On Fri, 15 Oct 2004 19:46:20 -0500, William A. Rowe, Jr.
[EMAIL PROTECTED] wrote:
At 12:17 PM 10/15/2004, Madhusudan Mathihalli wrote:
Hi,
The current mod_ssl uses X509_NAME_oneline to get a one-line ASCII
format of the DN. This however, is not compliant with the RFC -
checkout
On Sat, 16 Oct 2004 07:58:57 +0100, Joe Orton [EMAIL PROTECTED] wrote:
Changing just the _DN variable format with a config directive sounds OK.
Adding new variables would be an alternative, but the names would
probably get *really* ugly...
That is correct - I should've been more clear in my
On Wed, Oct 20, 2004 at 12:13:14AM -0700, Madhusudan Mathihalli wrote:
On Sat, 16 Oct 2004 07:58:57 +0100, Joe Orton [EMAIL PROTECTED] wrote:
Changing just the _DN variable format with a config directive sounds OK.
Adding new variables would be an alternative, but the names would
probably
On Wed, 20 Oct 2004 08:37:01 +0100, Joe Orton [EMAIL PROTECTED] wrote:
On Wed, Oct 20, 2004 at 12:13:14AM -0700, Madhusudan Mathihalli wrote:
On Sat, 16 Oct 2004 07:58:57 +0100, Joe Orton [EMAIL PROTECTED] wrote:
Changing just the _DN variable format with a config directive sounds OK.
On Wed, 20 Oct 2004 17:02:19 +0100, Joe Orton [EMAIL PROTECTED] wrote:
On Wed, Oct 20, 2004 at 08:50:50AM -0700, Madhusudan Mathihalli wrote:
The one concern is that if we end up exporting both _DN and _2253DN
formats, it'll have a performance impact on Apache. As it stands now,
Apache is
On Oct 20, 2004, at 8:50 AM, Madhusudan Mathihalli wrote:
The one concern is that if we end up exporting both _DN and _2253DN
formats, it'll have a performance impact on Apache. As it stands now,
Apache is around 50% slower than Zeus (even with SPECweb2003).
SPECWeb99 doesn't require any SSL
On Fri, Oct 15, 2004 at 03:41:59PM -0700, Madhusudan Mathihalli wrote:
Well.. for one use I have atleast 2 different customers who map the
information retrieved from a client certficate to the LDAP database.
Both of them came back with the same question: Does SSL_CLIENT_S_DN
conform to any
Hi,
The current mod_ssl uses X509_NAME_oneline to get a one-line ASCII
format of the DN. This however, is not compliant with the RFC -
checkout http://www.openssl.org/support/faq.html#USER13.
Moreover, the man page for X509_NAME_oneline (with OpenSSL 0.9.7x)
says that the function is
On Fri, Oct 15, 2004 at 10:17:19AM -0700, Madhusudan Mathihalli wrote:
The current mod_ssl uses X509_NAME_oneline to get a one-line ASCII
format of the DN. This however, is not compliant with the RFC -
checkout http://www.openssl.org/support/faq.html#USER13.
Moreover, the man page for
On Fri, 15 Oct 2004 21:14:16 +0100, Joe Orton [EMAIL PROTECTED] wrote:
[SNIP]
Moreover, the man page for X509_NAME_oneline (with OpenSSL 0.9.7x)
says that the function is obsolete, and that we ought to use
X509_NAME_print_ex.
The RFC mentioned, RFC2253 is a mapping for DNs into a standard
At 12:17 PM 10/15/2004, Madhusudan Mathihalli wrote:
Hi,
The current mod_ssl uses X509_NAME_oneline to get a one-line ASCII
format of the DN. This however, is not compliant with the RFC -
checkout http://www.openssl.org/support/faq.html#USER13.
Could you do us all a small flavor, give us
11 matches
Mail list logo