If its absolutely essential that you have a "supported product" then you
might want to look at Stronghold from C2Net. This is a packaged product
that includes Apache, OpenSSL, and mod_ssl.
C2Net provides a "whining rights" service as does Microsoft but with much
better response times. C2Net
The others have answered one part of your question, but I wanted to mention
another very significant part of the whole support issue.
What is your experience with paid, supported software from companies like
'the evil empire'? Personally, I have been in many situations where I was
ready,
I just have to chip in my tuppence-worth...
My (long) experience with Microsoft is that they have three possible
answers to your problem:
(1) Reboot
(2) Re-install the program
(3) Re-install Windows
If none of these works, you're stuck.
We widely use OSS in mission-critical applications
We have a server running mod_ssl that requires client certificates. I would
like implement some sort of load balancing for this site. I've done this
before for sites without client certificates, but it occurs to me that I
will run into problems since the SSLSessionCache will need to be shared
"Wohlgemuth, Michael J." wrote:
I would like to implement some sort of load balancing for this site.
...the SSLSessionCache will need to be shared
somehow across separate physical hosts.
This is an interesting question which we have been considering since we
are planning to use
I have not played around with the session cache stuff, but a quick look on
my system seems to indicate it is a file. Would it be possible to NSF
mount this file among multiple machine making it shared? It would be
useful for myself as we are adding a second server to our installation and
all our
Owen Boyle wrote:
I just have to chip in my tuppence-worth...
My (long) experience with Microsoft is that they have three possible
answers to your problem:
(1) Reboot
(2) Re-install the program
(3) Re-install Windows
If none of these works, you're stuck.
snip
At the risk of
I am trying to compile mod_ssl-2.3.11-1.3.6 with apache 1.3.6 and
openssh-0.9.6 (tried 0.9.5 as well) and I get the following compile
error:
"ssl_util_ssl.c", line 145: identifier redeclared: d2i_PrivateKey_bio
current : static function(pointer to struct bio_st {pointer to
struct
Also, I tried the same compile on Linux with gcc-2.95.2 so that I could
test GCC before putting it on the Solaris box and got the same error:
ssl_util_ssl.c:145: conflicting types for `d2i_PrivateKey_bio'
/usr/src/apache/openssl-0.9.6/include/openssl/x509.h:779: previous
declaration of
I am trying to compile mod_ssl-2.3.11-1.3.6 with apache 1.3.6 and
openssh-0.9.6 (tried 0.9.5 as well) and I get the following compile
error:
Why are you using such an old version of mod_ssl? Please try the latest
combo:
apache_1.3.14/mod_ssl-2.7.1/openssl-0.9.6
But if you MUST use
David Rees wrote:
I am trying to compile mod_ssl-2.3.11-1.3.6 with apache 1.3.6 and
openssh-0.9.6 (tried 0.9.5 as well) and I get the following compile
error:
Why are you using such an old version of mod_ssl? Please try the latest
combo:
apache_1.3.14/mod_ssl-2.7.1/openssl-0.9.6
Keith Parkansky wrote:
Overall that hasn't been my experience. I'm the last
one in the office to say anything good about Microsoft,
but their support people were excellent in helping us
resolve an issue when we tried to set up a Terminal
Server connection to a client over a VPN connection
I am trying to compile mod_ssl-2.3.11-1.3.6 with apache 1.3.6 and
openssh-0.9.6 (tried 0.9.5 as well) and I get the following compile
error:
Why are you using such an old version of mod_ssl? Please try the latest
combo:
apache_1.3.14/mod_ssl-2.7.1/openssl-0.9.6
I've seen this behavior too. Do you have a pass phrase enabled on the key? I
did and when I stripped the pass phrase out of the key, I was able to get the
server started OK. Haven't figure out much more yet.
Hope that helps,
Bruce
"Andrew C. Wong" wrote:
Hi,
I just have the latest and
Wasn't there some bugs related to the NT version in the latest release?
You might want to try the last CVS snapshot.
-Dave
I've seen this behavior too. Do you have a pass phrase enabled on
the key? I
did and when I stripped the pass phrase out of the key, I was
able to get the
server
David Rees wrote:
I am trying to compile mod_ssl-2.3.11-1.3.6 with apache 1.3.6 and
openssh-0.9.6 (tried 0.9.5 as well) and I get the following compile
error:
Why are you using such an old version of mod_ssl? Please try the latest
combo:
This may be the same problem for which I submitted a fix several months ago.
Since the problem was in the Apache code and not mod_ssl, Ralf can't fix it
in mod_ssl releases.
You can check the list archive for the fix, which has two parts:
a) don't prompt for the passphrase in the parent process
Yes, you were right. I found this out when I was examining the log
this morning. I put a fix so that the pass phase will be asked only
once and get passed to the child.
I am also interested in your fix, but searched the archieve without
success. Can you point me to it directly?
Thanks!
Andrew
Here is a report of my bugfix for NT
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Kirk Benson
Sent: Wednesday, May 10, 2000 2:18 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: password - ask_twice - proposed bugfix
This posting concerns only
Hi All
Newbie Alert!!
Ok... I looked through the archives and found some info on setting up
ssl and non ssl virtual domains:
This is what I found:
NameVirtualHost 192.168.200.1:80
VirtualHost 192.168.200.1:80
ServerName banana.fruit.com
DocumentRoot /home/banana
/VirtualHost
At 06:37 PM 11/2/00 -0500, Clint Gilders wrote:
Hi All
Newbie Alert!!
Ok... I looked through the archives and found some info on setting up
ssl and non ssl virtual domains:
CLIP
I have set 3 virtual hosts up in a fashion mimicking the above. I
have "www.perlnerd.com" and
Newbie Alert!!
Ah, then you should refer to:
http://www.modssl.org/docs/ in particular the FAQ. :-)
Ok... I looked through the archives and found some info on setting up
ssl and non ssl virtual domains:
snip
It is working as it should, take a look a the FAQ and you will see why.
-Dave
I use mod_ssl 2.7.1 for Apache 1.3.14 on Solaris 2.6. I'm
writing an authentication module that needs to get the
DN from user's certificate when the user is trying to
access a resource within the DocumentRoot.
In httpd.conf, I specify something like this:
...
Directory
On Thu, 2 Nov 2000, Clint Gilders wrote:
Ok... I looked through the archives and found some info on setting up
ssl and non ssl virtual domains:
This is what I found:
NameVirtualHost 192.168.200.1:80
VirtualHost 192.168.200.1:80
ServerName banana.fruit.com
DocumentRoot
At 09:45 PM 11/2/2000 , Muwon Lum wrote:
I use mod_ssl 2.7.1 for Apache 1.3.14 on Solaris 2.6. I'm
writing an authentication module that needs to get the
DN from user's certificate when the user is trying to
access a resource within the DocumentRoot.
In my authentication module, I try to access
Merton Campbell Crockett wrote:
I have set 3 virtual hosts up in a fashion mimicking the above. I
have "www.perlnerd.com" and "www.dbgrafx.com" set up as non ssl virtual
domains and "shop.perlnerd.com" set up as my ssl vitual domain. One
thing I find strange is that the URL
Jeffrey Burgoyne wrote:
On Thu, 2 Nov 2000, Owen Boyle wrote:
"Wohlgemuth, Michael J." wrote:
I would like to implement some sort of load balancing for this site.
...the SSLSessionCache will need to be shared
somehow across separate physical hosts.
the current proven approach is not
27 matches
Mail list logo