You might not worry, as you understand what is happening in the process,
and you also know how to stop IE from caring, but most users will care.
Cheers
Mike
At 03:20 PM 23/05/2000 -0700, you wrote:
>This is also sort of a behaviour question. If someone connects to a
>web server and that server
This is also sort of a behaviour question. If someone connects to a
web server and that server's certificate has expired, should that
person really be concerned since the information they're sending back
to the server is still probably encrypted?
In IE you can turn off the two options "check for
I'll send him a copy of my config file.
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager[
Addressed to: [EMAIL PROTECTED]
Tim Niemueller <[EMAIL PROTECTED]>
** Reply to note from Tim Niemueller <[EMAIL PROTECTED]> Mon, 22 May 2000 23:36:42
+0200
>
> Hi mod_ssl users,
>
> I have a question about the behavior of mod_ssl:
>
> Someone connects to a secured website.
Hi,
Did there is work for mod_ssl to support mod_jserv or mod_jk.
I wish to use an apache+mod_ssl+mod_jserv and tomcat.
Thanks.
-
Henri Gomez ___[_]
EMAIL : [EMAIL PROTECTED] (. .)
PGP KEY : 4912D659...oOOo..(_)..oOOo...
PGP Fingerprint : 8C
I just uploaded RPM of php 3.0.16 for use with apache 1.3.12 + mod_ssl 2.6.4
Enjoy
- Built for Redhat 6.1 i386
-
Henri Gomez ___[_]
EMAIL : [EMAIL PROTECTED] (. .)
PGP KEY : 4912D659...oOOo..(_)..oOOo...
PGP Fingerprint : 8CAD0D50356DA7E45C
Yes, when the servlet engine have set the scheme. :-/
Not the Tomcat 3.1 cas without patch ;-(
-
Henri Gomez ___[_]
EMAIL : [EMAIL PROTECTED] (. .)
PGP KEY : 4912D659...oOOo..(_)..oOOo...
PGP Fingerprint : 8CAD0D50356DA7E45C540B010FFE39E8
Wouldn't it be simpler to set up a little cron job to break up your log
file by virtual host every day?
At 09:03 AM 5/23/00 -0400, [EMAIL PROTECTED] wrote:
>The per process file opening limit was a configurable parameter of your OS.
>It was either a user resource limit (ulimit) or a tunable kern
The choice between this and setting the SSLRequireSSL directive in the
apache config depends on what you want the client browser to see. if you
use the directive approach, an http request will see the forbidden response
code. If you allow the request to invoke the servlet, you must decide in
you
Rick Widmer ([EMAIL PROTECTED]) writes:
>Sorry about the second post, I just reread your message and noticed
>your desire to use separate log files. Be aware that will severely
>reduce the number of VirtualHosts you can have. There is a per-process
>limit on the number of open files, and if I re
Yes, you can use req.getScheme() to determine if the request is http or
https.
> -Original Message-
> From: Yu, Leo [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, May 22, 2000 7:33 PM
> To: '[EMAIL PROTECTED]'
> Subject: restrict access to a servlet
>
>
>
> Hi,
> Is there a wa
> > So, is there an easy fix for this, is my question?
>
> Yep, either compile php with -DEAPI or grab one from mod_ssl contrib area:
> http://www.modssl.org/contrib/
Doh! Yes, of course ... I always forget the contribs!
Thanks,
James.
begin:vcard
n:Lyon;James
tel;pager:24-hour contact via Wo
Hi,
I have a question about temporary keys.
Is it safe to pre-generate an RSA key and DH params for
temporary key purposes and then use the same as long as
the server stays up.
What is a simple and secure policy for doing this?
The SSL spec says that you should ideally change the
keys eve
www.sunsite.dk/RFC ?
John
-Original Message-
From: Gianni Mariani [mailto:[EMAIL PROTECTED]]
Sent: 23 May 2000 04:06
To: [EMAIL PROTECTED]
Subject: Re: rfc2817 (Upgrading to TLS Within HTTP/1.1)
can someone point me to rfc2817 -
http://www.ietf.org/rfc/rfc2817.txt brings up a 404
On Mon, May 22, 2000 at 11:36:42PM +0200, Tim Niemueller wrote:
> Hi mod_ssl users,
>
> I have a question about the behavior of mod_ssl:
>
> Someone connects to a secured website. Let's give it the name
> secured.com. The browsers have no certificate they can provide so they
> must authenticate
On Mon, May 22, 2000 at 10:01:58AM +0200, [EMAIL PROTECTED] wrote:
>
> Hello,
>
> I am using mod_ssl with apache and I have a problem.
> I thought that when someone want to connect to a server he should sign some
> datas with his private key. But it seems that it doesn't work on my server.
> So
On Tue, May 23, 2000 at 03:34:30AM +0100, James Lyon wrote:
> Loaded DSO /usr/lib/apache/libphp3.so uses plain Apache 1.3 API, this
> module might crash under EAPI! (please recompile it with -DEAPI)
>
> ...presumably to do with the PHP3 module I have acquired through the RPM
> I installed. I only
Addressed to: [EMAIL PROTECTED]
"Pete Navarra" <[EMAIL PROTECTED]>
** Reply to note from "Pete Navarra" <[EMAIL PROTECTED]> Mon, 22 May 2000 14:50:53
-0500
>
> Hi! I need some help with using Virtual Hosts on Apache. I realize
> that this isn't really something about SSL, but I
Addressed to: [EMAIL PROTECTED]
"Pete Navarra" <[EMAIL PROTECTED]>
** Reply to note from "Pete Navarra" <[EMAIL PROTECTED]> Mon, 22 May 2000 14:50:53
-0500
>
> Hi! I need some help with using Virtual Hosts on Apache. I realize
> that this isn't really something about SSL, but I
Hello,
I am using mod_ssl with apache and I have a problem.
I thought that when someone want to connect to a server he should sign some
datas with his private key. But it seems that it doesn't work on my server.
So I want to know how I can force the customer to sign some datas, in order
to make
Hi,
Don't know of anyone with binaries for your system, sorry.
The usual advice to ppl with a non-ansi c compiler is to get one from,
ftp://ftp.gnu.org/gnu/gcc/gcc-2.95.2.tar.gz
The installation instructions are @
http://gcc.gnu.org/install/
http://gcc.gnu.org/install/specific.html#hppa*-hp-
Hi mod_ssl users,
I have a question about the behavior of mod_ssl:
Someone connects to a secured website. Let's give it the name
secured.com. The browsers have no certificate they can provide so they
must authenticate through basic auth. Now my question: You have to enter
the auth data if you ca
22 matches
Mail list logo