost 216.117.143.120:80
 ServerName www.pollies.market-research.com
 ServerAlias pollies.market-research.com www.pollies.market-research.com
 ServerAdmin [EMAIL PROTECTED]
 ScriptAlias /cgi-pol/ /www/cgi-pol/
 DocumentRoot /usr/local/etc/httpd/htdocs/kevin
 ErrorLog logs/pollies-error_log
 TransferLog logs/pollies-access_log
/VIRTUALHOST

Should be as easy as that

Cheers

Mike

At 02:50 PM 22/05/2000 -0500, you wrote:
Hi!  I need some help with using Virtual Hosts on Apache.  I realize that
this isn't really something about SSL, but I use SSL and have been a regular
reader of this newsgroup, so I thought I would post this message.

I'm currently using Apache 1.3.9 with mod_ssl 2.4.6.  Not having any
problems there, but I'm trying to setup Apache for Name Virual Hosts.  I've
read and reread the Apache Documentation on Virtual Hosts, and have been
unable to get a configuration that will work for me.  I  have one IP
address, but want to link different domain names to the same IP, but use a
different set of logs, and host different websites.  I can get IP based
virtual hosting to work, but I can't for the life of me get Non-IP based
Name Virtual Hosting to work.

Please Help!


Pete Navarra
Infinium Web Services

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

ODP: Need help !

[Marcin Badtke]

Thanks for the ideas. I tried both using the ip address instead of localhost
and i commented out the setting : SSLVerifyClient require, but it still
doesn't work.

Anything else that i could do?

You can check also:

netstat -vat - to see if httpd is listening on https port (443) and /or

ipchains -L -v - to see if your port is open

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: Need help !

[Mads Toftum]

On Wed, Apr 19, 2000 at 10:24:48AM +0200, Vagel Argyrakis wrote:
 Hi,
 
 Thanks for the ideas. I tried both using the ip address instead of localhost and i 
commented out the setting : SSLVerifyClient require, but it still doesn't work.
 
 Anything else that i could do?
 

I'm sure that you have to do it without SSLVerifyClient - other things
that could be wrong is a bit harder to guess ;-)
There is one thing you could try - checking to see wether the server is
listening on the SSL port at all, because the error you get from s_client
looks exactly like what I get when my server isn't started yet. So my 
guess is that you don't get any connect because there is no server to
answer s_client. You could try some of the steps that I've mentioned in
http://marc.theaimsgroup.com/?l=apache-modsslm=95631272704634w=2.
You could also set SSLLogLevel to debug to get extra info.


vh

Mads Toftum
-- 
`Darn it, who spiked my coffee with water?!' - lwall
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: Need help with Apache 1.3.12+modssl WIN32

[Reid M. Pinchback]

At 11:56 PM 4/21/00 -0400, Jan Dries wrote:
If running it as a service gives problems, try running it as a console
app. Then you can at least see the prints to stdout as well.

Good idea!  I'll try that.

Have all the mod_ssl parameters been set up correctly? I.e. do you have
a valid certificate, with a private key file, etc. and are they all
correctly configured in httpd.conf?

As far as I can tell, yes.  I stuck with what worked for the previous
version I'd installed, and I can't find anything that should have changed.

Further, if you run it as a service, make sure it doesn't ask for your
private key password interactively, since that won't work.

This never came up before, but I'll double-check when I run as a
console ap.

Thanks!


__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Need help !

[Vagel Argyrakis]

Hi,
Thanks for the ideas. I tried both using the ip address 
instead of localhost and i commented out the setting : SSLVerifyClient require, 
but it still doesn't work.
Anything else that i could do?
Thank you
Vagel
Try (instead of localhost:443) using 192.168.0.225:443, in your openssl
s_client commandline.
---
Mat Butler, Winged Wolf [EMAIL PROTECTED]
SPASTIC Web Engineer SPASTIC Server Administrator
Begin FurryCode v1.3
FCWw5amrsw A- C+ D H+++ M+[servercoder] P+ R++ T+++ W Z++ Sm++ 
RLCT/M*/LW* a cl/u/v+ !d e- f h++ iwf+++ j p-+ 
sm++
End FurryCode v1.3

On Fri, 14 Apr 2000, Vagel Argyrakis wrote:
 Hi all,
 
 I have problems with ssl on my apache server (rh 6.1)
 The certicicate has been created with make certificate
 On launch with apachectl startssl i enter the passphrase and everything 
seems to be correct, the server starts-up giving as output : 
 
 Server my.server.name:443 (RSA)
 Enter pass phrase:
 
 Ok: Pass Phrase Dialog successful.
 ./apachectl startssl: httpd started
 
 But when i try to connect to it using https:// i receive no answer. I 
also tried to scan the ports and it seems that port 443 is not open.
 This is the ssl related section of my httpd.conf file:
 
 IfDefine SSL
 Listen 80
 Listen 443
 AddType application/x-x509-ca-cert .crt
 AddType application/x-pkcs7-crl .crl
 /IfDefine
 
 SSLPassPhraseDialog builtin
 SSLSessionCache dbm:/usr/local/apache/logs/ssl_scache
 SSLSessionCacheTimeout 300
 SSLMutex file:/usr/local/apache/logs/ssl_mutex
 SSLRandomSeed startup builtin
 SSLRandomSeed connect builtin
 
 SSLLog /usr/local/apache/logs/ssl_engine_log
 SSLLogLevel info
 
 IfDefine SSL
 VirtualHost 192.168.0.225:443
 DocumentRoot /www/htdocs/
 ErrorLog /usr/local/apache/logs/error_log
 TransferLog /usr/local/apache/logs/access_log
 SSLEngine on
 SSLVerifyClient require
 SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
 SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
 SSLLogFile /usr/local/apache/logs/ssl_misc_log
 
 Files ~ "\.(cgi|shtml)$"
 SSLOptions +StdEnvVars
 /Files
 Directory "/usr/local/apache/cgi-bin"
 SSLOptions +StdEnvVars
 /Directory
 
 SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
 
 /VirtualHost
 /IfDefine
 
 
 This is the log in ssl_engine_log :
 
 [11/Apr/2000 08:11:30 01141] [info] Server: Apache/1.3.12, Interface: 
mod_ssl/2.6.2, Library: OpenSSL/0.9.5a
 [11/Apr/2000 08:11:30 01141] [info] Init: 1st startup round (still not 
detached)
 [11/Apr/2000 08:11:30 01141] [info] Init: Initializing OpenSSL 
library
 [11/Apr/2000 08:11:33 01141] [info] Init: Wiped out the queried pass 
phrases from memory
 [11/Apr/2000 08:11:33 01141] [info] Init: Seeding PRNG with 136 bytes of 
entropy
 [11/Apr/2000 08:11:33 01141] [info] Init: Generating temporary RSA 
private keys (512/1024 bits)
 [11/Apr/2000 08:11:34 01141] [info] Init: Configuring temporary DH 
parameters (512/1024 bits)
 
 
 When i manually test ssl with the command : # ./openssl s_client 
-connect localhost:443 -state -debug
 i receive the answer :
 connect: Connection refused
 connect:errno=111
 
 Anyone could give me some help?
 
 Thanks in advance
 
 Vagel Argyrakis
 
 [EMAIL PROTECTED]
 
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]

Need help with Apache 1.3.12+modssl WIN32

[Reid M. Pinchback]

Hi all,

I've been through an installation before using Apache 1.3.6
and Modssl, so I thought 1.3.12 should go relatively smoothly.
Hah!

I installed the Win32 build of Apache 1.3.12 (from the Apache
site), and grabbed the modssl/openssl materials from the modssl
site.  The particular file was:

  Apache_1.3.12-mod_ssl_2.6.1-openssl_0.9.5-WIN32-i386.zip

Apache worked before installing modssl.  It works after installing
modssl, until I try to load the module.  I did the obvious thing:

  LoadModule ssl_module modules/ApacheModuleSSL.dll

but when I try to start Apache from the Services control panel
I just get:

   Could not start the Apache service on \\SERVER
   Error 1067: The process terminated unexpectedly.

Commenting out the LoadModule directive makes the problem go away,
but then of course I don't have any SSL support.  No logs were written.
I went hunting around, and found that this WIN32 distribution doesn't 
actually have a file named ApacheModuleSSL.dll; it has something named
Apachemo.dll.  I tried using that name, but no joy.

Am I missing something here?




= Reid M. Pinchback=
= I/T Delivery, MIT=
=  =
= Email:   [EMAIL PROTECTED]  =
= URL: http://mit.edu/reidmp/www/home.html =


__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: Need help !

[Francesco D'Inzeo]

--Original Message Text---
From: Vagel Argyrakis
Date: Fri, 14 Apr 2000 08:16:18 +0200

Hi all,

I have problems with ssl on my apache server (rh 6.1)
The certicicate has been created with make certificate
On launch with apachectl startssl i enter the passphrase and everything seems to be 
correct, the server starts-up 
giving as output : 

Server my.server.name:443 (RSA)
Enter pass phrase:

Ok: Pass Phrase Dialog successful.
./apachectl startssl: httpd started

But when i try to connect to it using https:// i receive no answer. I also tried to 
scan the ports and it seems 
that port 443 is not open.
This is the ssl related section of my httpd.conf file:

I had same problem in Win NT, but, when I removed the password from the key
certificate because I didn' t want to digit the password when Apache starts
everything went the right way.

Hope it helps.
Regards.


---
"On a day not different than the one now dawning, Leonardo drew the
first strokes of the Mona Lisa, Shakespeare wrote the first words
of Hamlet, and Beethoven began work on his Ninth Symphony."
And Windows98 Crashed!
---
 Francesco D'Inzeo
 WinTech S.r.l.
 Via Lisbona 7
 35127 PADOVA (Italy)
 Tel. (+39)-(0)49-8703033
 Fax. (+39)-(0)49-8703045
 e-mail [EMAIL PROTECTED]



__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: Need help !

[Mads Toftum]

On Fri, Apr 14, 2000 at 08:16:18AM +0200, Vagel Argyrakis wrote:
[SNIP]
 SSLVerifyClient require

By having this setting, you require that the client should present a
valid certificate signed by a CA given in either SSLCACertificateFile
or SSLCACertificatePath - but you don't seem to have either of those
two set. You should probably start out by commenting out 
SSLVerifyClient. 

vh

Mads Toftum
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Need help !

[Vagel Argyrakis]

Hi all,

Ihave problemswith ssl on my apache 
server (rh 6.1)
The certicicate has been created with make 
certificate
On launch with apachectl startssl i enter the 
passphrase and everything seems tobe correct, the server starts-up giving 
as output : 

Server my.server.name:443 (RSA)Enter pass 
phrase:
Ok: Pass Phrase Dialog successful../apachectl 
startssl: httpd started

But when i try to connect to it using https:// i 
receive no answer. I also tried to scan the ports and it seems that port 443 is 
not open.
This is the ssl related section of my httpd.conf 
file:
IfDefine SSLListen 80Listen 
443
AddType application/x-x509-ca-cert 
.crtAddType application/x-pkcs7-crl 
.crl/IfDefine

SSLPassPhraseDialog builtinSSLSessionCache 
dbm:/usr/local/apache/logs/ssl_scacheSSLSessionCacheTimeout 
300SSLMutex 
file:/usr/local/apache/logs/ssl_mutexSSLRandomSeed startup builtinSSLRandomSeed connect 
builtin

SSLLog 
/usr/local/apache/logs/ssl_engine_logSSLLogLevel info

IfDefine SSLVirtualHost 
192.168.0.225:443DocumentRoot /www/htdocs/
ErrorLog 
/usr/local/apache/logs/error_logTransferLog 
/usr/local/apache/logs/access_log
SSLEngine onSSLVerifyClient 
requireSSLCertificateFile 
/usr/local/apache/conf/ssl.crt/server.crtSSLCertificateKeyFile 
/usr/local/apache/conf/ssl.key/server.keySSLLogFile 
/usr/local/apache/logs/ssl_misc_log

Files ~ 
"\.(cgi|shtml)$" SSLOptions 
+StdEnvVars/FilesDirectory 
"/usr/local/apache/cgi-bin" SSLOptions 
+StdEnvVars/Directory

SetEnvIf User-Agent ".*MSIE.*" nokeepalive 
ssl-unclean-shutdown

/VirtualHost/IfDefine

This is the log in ssl_engine_log 
:

[11/Apr/2000 08:11:30 01141] [info] 
Server: Apache/1.3.12, Interface: mod_ssl/2.6.2, Library: 
OpenSSL/0.9.5a[11/Apr/2000 08:11:30 01141] [info] Init: 1st startup 
round (still not detached)[11/Apr/2000 08:11:30 01141] [info] Init: 
Initializing OpenSSL library[11/Apr/2000 08:11:33 01141] [info] Init: 
Wiped out the queried pass phrases from memory[11/Apr/2000 08:11:33 01141] 
[info] Init: Seeding PRNG with 136 bytes of entropy[11/Apr/2000 
08:11:33 01141] [info] Init: Generating temporary RSA private keys 
(512/1024 bits)[11/Apr/2000 08:11:34 01141] [info] Init: Configuring 
temporary DH parameters (512/1024 bits)


When i manually test ssl with the command : # ./openssl s_client -connect 
localhost:443 -state -debug
i receive the answer :connect: Connection 
refusedconnect:errno=111
Anyone could give me some help?

Thanks in advance

Vagel Argyrakis

[EMAIL PROTECTED]

Re: Need help !

[Winged Wolf]

Try (instead of localhost:443) using 192.168.0.225:443, in your openssl
s_client commandline.

---
Mat Butler, Winged Wolf   [EMAIL PROTECTED]
SPASTIC Web Engineer  SPASTIC Server Administrator
Begin FurryCode v1.3
FCWw5amrsw A- C+ D H+++ M+[servercoder] P+ R++ T+++ W Z++ Sm++ 
RLCT/M*/LW* a cl/u/v+ !d e- f h++ iwf+++ j p-+ sm++
End FurryCode v1.3


On Fri, 14 Apr 2000, Vagel Argyrakis wrote:

 Hi all,
 
 I have problems with ssl on my apache server (rh 6.1)
 The certicicate has been created with make certificate
 On launch with apachectl startssl i enter the passphrase and everything seems to be 
correct, the server starts-up giving as output : 
  
 Server my.server.name:443 (RSA)
 Enter pass phrase:
 
 Ok: Pass Phrase Dialog successful.
 ./apachectl startssl: httpd started
  
 But when i try to connect to it using https:// i receive no answer. I also tried to 
scan the ports and it seems that port 443 is not open.
 This is the ssl related section of my httpd.conf file:
 
 IfDefine SSL
 Listen 80
 Listen 443
 AddType application/x-x509-ca-cert .crt
 AddType application/x-pkcs7-crl.crl
 /IfDefine
  
 SSLPassPhraseDialog  builtin
 SSLSessionCache dbm:/usr/local/apache/logs/ssl_scache
 SSLSessionCacheTimeout  300
 SSLMutex  file:/usr/local/apache/logs/ssl_mutex
 SSLRandomSeed startup builtin
 SSLRandomSeed connect builtin
  
 SSLLog /usr/local/apache/logs/ssl_engine_log
 SSLLogLevel info
  
 IfDefine SSL
 VirtualHost 192.168.0.225:443
 DocumentRoot /www/htdocs/
 ErrorLog /usr/local/apache/logs/error_log
 TransferLog /usr/local/apache/logs/access_log
 SSLEngine on
 SSLVerifyClient require
 SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
 SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
 SSLLogFile /usr/local/apache/logs/ssl_misc_log
 
 Files ~ "\.(cgi|shtml)$"
 SSLOptions +StdEnvVars
 /Files
 Directory "/usr/local/apache/cgi-bin"
 SSLOptions +StdEnvVars
 /Directory
 
 SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
 
 /VirtualHost
 /IfDefine
 
  
 This is the log in ssl_engine_log :
 
 [11/Apr/2000 08:11:30 01141] [info]  Server: Apache/1.3.12, Interface: 
mod_ssl/2.6.2, Library: OpenSSL/0.9.5a
 [11/Apr/2000 08:11:30 01141] [info]  Init: 1st startup round (still not detached)
 [11/Apr/2000 08:11:30 01141] [info]  Init: Initializing OpenSSL library
 [11/Apr/2000 08:11:33 01141] [info]  Init: Wiped out the queried pass phrases from 
memory
 [11/Apr/2000 08:11:33 01141] [info]  Init: Seeding PRNG with 136 bytes of entropy
 [11/Apr/2000 08:11:33 01141] [info]  Init: Generating temporary RSA private keys 
(512/1024 bits)
 [11/Apr/2000 08:11:34 01141] [info]  Init: Configuring temporary DH parameters 
(512/1024 bits)
 
 
 When i manually test ssl with the command : # ./openssl s_client -connect 
localhost:443 -state -debug
 i receive the answer :
 connect: Connection refused
 connect:errno=111
  
 Anyone could give me some help?
 
 Thanks in advance
 
 Vagel Argyrakis
 
 [EMAIL PROTECTED]
 

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Need help with Verisign's Global ID

[Michal Hobot]

Hi
I'm trying to use Apache with mod_ssl and with 128-bit exportable
certificate. The problem is Verisign requires selecting actual webserver
type during GID registration.
When I chose Apache - they're telling me it's not supported.
So, which type of server should I set for Apache with mod_ssl?
Stronghold? Is there any server-specific in SGC?

Michal Hobot
[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: I need help with this....

[Joshua Gerth]

 I have recently installed Apache 1.3.9, and mod_ssl 2.4.5 along with
 FrontPage extensions, PHP, and mod Perl.  Everything installed
 perfectly, and I am having no problems except for one thing.  When you
 try to connect to my site using HTTPS, you get my certificate
 presented like it should, however, once you accept the certificate, I
 get one of two errors saying there is either no data to send (in
 Netscape), or that the DNS Server could not be reached. ( in
 Explorer).  It doesn't display my website, and pops up with nothing.  
 Any suggestions?

Howdy,

You might try compiling your server without PHP, mod_perl, or
FrontPage.  If you still get the error then it is with apache/mod_ssl.  
If not, add each one of the modules in until you are able to repeat the
error.  Either way it should help narrow it down to which module is
causing you the problems.  As it is now its a little hard to track down.

Hope that helps,
Joshua
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: I need help with this....

[Eli Marmor]

I don't know if the following reason is also the reason for the
problems in your case, but such a problem happens usually because of
a non-writable log directory or a log location which was mis-
configured. Sometimes the normal HTTP server can write to its logs
while the SSL stuff has problems (it sounds funny, I know!  It must
be an idiotic thing, but I never had the time to examine it...).
Look at your log files (both access_log and error_log); You'll
probably find a warning about this problem.

I can witness that I had the same problem (although there was no PHP
or Perl or FP in that installation), and after fixing the permission
problem, everything worked perfectly.

BTW: You mentioned PHP; Does anybody know when PHP4-beta3 will be
released?  There were already 3 deadlines, but no sign for a final
date...

Brett Peters wrote:
 
 I had the same problem with a similar configuration... What's in your error
 logs?
 
 Brett
 [EMAIL PROTECTED]
 
 - Original Message -
 From: Pete Navarra
 To: [EMAIL PROTECTED]
 Sent: Sunday, October 24, 1999 6:12 AM
 Subject: I need help with this
 
 I have recently installed Apache 1.3.9, and mod_ssl 2.4.5 along with
 FrontPage extensions, PHP, and mod Perl.  Everything installed perfectly,
 and I am having no problems except for one thing.  When you try to connect
 to my site using HTTPS, you get my certificate presented like it should,
 however, once you accept the certificate, I get one of two errors saying
 there is either no data to send (in Netscape), or that the DNS Server could
 not be reached. ( in Explorer).  It doesn't display my website, and pops up
 with nothing.  Any suggestions?

-- 
Eli Marmor
[EMAIL PROTECTED]
El-Mar Software Ltd.
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: I need help with this....

[Eli Marmor]

I forgot to write it in my original message, but you must get the
following message in your error_log in this case:

[Mon Oct 25 14:49:48 1999] [error] mod_ssl: Child could not open SSLMutex lockfile 
/your/path/logs/ssl_mutex.26336 (System error follows)

It happens with the default permissions in a default installation
(using Apache's "src/helpers/binbuild.sh" and "./install-bindist.sh"),
so it is common. Otherwise, if it was a local problem because of local
permissions, I would not write it.

I wrote:

 I don't know if the following reason is also the reason for the
 problems in your case, but such a problem happens usually because of
 a non-writable log directory or a log location which was mis-
 configured. Sometimes the normal HTTP server can write to its logs
 while the SSL stuff has problems (it sounds funny, I know!  It must
 be an idiotic thing, but I never had the time to examine it...).
 Look at your log files (both access_log and error_log); You'll
 probably find a warning about this problem.
 
 I can witness that I had the same problem (although there was no PHP
 or Perl or FP in that installation), and after fixing the permission
 problem, everything worked perfectly.


-- 
Eli Marmor
***
 *   ___ _  __ ___  ___ |__ _ _[EMAIL PROTECTED]  *
  * | | | \   | | \|  / |\/ El-Mar Software Ltd.*
   *| | | _)  | | _) /  | \  Tel.: 972-50-237338 *
*___  Fax: 972-9-766-1314 *
 *   \_ \  http://www.elmar.co.il  *
  *_  __   \ \  ___ *
   *   \___ \ \_\|  _ \  __ \ \ \ \  | | *
*  \ \   | | \ \ \_\ \ \ \ \ | |*
 *  \ \  | | _\ \ ) ) \ \ \_\_ *
  *  \ \ |_| \___)   (_/   \_\  \_\   *
   *  \ \___ *
*  \\   *
 * *
  *
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: I need help with this....

[Sean D. Ackley]

I had basically the same problem.  It had nothing to do with the version
of SSL, it was a dns and name server issue.  You need to make sure that
your A records, reverse record, and DNS names all match accordingly to the
certificate name.  Also, the name that shows up in the httpd.conf file
needs to match exactly as well.

What I did on my server, was made 1 SSL apache daemon that only responds
to port 443 (on all the different IP addresses I need).  Then, I have a
totally seperate daemon for the port 80 web server.  This way, I can
seperate both daemons.

Try that first.  If no help, send me an email.  I solved even more
problems by upgrading to the new Apache 1.3.9 (like you are using).


sean.

On Sun, 24 Oct 1999, Brett Peters wrote:

 I had the same problem with a similar configuration... What's in your error
 logs?
 
 Brett
 [EMAIL PROTECTED]
 
 - Original Message -
 From: Pete Navarra
 To: [EMAIL PROTECTED]
 Sent: Sunday, October 24, 1999 6:12 AM
 Subject: I need help with this
 
 
 I have recently installed Apache 1.3.9, and mod_ssl 2.4.5 along with
 FrontPage extensions, PHP, and mod Perl.  Everything installed perfectly,
 and I am having no problems except for one thing.  When you try to connect
 to my site using HTTPS, you get my certificate presented like it should,
 however, once you accept the certificate, I get one of two errors saying
 there is either no data to send (in Netscape), or that the DNS Server could
 not be reached. ( in Explorer).  It doesn't display my website, and pops up
 with nothing.  Any suggestions?
 
 
 Any help would be greatly appreciated!
 
 Thanks,
 Pete
 https://www.infiniumweb.com
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
 

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

I need help with this....

[Pete Navarra]

I have recently installed Apache 1.3.9, and mod_ssl 2.4.5 
along with FrontPage extensions, PHP, and mod Perl. Everything installed 
perfectly, and I am having no problems except for one thing. When you try 
to connect to my site using HTTPS, you get my certificate presented like it 
should, however, once you accept the certificate, I getone of two errors 
saying there is either no data to send (in Netscape), or that the DNS Server 
could not be reached.( in Explorer). It doesn't display my website, 
and  pops up with nothing. Any suggestions?


   
   Any help would be 
greatly appreciated!

   

   Thanks,
   


 Pete
   


 https://www.infiniumweb.com

Re: I need help with this....

[Brett Peters]

I had the same problem with a similar configuration... What's in your error
logs?

Brett
[EMAIL PROTECTED]

- Original Message -
From: Pete Navarra
To: [EMAIL PROTECTED]
Sent: Sunday, October 24, 1999 6:12 AM
Subject: I need help with this


I have recently installed Apache 1.3.9, and mod_ssl 2.4.5 along with
FrontPage extensions, PHP, and mod Perl.  Everything installed perfectly,
and I am having no problems except for one thing.  When you try to connect
to my site using HTTPS, you get my certificate presented like it should,
however, once you accept the certificate, I get one of two errors saying
there is either no data to send (in Netscape), or that the DNS Server could
not be reached. ( in Explorer).  It doesn't display my website, and pops up
with nothing.  Any suggestions?


Any help would be greatly appreciated!

Thanks,
Pete
https://www.infiniumweb.com

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

need help! please..

[System Admin.]

Hi all,
 I try to create and use my own CA. I followed the steps in the
F.A.Q. in modssl.org webpage and at the end I ran  sign.sh script from
mod_ssl-2.2.8 distribution. It gave me this message:

error 7 at 0 depth lookup:certificate signature failure 

is that normal? but it also told me that the database has been updated,CA
verifying: server.crt - CA cert.

Please help!

TIA

pe'


--
UNIX System Admin.
Distributed Computing Services
Lake Superior State University
650 W. Easterday Ave.
Sault Ste. Marie. MI
49783 USA.
--

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]