Hi!
On Thu, Sep 26, 2002 at 10:41:36AM -0500, Rick Kukiela wrote:
What I need to know is, if there is away for each virtualhost to
have its OWN PassPhraseDialog directive. Right now I try to do
that and It just uses the last occurence of the passphrasedialog
directive for EVERY virtualhost.
Hi!
On Mon, Aug 19, 2002 at 11:02:08AM +0200, Jeroen Vriesman wrote:
I have a site with strong encryption, demanding 128 bit encryption with:
SSLRequire %{SSL_CIPHER_USEKEYSIZE} = 128
A lot of users don't have browsers with 128 bits encryption
capabilities, so wat I would to do is:
Hi!
On Tue, Jul 30, 2002 at 12:09:42PM +0200, Mads Toftum wrote:
They will work just as well on apache with mod_ssl.
Note that for them to work properly you have to follow Verisign's
installation instructions, as browsers will not recognize
Verisign's signature if you forget to install the
Hi!
On Wed, Jul 17, 2002 at 08:19:49PM +1000, Oliver Bode wrote:
What is xxj31ZMTZzkVA ?
It's what you get when crypt()ing password using the salt xx.
Your KI5eE8rTJvs.U is the result of crypt()ing password using
the salt KI.
I can't help you with your main problem, though. Sorry.
Ciao
Hi!
On Tue, Jul 02, 2002 at 10:14:35AM +0100, [EMAIL PROTECTED] wrote:
However, I think you might be able to connect users with a lower
cipher to a different document root and from there direct them
elsewhere. I recall this being raised before, so look in the
archive of this list.
I've done
Hi!
On Sat, Jun 22, 2002 at 01:49:12AM +0200, [EMAIL PROTECTED] wrote:
This caused a different behavior. I mean, it took a little while
(~3 minutes), to the loadav get high, and after a few minutes,
it got worse... the loadav reached ~60... Without the
no-threads no-idea -fPIC options at the
Hi!
On Mon, Jun 24, 2002 at 11:32:06AM -0400, Cliff Woolley wrote:
Then when you run 'make install' from the Apache 1.3.26 source
directory, it will overwrite your 1.3.23 installation.
Just in case anyone wonders: it will NOT overwrite the config
files of the 1.3.23 installation.
Ciao
Hi!
On Fri, Jun 21, 2002 at 03:29:53PM -0400, R. DuFresne wrote:
Are there still export restriction on the 128bit browsers? I
was under the impression those export restrictions had been
lifted a few years back.
Of course most do, but at least here in Germany a lot of banks
still use
Hi!
On Fri, Jun 21, 2002 at 08:39:04AM -0700, David Wall wrote:
You could also consider getting a Thawte super cert which has
a capability to allow the 56-bit export version of IE to not be
so stupid and connect at the higher 128-bit when accessing your
site.
Just for the record, Thawte's
Hi!
On Tue, Jun 18, 2002 at 04:12:43PM +0200, Lars Povlsen wrote:
I tried putting the following in a .htaccess file:
SSLRequire %{SCRIPT_FILENAME} !~ m/(signon|get_swimg|get_disksw)\.php$/
It did *not* work as intended..., I could still use non-ssl access to
arbitrary scripts
That may
Hi!
On Tue, Apr 23, 2002 at 06:38:22PM +0200, Nisbach, Thomas wrote:
i found one (unsatisfying) solution:
I disabled SSLv3 by setting
SSLProtocol -SSLv3
If i do this MSIE on Mac runs but i worry about
other browser that would not run anymore :-(
Btw, as for my understanding this does
Hi!
On Mon, Mar 11, 2002 at 01:54:58PM -0500, Joe Magee wrote:
snortsensor# SSL_BASE=../openssl-0.9.6b/ \
? ./configure --enable-module=ssl \
? --enable-module=so \
? --prefix=/usr/local/www/
SSL_BASE=../openssl-0.9.6b/: Command not found.
You're using a csh'ish shell, but for the above
Hi!
On Wed, Feb 20, 2002 at 09:46:39PM +0100, Søren Neigaard wrote:
TB Have you also got something like
TB Listen 443
TB or
TB Listen 192.168.1.4:443
TB in your httpd.conf?
I have the following:
Port 80
IfDefine SSL
Listen 80
Listen 443
/IfDefine
Why do I have dublicats of port
Hi!
On Mon, Feb 18, 2002 at 10:28:49AM +0100, Søren Neigaard wrote:
Anyway I have attached a snippet from my httpd.conf, where I have
tried to adjust the example to my needs. Now I was hoping you guys
could tell me if it look ok. It looks like this:
IfDefine SSL
VirtualHost
Hi!
On Sun, Feb 03, 2002 at 12:02:12AM +0200, Zvi Har'El wrote:
In an HTTPS virtual host, there are many variables that are
exported one method and not the other: More specifically, all
the variables starting with SSL_ (e.g., SSL_CIPHER,
SSL_SESSION_ID, etc.), are exported to the CGI script,
Hi!
On Mon, Jan 28, 2002 at 10:00:20AM +0100, [EMAIL PROTECTED] wrote:
Try the following (inside directory.../directory):
SSLOptions +StdEnvVars
RewriteBase absolute-filesystem-path-to-directory
RewriteCond %{ENV:SSL_CIPHER_EXPORT} ^true$
RewriteRule .* /noexport.html
nice try,
Hi!
On Wed, Jan 23, 2002 at 12:45:50PM -0800, jon schatz wrote:
SetEnv downgrade-1.0
SetEnv force-response-1.0
inside of the ssl virtualhost container, but they're still being
ignored, and the errors still show up in the log.
How do you tell they're being ignored? The
Hi!
On Fri, Jan 18, 2002 at 05:49:46PM +0100, [EMAIL PROTECTED] wrote:
SSLRequireSSL
SSLRequire ( %{SSL_CIPHER_USEKEYSIZE} = 128 )
with this option, the user gets no https connection if he has
128 bit. but the user should get a error page. so it must be
possible to establish a
Hi!
On Mon, Jan 21, 2002 at 06:49:18PM +0100, Thomas Binder wrote:
SSLOptions +StdEnvVars
RewriteBase absolute-filesystem-path-to-directory
RewriteCond %{ENV:SSL_CIPHER_EXPORT} ^true$
RewriteRule .* /noexport.html
An addition: You also need
RewriteEngine On
Ciao
Thomas
--
It is far
Hi!
On Tue, Jan 08, 2002 at 08:39:34AM +0100, Rob Sterenborg wrote:
Looking around I see a lot of problems with IE6 and 128bit encryption.
(just search with google on ie6 128bit. I don't know if those
problems are already fixed ; I would be surprised.
Maybe this KB article helps:
Hi!
On Mon, Oct 29, 2001 at 08:44:35AM +0100, Alberto Guglielmo wrote:
You con use also virtual hosts on the same IP distinguishing them by the
port:
Listen 443
Listen 444
VirtualHost _default_:443
..
/VirtualHost
VirtualHost _default_:444
..
/VirtualHost
Hi!
On Tue, Sep 18, 2001 at 05:25:34PM -0500, Nick Temple wrote:
My question is: what is the most stable version of Apache / mod_ssl/
OpenSSL and configuration options, stable in this case meaning
allowing the widest group of the most common browsers to connect (AOL,
IE, Netscape, Opera),
Hi!
On Fri, Aug 17, 2001 at 11:39:20AM +0200, Alex Pircher wrote:
I'd suggest using a reverse proxy for that, i.e. let the SSL VHost be
just a reverse proxy for the normal server.
An interesting idea, but this would of course require the additional
module mod_proxy.
Sure, but if Apache
23 matches
Mail list logo
