:: Did you use IE? That seems to work fine (I guess it comes with the
:: Intermediate CA), Netscape and Opera both barf on it tho'.
Yes, IE 5.5; Konqueror 2.1.1 works too.
:: Wait until you try it in NS first :)
Nutscrape 4.76 says it "does not recognize the authority who [sic] signed
its [sic]
> Seems to work OK...
Did you use IE? That seems to work fine (I guess it comes with the
Intermediate CA), Netscape and Opera both barf on it tho'.
> https://www.motorweb.co.nz loads fine, and if I look at the cert, I see:
>
> Issued to: www.motorweb.co.nz
>
> Issued by: www.verisign.com/CPS I
Gidday Damon,
Seems to work OK...
https://www.motorweb.co.nz loads fine, and if I look at the cert, I see:
Issued to: www.motorweb.co.nz
Issued by: www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
[sic]
Valid from: 05/02/01 to 06/02/02
Cert serial is: 74EB B7E7 DB06 D3A7 5401
I'm using a Verisign Global ID and therefore need to configure modssl to
serve up the Intermediate CA. I've followed the various instructions
I've found for this but with no success.
I downloaded the Intermediate CA and saved it under intermediate_ca.crt
(I've listed it at the bottom of this mess
"Andrea Cerrito" <[EMAIL PROTECTED]> writes:
> > > > Connecting to a secure site with a certificate signed by own CA, IE
> > > > seems to provide no obvious way of permanently adding the cert to the
> > > > browser's configuration. As a result, a warning that "The security
> > > > certificate is
> I think we should just end this discussion here concluding that
> Apache has one way of handling its configuration processing and
> the "point and click" world has a different way. A look at
> http://www.netcraft.com/survey/ should be enough to suggest
> that the "Apache way" can't be a major p
I think we should just end this discussion here concluding that
Apache has one way of handling its configuration processing and
the "point and click" world has a different way. A look at
http://www.netcraft.com/survey/ should be enough to suggest
that the "Apache way" can't be a major problem ...
Thanks for your response.
>> A curious architectural choice to say the least that I must
>> not understand the reasoning behind.
>
> It is the standard choice for Apache to abort the startup on configuration
> errors and IMNSHO the right way to do it. If there is a problem in your
> httpd.conf
BTW, thanks to all for all the great comments on this thread.
Chris
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manage
> Sorry, no time to respond in detail for a day or two, this'll have to
> do.
>
> If you have your system misconfigured so that security credentials are
> unavailable, that is a security issue, not a configuration issue.
>
> A principal tenant of security is: "if something's broke, stop. NEVER
> Chris M wrote:
>
>>
>> If there is a cogent reason for killing 100 sites when 1 is configured
>> wrong, I'm listening to what it might be.
>>
>> Chris
>>
>
> Seems silly to have 100 production web sites hung up
> by a wrong or untested config.
>
> Ever think to test it separately first?
>
On Wed, May 16, 2001 at 10:42:34AM -0600, Chris M wrote:
[SNIP]
> Your first post said to check file names
> and paths. Gawd, if I hadn't checked that and read the FAQ first (AND STFW
> too) I think I'd be pretty embarrassed.
You wouldn't be the first to ask a question without having read docs
Chris M wrote:
>
> If there is a cogent reason for killing 100 sites when 1 is configured
> wrong, I'm listening to what it might be.
>
> Chris
>
Seems silly to have 100 production web sites hung up
by a wrong or untested config.
Ever think to test it separately first?
begin:vcard
n:Ott;Jo
Sorry, no time to respond in detail for a day or two, this'll have to
do.
If you have your system misconfigured so that security credentials are
unavailable, that is a security issue, not a configuration issue.
A principal tenant of security is: "if something's broke, stop. NEVER
silently downg
>
>> One wonders why mod_ssl has to hang all of Apache on startup just for one
>> duff cert, and why it can't just log an error message someplace useful and
>> English-like and continue with the other hundred domains on there serving
>> HTTP requests.
>
> Because security problems aren't like D
I wasn't able to install it.
Can u print your conf?
---
Cordiali saluti / Best regards
Andrea Cerrito
^^
Net.Admin @ Centro MultiMediale di Terni S.p.A.
P.zzale Bosco 3A
05100 Terni IT
Tel. +39 744 5441330
Fax. +39 744 5441372
> -Messaggio originale-
> Da: [EMAIL PROTECTED]
>
> One wonders why mod_ssl has to hang all of Apache on startup just for one
> duff cert, and why it can't just log an error message someplace useful and
> English-like and continue with the other hundred domains on there serving
> HTTP requests.
Because security problems aren't like DNS failures.
"Andrea Cerrito" <[EMAIL PROTECTED]> writes:
> > Connecting to a secure site with a certificate signed by own CA, IE
> > seems to provide no obvious way of permanently adding the cert to the
> > browser's configuration. As a result, a warning that "The security
> > certificate is issued by a com
> From: Owen Boyle <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> Date: Wed, 16 May 2001 09:24:19 +0200
> To: [EMAIL PROTECTED]
> Subject: Re: modssl freezes on startup
>
> Chris M wrote:
>>
>>> First of all, reply to the list, not to me personally.
>>
>> When there is new information in
Show Certificate / Install Certificate.
---
Cordiali saluti / Best regards
Andrea Cerrito
^^
Net.Admin @ Centro MultiMediale di Terni S.p.A.
P.zzale Bosco 3A
05100 Terni IT
Tel. +39 744 5441330
Fax. +39 744 5441372
> -Messaggio originale-
> Da: [EMAIL PROTECTED]
> [mailto:[EMA
Tried, no good. It is the interaction of the frames with SSL under IE. ;(
-Dave
- Original Message -
From: "Götz Babin-Ebell" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, May 10, 2001 4:15 AM
Subject: Re: IE and javascript
David Powers wrote:
> My SSL server has a pag
> -Original Message-
> From: Götz Babin-Ebell [mailto:[EMAIL PROTECTED]]
> Sent: 10 May 2001 09:16
> To: [EMAIL PROTECTED]
> Subject: Re: IE and javascript
>
>
> David Powers wrote:
>
> > My SSL server has a page with frames on it and it makes use
> of javascript to
> > change both fra
Connecting to a secure site with a certificate signed by own CA, IE
seems to provide no obvious way of permanently adding the cert to the
browser's configuration. As a result, a warning that "The security
certificate is issued by a company you have not chosen to trust..." is
displayed every time
Hi Owen!
On Wed, 16 May 2001, Owen Boyle wrote:
> [EMAIL PROTECTED] wrote:
> >
> > NameVirtualHost 213.144.223.111:443
> >
>
> Don't know about the rest of your stuff but this is a no-no... You can't
> run name-based virtual-hosts under SSL.
>
> http://www.modssl.org/docs/2.8/ssl_faq.html#ToC
On Wed, May 09, 2001 at 11:19:53AM -0500, NIPP, SCOTT V (SBCSI) wrote:
> I have just downloaded and compiled Apache 1.3.19, OpenSSL 0.9.6a,
> and ModSSL 2.8.3. Unfortunately, I am getting error messages when I attempt
> to start Apache. The error messages appear in the error_log and are
>
Chris M wrote:
>
> > First of all, reply to the list, not to me personally.
>
> When there is new information in a post this is likely to be valuable, when
> not, posting to the list (as right here in this instance) is just noise.
Stop whining. The accepted convention is that all communication
26 matches
Mail list logo
