r really finishes. It seems like
it is
waiting for something to complete, but it never finishes.
I'm guessing this was some bug in early versions of IE6, but does anyone
know what the
specific problem is, and how I can fix it by configuring Apache differently?
Thanks,
Mark
http://
Hi Sven,
Interesting... I hadn't thought of that. I know some other
sites using a Starfield certificate. I'll see if these
customers experience the same problem when they go there.
Thanks for your help!
Mark
http://www.beiley.com
- Original Message -
From: "Sven G
Hi Sven,
Thanks for the reply. I believe I have KeepAlive off for this browser.
In my ssl.conf file I have:
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
Thanks,
Mark
http://www.beiley.com
Hi Mark,
D
Windows XP
For an example URL, try: https://www.beileysoftware.com/handy.html
Thanks,
Mark
http://www.beiley.com
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List
ork fine, but I
can't have VerifyClient across the entire site due to complaints from
users about Certificate challenges in I.E. etc.
thanks again,
Mark
On Jan 18, 2007, at 9:10 PM, Dave Paris wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Mark,
a) you never added the content
Is there a solution to this?
http://marc.theaimsgroup.com/?l=apache-modssl&m=104857625910336&w=2
Here is my current configuration:
Gentoo: 1.12.6
mod_ssl: 2.8.25-r10
apache:2.0.58-r2
mod_jk:1.2.19
tomcat: 5.5.20-r7
Thanks in advance for any advice,
Mark R. Diggory
~~
Hi all,
I am running freebsd 6.1 and apache 2.2.0_7
I am new to SSL and have configured a self-signed certificate
according to http://slacksite.com/apache/certificate.html
I placed the .crt and .pem files in /usr/local/etc/apache22 and set
the .pem file readable only by root
When I start up a
I need to bother with that? I remember
that apachectl should require startssl as an argument in order to
startup the SSL server, so it seems something weird is going on, and I
wonder if I need to make it behave the way it used to.
-Mark
it does so every minute or two) the operation is completed
successfully.
--
Mark Hennessy
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAI
Hi Terry,
Perhaps your directives are being overridden in a "IfDefine SSL" or
"IfModule SSL" block ? Listen IP:Port does work, works for me. Do you
have the following in your config ?
Listen my.ip.address:443
...
NameVirtualHost my.ip.address:443
...
...
Cheers,
Mark
Hi,
On Wed, 4 Mar 2003, Tyler Walden wrote:
> I assume that possibly apache is still using an older verison of mod_ssl
> somehow. I know since openssl 0.9.7 the engine code is built in so you
> don't need the --enable-rule=SSL_EXPERIMENTAL anymore or is that
> incorrect?
The SSL_EXPERIMENTAL ru
SSLSessionCache. If I
connect to the server and restart IE multiple times I get the page cannot
be displayed error within a few minutes. I'm using dbm for my cache, I'll
try switching to shm to see if that improves the situation.
Che
> server SSLv3 Client Hello
Server -> client SSLv3 Server Hello, Change cipher, handshake
At this point either:
IE closes the connection.
OR:
The handshake continues.
Client -> server SSLv3 Change cipher, handshake
Server <&g
;C:/MBserver/Apache/conf/ssl-AA/MBsindaSSL.crt"
SSLCertificateKeyFile "C:/MBserver/Apache/conf/ssl-AA/MBsindaSSL.key"
SSLCACertificateFile "C:/MBserver/Apache/conf/ssl-AA/MBsindaCA.crt"
SSLCACe
Title: http + https
I’m trying to configure my server to use SSL just for requests to a specific directory.
I’ve read the manuals, installed mod_ssl + certificate and all seemed to be working fine,
HTTP access to the server at large goes ahead and http accesses to the ‘secured’ directory are
/rhn.redhat.com/errata/RHSA-2002-160.html
If you upgraded to either of the OpenSSL errata and followed the
instructions about restarting your services you are protected against the
Linux slapper worm.
Thanks, Mark
--
Mark J Cox / Security Response Team / Red Hat
Tel: +44 798 061 3110 // Fax:
cific domain name from the main webserver to another server with
a class C address? And only for the singular domain name? Any
suggestions?
His humble servant,
Mark-Nathaniel Weisman
President
Outland Domain Group Consulting
Anchorage,AK USA
http://www.outland
happen,
1. There were no changes made to my httpd.conf file?
2. My httpd script does not recognize startssl as an option.
3. Port 443 is not open on the box even if I set a VirtualHost
directive.
Any ideas?
His Faithful Servant,
Mark
___
Assuming the win2k service for Apache is created
(else create one using sc command),
try configure the Apache service properties like this :
Path to executable:
"C:\Program Files\Apache Group\Apache\Apache.exe" --ntservice
Startup type:
Automatic
Regards,
Mark
>From: &
browers.
e.g. Explorer up to and including v5.0
All Netscape releases.
Any help/pointers will be appreciated
--
regards
Mark Stowe
dering
if someone knows why.
Thanks in advance,
Mark Barton
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated Li
"Paul G. Weiss" wrote:
-Original
Message-----
From: Mark J. Matheson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 07,
2002 9:40 PM
To: [EMAIL PROTECTED]
Subject: Re: Job openings
avijeet banerjee wrote:
We have a requirement for a developer(senior) in a larg
>
>
>__
>Apache Interface to OpenSSL (mod_ssl) www.modssl.org
>User Support Mailing List [EMAIL PROTECTED]
>Automated List Manager [EMAIL PROTECTED]
Chat with friends online, try MSN Messenger: Click
Here
____
Casper Gondelach wrote:
> If i see so, it seems that the group id 4294967295 is FAR to high.. this
> highest number is something around 64000 i thought. Just lower it.
>
> Casper
>
> - Original Message -
> From: "Mark" <[EMAIL PROTECTED]>
> T
Cliff Woolley wrote:
> On Tue, 5 Mar 2002, Mark wrote:
>
> > [Tue Mar 5 21:11:21 2002] [alert] (22)Invalid argument: setgid: unable
> > to set group id to Group 4294967295
> > [Tue Mar 5 21:11:21 2002] [notice] Apache/1.3.22 (Unix) mod_ssl/2.8.5
>
> Your system d
) and still
the same problem.
I can't any info on it either. Any guru's like to shed a little light?
Mark
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Ma
about. I'm also doing a lot of virtual hosting, and
currently I use a singular domain name for all SSL requests I was
thinking about trying the above out and see if it worked? But since
we're on the topic.
Thank you,
Mark-Nathaniel Weisman MCP, CNA, A+, MOUS MI
Network Systems Adminis
e annoying for you to use your server. (This is
where the hardware crypto device people chime in and tell you about their
systems that let you keep the keys in external, FIPS-compliant, hardware)
Mark
--
Mark J Cox ... www.awe.com/mark
Apache Software
etween the time you reboot and the
time you enter the passphrase.
Mark
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List M
an OS that lets you examine your own memory.
Adding passphrases to the keys or storing them in a encrypted partition
doesn't really get you any additional level of security. If you're
worried about your private keys you need to keep them (and do your key
operations) in hardwa
since 2.6.0 (Red Hat contributed
this functionality back to Ralf some years ago).
Mark
--
Mark J Cox ... www.awe.com/mark
Apache Software Foundation . OpenSSL Group . Apache Week editor
> Does anyone have a certificate revocation list (crl) file that is
> functioning properly with apache and mod_ssl???
Yes; see this article http://www.apacheweek.com/features/crl
Mark
--
Mark J Cox ... www.awe.com/mark
Apache Software Foun
sure I have all the
libs necessary for the task.
--Mark
---
Senior Network Engineer
Secure Dog Hosting, Inc.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Glen S Mehn
Sent: Friday, October 12, 2001 4:46 PM
To: [EMAIL PROTECTED]
Subje
Ming,
I’ve heard this from others.. J Are you using GNU utils to install? If
so, are you installing from companion or from sunfreeware?
Don’t think this would make a difference but I’d still like to know..
--Mark
---
Senior Network Engineer
Secure Dog Hosting, Inc
n error: file
/usr/local/apache/libexec/libssl.so: symbol ap_user_id: referenced
symbol not found
/usr/local/apache/bin/apachectl startssl: httpd could not be started
Is there something I am missing specific to Solaris? I have exhausted
all my resources! Please help!!
Thanks in advance,
Mark de Jong
l.so: symbol ap_user_id: referenced symbol not
found
/usr/local/apache/bin/apachectl startssl: httpd could not be
started
Is there something I am missing specific to Solaris? I have exhausted
all my resources! Please help!!
Thanks in advance,
Mark de Jong
---
Senior Net
t; (or
"SSLProxyProtocol -TLSv1"). It works.
Mark
--
Mark J Cox ... www.awe.com/mark
Apache Software Foundation . OpenSSL Group . Apache Week editor
__
Ap
I have been chasing down a memory problem for a few days now and would
appreciate any pointers you might have. We have an application that
allows for uploads of large (>50MB) files. We have a case with Netscape
(works fine with IE) that produces a "Ouch!: malloc failed in
malloc_block" error out
modules) with an environment variable set for
the compile options.
$ CFLAGS=-DEAPI; export CFLAGS;
Mark O.
frida
et it to use anywhere, that
should do the trick, it didn't. I would like the ability to run cgi scripts
on the secured server separate to the regular http server.
Any assistance,
Thanks,
Mark
__
Apache Interface to OpenSS
ule not
>>included in the server configuration
>>./apachectl startssl: httpd could not be started
I've looked at everything I can find, however I don't seem to be able to get
a solution on this one. Can someone help please.
Thank you,
Mark
I've rechecked for accuracy and it is right.
Any Assistance,
Mark Weisman
[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL
apachectl startssl" from the prompt,
however, prior I would get an error at the prompt. I'm missing something,
however I can't figure out what, however I still can't log into my box using
the https protocol. Any ideas?
Thanks,
Mark
___
seems to be fine
and in my httpd.conf file, I have a ScriptAlias pointing to the secure
cgi-bin and SSLOptions +StdEnvVars enabled.
I am running Apache 1.3.19, modssl 2.8.2, openssl 0.9.6 on
Windows NT 4
I appreciate any assistance,
Mark Barton
tiate the signing request with Equifax and see if that
straightens things out. Thanks.
-mark
http://mark.stosberg.com/
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List
part of my httpd.conf file. It includes two virtual
domain entries. The first one, which works great, and the second one which
fails.
My intuition is that this configuration problem and not a keys problem,
but at the moment I'm stuck. Any insight is appreciated. Thanks!
-mark
# General
Thanks Alexander and David for this discussion! I figured that EXP56 and
EXPORT56 were interchangeable... I'm going to revisit my tests tomorrow.
I'll also better document my report back to the list :)
Mark
___
I revisited the FAQ and re-reread the list archives. I tried a few things.
A few things from the FAQ actually made things worse! :)
But the one incantation that seemed to work was to add the following line to
apache.conf:
SSLProtocol all -SSLv3
Thanks all for your help!
Mark
on 2/21
Either the list is dead ( not likely ) or something is amiss...
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager
s hoping that this upgrade would have
fixed this) is that I get intermittent "Data Encryption Error" (on IE) or
"Network IO Error" (on Netscape). This error did not come up with the test
certificate, the one signed by Snake Oil Any ideas on this wo
Thanks, I'll take a look!
Mark
-Original Message-
From: Lutz Jaenicke [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 29, 2001 4:55 AM
To: '[EMAIL PROTECTED]'
Subject: Re: mod_ssl-2.7.1 on HP-UX 11
On Fri, Jan 26, 2001 at 06:30:10PM -0500, Kenney Mark wrote:
> almos
certificate run?
i have a SGI Indy R4000 running IRIX 6.5.9m and compiled with gcc.
thanks for any help,
mark rosa
--
-
Mark Rosa - Dipl. Arch. ETH
Etekt Inc.co-create your home
phone: ++41-1-4462-4
-patch= in the "configure" command for mod_ssl) instead of the
version of "patch" that it tries to build but both HP's and Gnu's crash out
with a slew of errors that indicate none of the patches successfully applied
and that it can't find "s
nstalled? I would prefer not to build mm separately
if possible as it is only being used by apache.
Thanks,
Mark Schwartz
MassMutual Financial Group
E-Commerce Technology Management Group
413.744.2782
[EMAIL PROTECTED]
__
Ap
t "hubble bubble toil and trouble";
}
elsif ($ARGV[0] =~ /^ssl\.host2\.com/) {
print "a c&y%t*c passh phrase";
}
elsif ($ARGV[0] =~ /^ssl\.host3\.to/) {
print "passphrase number three";
}
Nothing can be 100% secure of course but the above is better than castra
lowed by a Netscape alert:
'The connection was refused when attempting to contact
www.verisign.com'
I can't believe I got the install that wrong :)
What on earth are Netscape up to ??
Mark
> We have similar problems. Our mod_ssl Apache is 1.3.14 / 2.7.1 / 0.9.6 and has SSLv3
>
.
Also, we can't even get pages to load fully once errors have been encountered even on
our
seperate HTTP-only Apache.
Right now we haven't had time to do any serious debugging but it does look prettty
broken on
JavaScript and HTTPS at least for u
Hi,
I found out something strange in my ssl engine log. That is, [info]
Connection to child 9 closed with unclean shutdown (server
admin.3dsources.com:443, client 192.168.42.2). I wonder what is wrong with
my server.
Thank you so much
Mark LO
most gratefull to hear
about it.
Mark
Mark Tiramani
FREDO Internet Services
[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PRO
Assuming a module does not segfault, are there any ideosyncracies I should
be aware of? Intermittent problems?
-Mark
-Original Message-
From: Mads Toftum [mailto:[EMAIL PROTECTED]]
Sent: Friday, October 27, 2000 4:09 PM
To: [EMAIL PROTECTED]
Subject: Re: EAPI and 3rd party products
Are
there any concerns with running third party modules built non-EAPI aware
(distributed as shared objects from a 3rd party vendor) with an EAPI aware
Apache server (1.3.12)?
-Mark
C. Schwartz
For the benefit of those of us not able to attend the conference, could
someone spell out the vhost concerns? Is this in relation to the bugs in
1.3.12 for the handling of Host: headers or something else?
-Mark C. Schwartz
-Original Message-
From: Ralf S. Engelschall
To: [EMAIL
I have this in my httpd.conf file by default. Does this solve the problem?
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
-Mark Schwartz
-Original Message-
From: Aaron Beveridge [mailto:[EMAIL PROTECTED]]
Sent: Frida
Could someone please clarify the EXP56 / EXPORT56 cipher flag question?
Although the modssl.org FAQ states:
!EXPORT56
the SSLCipherSuite Apache directive flag is given as:
EXP56
in the manual reference section.
Thanks,
Mark
Mark Tiramani
FREDO Internet Services
[EMAIL PROTECTED
various lists that indicate their authors have the same interpretation/confusion as
ourselves.
Thanks,
Mark
Mark Tiramani
FREDO Internet Services
[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)
Hi,
which network monitor tools should i use
Thank you so much
mark
- Original Message -
From: Ralf S. Engelschall <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, September 20, 2000 2:21 PM
Subject: Re: Working Properly
> On Wed, Sep 20, 2000
Hi,
How to find out that my secure web
server is running properly.
Thank you
Mark
Hi,
what is the meaning at the following
error.
sysquery: findns error (NXDOMAIN) on
dns2.domain.com?
Thank you
Mark Lo
request.
Thank You
Mark
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, September 08, 2000 12:52 AM
Subject: Re: server.key
>
> AFAIK you can use the same server.key to sign multiple certificates.
>
> You're correc
Hi,
Do I need to generate different
server key for different domain name ??
Thank you so much for your help
mark
Hi,
Is it possible to use the following
syntax.
Header("location:https://www.domain.com/user.phtml");
exit;
Thank you
Mark
This guy Paul McGarry is very unpolite.
Please read his message...
- Original Message -
From: Paul McGarry <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, August 31, 2000 3:16 PM
Subject: Re: IP Masquerading and Virtual Host SSL
> Hi
>
> > I would like to know, is it poss
Hi,
I would like to know, is it
possible to use IP Masquerding technics to host SSL web server in an internal IP
address such as 192.168.0.1. If possible, we can host multiple SSL server
with only one real IP address. Am I right ??
Thank You
Mark Lo
Hi,
I would like to know the
difference between DSA or RSA certificate. and which one should I
use?
Thank You
Mark Lo
port should i use other than 443.
Thank you so much
Mark Lo
Hi,
I want to open a web hosting
company. I wonder where can I get a set of IP from. Like a whole
Class C.
Thank you
Mark
Hi,
I would like to know the
difference between DSA or RSA certificate. and which one should I
use?
Thank You
Mark Lo
:
SSL3_GET_CLIENT_HELLO:no shared cipher [Hint: Too restrictive SSLCipherSuite or
using DSA server certificate?]
I wonder what the problem do I have. I am
greatly appreciate for your help.
Thank you so much.
Mark Lo
http://www.domain.com/index.phtml.
Then the page can be displayed. But when I try https://www.domain.com/index.phtml.
Then the error messages pops-up stating that "The page cannot be
displayed". Please point me out what the error is. Thanks in
Advance.
Thank you so much for your help
Mark Lo
Hi,
Is it possible to host multiple domain
name with SSL enabled for only using one IP address?
Thank You
Mark Lo
attached
files appended.
Mark
--
Mark Pollard
PanGo Networks, Inc.
http://www.pangonetworks.com
--
John,
We are having problems accessing SSL information that should be
available as simple CGI/header variables (listed at
http://www.modssl.org
/pem_lib.c:387:
makes no sense to me, all I did was replaced the old cert file with a
new one.
--
Mark Drummond|ICQ#19153754|mailto:[EMAIL PROTECTED]
UNIX System Administrator|Royal Military College of Canada
The Kingston Linux Users Group|http://signals.rmc.ca/klug/
Saving the World ... One CPU at
Mark Drummond wrote:
>
> Ack! Cert has expired so we got a new one from Verisign. I figured I was
Forget it. I managed to figure it out myself. I needed to "ssleay rsa <
pem > key" my key file. Um, wha
Mark Drummond wrote:
>
Hello?
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager[EM
Mark Drummond wrote:
>
> Ack! Cert has expired so we got a new one from Verisign. I figured I was
> just replacing the old one (just did the same, successfully, on another
> server elsewhere) but I must have screwed something up because when I
> try to start the server up with the
Ack! Cert has expired so we got a new one from Verisign. I figured I was
just replacing the old one (just did the same, successfully, on another
server elsewhere) but I must have screwed something up because when I
try to start the server up with the new cert i get:
24381:error:0906406D:PEM routi
I use quick view (from the
Windows right click menu) to look at the exports and imports,
ModSSL only imports a value called "_recvwithtimeout" from
the ApacheCore module. This leads me to believe that it should be
doing some variable look ups on it's own.
I am open to suggestions.
Hi,
How to host multiple domain with real digital certificate for
each domain name by using CNAME record. Is it possible to do it.
Thank You
Mark Lo
__
Apache Interface to OpenSSL (mod_ssl
> I wonder if I can also proxy the certificate of the https site?
Nope, but you can break out the fields from the certificate on the proxy
server after checking it and pass them as env variables (well you will as
soon as I send Ralf the patch to pass on arbitrary variables)
Mark
Mark J
tunately i'm not going to
be on this system to collect mail for a while.
thanks
mark.
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PRO
Hi,
I would like to know what Domain Name should I use for a
certificate.
My server name is dns1.domain.com, and people is using www.domain.com to
look for my site. In this case, which domain name should I use for my
certificate.
Thanks
Mark
Hi,
What do you mean by mixing up http
and https. All of the images are called from a file. eg. src="file:///tmp/pic/images.gir"
-->would this be mixing up http and https. If yes, how do i overcome
this problem.
Thank you so much,
Mark
Cliff Woolley wrote:
You cannot
the insecured informations are picture which is using
jpeg or gif format. I wonder what is wrong with those pictures. And
How to overcome this problem.
Thanks
Mark
__
Apache Interface to OpenSSL (mod_ssl
Hi,
I would like to know the difference between RSA and DSA Encryption
Engine.
Thank you,
Mark
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List
the above instructions, so I can't be able to
re-generate my request key using openssl command.
Thank you so much,
Mark
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Suppor
Hi,
I have checked with international law crypto survery, I still can't
find out whether I can use apache+modssl+openssl in Hong Kong or not.
And I am using modssl for commercial purpose, do I need to purchase a
support.
Thanks
hp to work in "Https", I would
like to enable php to work in "Http".
Thank you so much,
Mark
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List
Hi,
Is there any documentation about how to install
Apache+modssl/openssl+mysql/php4, I have tried to follow the INSTALL
manual which comes with modssl package, but my installation is not
successfull. Is there any other documentation about how to install the
above packages.
Thanks
Mark
Hi,
I would like to know what do I need after the installation, And If
i have servial vitual domain host in my server, How many certificate do
I have to get.
Thank you
Mark
__
Apache Interface to OpenSSL (mod_ssl
Hi,
Where Can I get the latest SSLeay, so that I can install with the
Apache 1.3.12 and mod_ssl.
Thank You
Mark
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List
1 - 100 of 158 matches
Mail list logo