I'll just kind of jump right in ...
1. What is an "alg" key? phpinfo tells me this is 128 bit while the user
key is 56 bit
2. How can I get both keys to be 128 bit?
3. Is there a good explanation of how certificates work? I understand
the basic how-to. What I'm interested in is an understanding o
Forgot one question:
I think I already know the answer to this one, but I want to be sure.
If I'm hosting multiple virtual sites, each one will need its own
certificate, correct?
-Bill
--
FreeBSD ('BSD'):
No battles to the death are recalled. It is a small Daemon wearing
sneakers. It
is normally
Mads Toftum wrote:
>
> Bill Moran wrote:
> >
> > If I'm hosting multiple virtual sites, each one will need its own
> > certificate, correct?
> >
> Yep - and it's own ip/port
> (http://www.modssl.org/docs/2.6/ssl_faq.html#ToC46).
> Clients will tr
Clive Hughes wrote:
>
> Ralf recently recommended building Apache+mod_ssl+OpenSSL as a static
> program; can anyone help me achieve this. I also need to get PHP4 in there,
> too.
The INSTALL file included with php has detailed (and idiot-proof I might
add, even I could do it) instructions on ho
Mads Toftum wrote:
> Throwing a core through gdb would probably give us some pointers. If you
> have a chance to run the process through strace (linux) or truss (solaris)
> that might give us some ekstra pointers.
ktrace under FreeBSD
_
Is there a way to let these people in without downgrading security? Or,
at least a way to sniff out this version of IE before they get to the
secure pages?
You can use Apache's browsermatch capabilities to detect it before it
happens, and then handle in whatever way you think is appropriate.
[EMAIL PROTECTED] wrote:
>
> Is there any milage in having mod_ssl abort a start up if you try and configure
> it with name based virtual hosting ?
>
> I don't even know if mod_ssl is able to determine this detail of
> configuration but since it's definitely not what you want to to d
Luis Enrique Limon wrote:
>
> Mybe this has been asked before but i don't find it in my old mails. so...
>
> Is now with the Patent of RSA code finished... legal to include only openssl on
> US... or you still need to use RSAref ???
>
> Because RSAref is of not commercial use
>
> any one that
8 domains, and I'm small
time.
You might want to acquire some tact, as pissing off people who hold
technical positions on the Internet can make your ability to function
there difficult. Imagine if you pissed off the technical manager for a
domain that you would like to work with?
Good luck
actaully thought the mod_ssl
maintainers were trying to crack his site?!) Regardless of the fact
that a few people attempted to explain the situation to him.
It's all in vain anyway ... i got a non-deliverable on the address he
was using, apparently his ISP has kicked him off.
Anyway, welcome to th
> Jason Granum wrote:
>
> I'm running modssl with openssl and apache (all latest versions) and
> now I need to get a certificate. I'm looking on verisign's website,
> and they have 2, the 40bit key, and the 128bit key. Which would be
> the one I need to get? I'm very new with SSL however am well
Colin Chalmers wrote:
>
> I have a problem that when an application (Turbine) accessed via https
> refers to its own URL that http://...:443 is used instead of
> https://... whereby the error that http is being spoken to an https port
> is given.
This "Turbine" application is wrong.
Mignonette Viado wrote:
>
> Hi,
>
> I'm trying to have 2 secure sites using IP-based virtual
> hosts. However, when i tried to access the sites using say
> https://www.site2.com it returns "Cannot find server or DNS
> Error". So i tried using https://site2_IP and it works okey.
> This is true fo
I'm alive, but it's now Friday.
Corinne Dive-Reclus wrote:
>
> Anyone alive today ?
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Autom
No, not at all. She asked if anyone was alive "today" and I saw from
the date on the email that "today" was yesterday. I was alive both
yesterday and today, so the answer to both questions (implied or
otherwise) was "yes"
I thought, however, that it was important to point out the
discrepancy.
-Bi
The truth is out there wrote:
> We have a web site that when people visit with IE, it pops up a message
> every single screen that says "This web page contains both secure and
> non-secure items, do you want to load the non-secure items?"
What I would do is run Ethereal (or some other traffic sn
Keith Stropus wrote:
>
> I'm new to all this certificate stuff. I made my own via "make
> certificate TYPE=custom". But now every time I try to access my site
> netscape tells me that it doesn't recognize the certificate, and I should
> only proceed if I trust the site. Now, I'm not about to p
Did you follow the entire procedure including creating a certificate?
Chirawan Rojruchiwit wrote:
>
> Hi all,
>
> I applied mod_ssl ver. 2.7.1 on Apache 1.3.14 with Openssl and it caused me
> not be able to start Apache. It just showed:
>
> ==
> ./apachectl start: httpd could not be s
Chirawan Rojruchiwit wrote:
>
> Hi Bill,
>
> Yes. i did follow the whole procedures. My first try was ignoring the
> %make certificate part (which is OPTIONAL). I also tried running %make
> certificate (with test certificate option) but still got the same errors.
>
> Also, i'm not sure if my
19 matches
Mail list logo