host when required. The port 80 host would be nothing but a series
of mod_rewrite statements. The port 443 host would contain mod-rewrite and
mod_ssl statements. All content related directives would be in the third
hidden host.
Merton Campbell Crockett
_
data
might not be the smartest move should you want to do something other than
spend your time in court.
Merton Campbell Crockett
General Dynamics Electronic Systems
Network & IT Engineering
Chief Network/Security Engineer, IT/TIS Program
Naval Surface Warfare Center, Port Hueneme Division
> >
d to tell us is which certificate was used? This is
the issue with name-based virtual sites. The only certificate that is
returned is that associated with the base IP address.
Merton Campbell Crockett
__
Apache Int
at is being
transmitted.
This is a gross oversimplification of the process but should give you an
idea why each virtual host that uses SSL to protect data needs a unique IP
address and why you see the error that you report.
Merton Campbell Crockett
s need for assurance.
I also specified BSD/OS instead of Linux but that was more for my comfort
level than his. It also eliminated any training concerns as BSD/OS was the
operating system used on his firewall systems.
Merton Campbell Crockett
On Thu, 2 Nov 2000, Keith Parkansky wrote:
> I r
On Thu, 2 Nov 2000, Clint Gilders wrote:
> Ok... I looked through the archives and found some info on setting up
> ssl and non ssl virtual domains:
>
> This is what I found:
>
> NameVirtualHost 192.168.200.1:80
>
>
> ServerName banana.fruit.com
> DocumentRoot /home/banana
>
>
>
>
t the
> http:// address?
Simply define a virtual host for port 80 and port 443. In the virtual host
for port 80 define a redirect to the virtual host on port 443.
Merton Campbell Crockett
__
Apache Interface to OpenSSL (mod_ss
s. Users will randomly get one or the
other IP address. As a result you are missing definitions for two virtual
hosts.
...
...
As a result, your successful IE tests were likely nothing more than dumb
luck.
Merton Campbell Crockett
_
these things...
You are not violating the Prime Directive as they are not the same thing.
The object, http://www.html.net:80, is a distinct object from the object,
http://www.html.net:443.
Merton Campbell Crockett
_
ist.
--
BEGIN: vcard
VERSION:3.0
FN: Merton Campbell Crockett
ORG:General Dynamics Advanced Information Systems;
Intelligence Solutions
N:
running into problems with SSL (ssleay) until I realized that you needed
to simulate ProxyPass using mod_rwrite. I don't think this is a mod_ssl
problem. It's more of a problem of under which shell is the pea.
Merton Campbell Crockett
--
BEGIN: vcard
VERSIO
W does not appear in the BEGIN and END lines.
The solution to this problem is to omit the BEGIN and END lines and only
paste the actual, encoded CSR into the form.
Merton Campbell Crockett
General Dynamics Electronic Systems
On Sat, 29 Jan 2000, Merton Campbell Crockett wrote:
> I nee
needed for
your second approach resulted in a loss of user identity when we started
doing this several years ago.
> 2) User browser speaks https with the reverse proxy; reverse proxy speaks
> https with the web server
Merton Campb
only used the basic utilities to convert from the PEM formats used in an
Apache SSL environment to the DER formats used by Netscape.
Merton Campbell Crockett
__
Apache Interface to OpenSSL (mod_ssl) www.mod
d use of this module. Reading the
paper is time well spent.
Nothing up this sleave. ... Ooh! I don't know my own strength!
Bullwinkle J Moose
Merton Campbell Crockett
--
BEGIN: vcard
VERSION:
server at the time it should
> present the certificate."
>
> Surely this isnt as trivial as it sounds? How about we let the server know
> the hostname?
It's not trivial.
Merton Campbell Crockett
>
> - Original Message -
> From: "Harald Koch" <
n a common
system.
Is this a known issue with older versions of Netscape?
Merton Campbell Crockett
--
BEGIN: vcard
VERSION:3.0
FN: Merton Campbell Crockett
ORG:General Dynamics Advanced I
Chris:
Look at Ralph Engelshall's paper on the Apache web site discussing the
mod_rewrite module. You can provide all the SSL/TLS support on your
front-end server and use mod_rewrite to generate HTTP requests to the old
web server.
Merton Campbell Crockett
On Wed, 5 Mar 2003, Chris
All that is visible is the IP address in the IP header.
Merton Campbell Crockett
On Thu, 21 Aug 2003, Ian Newlands wrote:
> If I hadn't already exhausted resources I would not have made this post in
> the first place. I have tried 3 different versions of apache, searched
> throug
19 matches
Mail list logo