SSLCACertificateFile getting ignored when I use a Location directive

ot;  SSLCertificateKeyFile "/Cert/ssl.key/server.key"  SSLCACertificateFile " Cert/ca.cer"      SSLVerifyClient required   SSLVerifyDepth 1     Thanks in advance for any insight. -John

Re: [PATCH] Backport patch for CVE-2009-3555 from Apache 2.x

On Mon, 2009-11-23 at 22:12 +0100, Rainer Jung wrote: > On 23.11.2009 18:57, John Lightsey wrote: > > On Sun, 2009-11-22 at 01:21 +0100, Rainer Jung wrote: > Thanks again. I updated the patch: > > http://people.apache.org/~rjung/patches/cve-2009-3555_mod_ssl_2_8_21-1_3_41-v2.p

Re: [PATCH] Backport patch for CVE-2009-3555 from Apache 2.x

On Sun, 2009-11-22 at 01:21 +0100, Rainer Jung wrote: > Backport is not totally straightforward, because the original patches > use the filter architecture not present in Apache 1.3. > > Any Feedback on the patch is welcome. Some additional debug output can > be activated by using -DRENEG_DEBUG. >

Client SSL Proxy Configuration

guration, no extra java code). Is there a > way to configure mod_proxy and (specially) mod_ssl to do this very thing? > > Here¹s my proxy.conf template: > > ProxyRequests On > >Order deny,allow > Deny from all > Allow from internal_ip_address > > > Cheers, > > John.

SSL works from server command line, but not from outside server. Weird!

Hi, folks. I've run across a wierd problem -- https/SSL works fine when accessed from the machine running httpd, but is unavailable from all others. Software versions: Apache 1.3.37/mod_ssl-2.8.28-1.3.37/OpenSSL 0.9.8b Running 'http' on port 8118, 'https' on port 8119 I get positive results fro

libssl.so <-> mod_ssl.so

I have to re-create mod_ssl 2.8.1 for an old version of apache (1.3.19) and even though I have it/they compiled I'm confused about 2 things . I have several servers with various kevels of apache and mod_ssl. The mod_ssl lib seems to be called 'mod_ssl.so' in some cases and 'libssl.so' in other

Re: Random SSL Problems

sponse-1.0 Thank you. I'll give this a shot. By newer versions of Apache, do you mean in the 1.3.x build? -- John C. Nichel IV System Administrator KegWorks http://www.kegworks.com 716.362.9212 x16 [EMAIL PROTECTED] __

Random SSL Problems

mod_access, mod_rewrite, mod_alias, mod_userdir, mod_speling, mod_actions, mod_imap, mod_asis, mod_cgi, mod_dir, mod_autoindex, mod_include, mod_info, mod_status, mod_negotiation, mod_mime, mod_mime_magic, mod_log_config, mod_define, mod_env, mod_vhost_alias, http_core Any help would be greatly apprec

SSLVerifyClient, 2 domains (secured and not secured), 1 localhost, JVM1.4

Hi everyone, I'd be very gratefull if someone could help me on this one. I set up my apache/ssl server in order to have strong authentication. The reason of my problems comes from the fact that I use a JVM 1.4 : when I try to download a specific module, the JVM will try to ask a client certifica

SSLVerifyClient, 2 domains, 1 localhost, JVM1.4

Hi everyone, I'd be very gratefull if someone could help me on this one. I set up my apache/ssl server in order to have strong authentication. The reason of my problems comes from the fact that I use a JVM 1.4 : when I try to download a specific module, the JVM will try to ask a client certifica

client certificate problems

s also listed below. If anyone could offer any trouble shooting tips that would be greatly appreciated. Thanks for your time and assistance. John //- Additional information: Version: Apache/2.0.52 OS: Mac

Verification problem

/SecurityServicesCA.crt SSLCertificateFile /etc/httpd/ssl.key/server.crt SSLCertificateKeyFile /etc/httpd/ssl.key/server.key Any suggestions?? Thanks! John __ Apache Interface to OpenSSL (mod_ssl

RE: Hey, dude, it's me ^_^ :P

g here you are better off emailing to > [EMAIL PROTECTED] just > like it says in the remarks They were cc'ed in the message so they have been asked. The list was informed so that they could see that something useful was being done about this problem. Now would you mind telling me how usef

RE: Hey, dude, it's me ^_^ :P

Can someone at Telekom Malaysia fix this please? - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] Shameless movie plug -

RE: SSL Handshake time out

2 isn't supported by Red Hat any more, but there is a "legacy" project to keep patches up to date. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375

Test message

We've had DNS problems, so I'm just checking whether this will be approved to the list immediately. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 F

RE: HTTPS variable is missing

the "IfDefine" lines. If you are listening on port 443, it makes more sense to turn the SSLEngine "on" anyway and the associated SSL certificate lines. There isn't a good reason I can think of for not enabling SSL on port 443. Also, check that you have the mod_ssl package ins

RE: There appears to be a major memory leak in mod_ssl/OpenSSL

ail about this just before XMAS where I had found a "memory leak" - and Mads Toftum suggested the use of shmcb.  I then ran tests for nearly a week - without a hint of a memory leak     John -Original Mess   age-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behal

RE: Server Report

Yes, but it didn't come from Ralf. Check the headers. Someone who has a message from this list at some time somewhere on their hard disk is infected. It's even possible that they've never been subscribed (eg they just looked at the archives). - John Airey, BSc (Jt Hons), CNA

RE: Cannot Access Includes Above Current Directory

very handy for this). - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] There is more historical evidence for the existence

RE: FW: Memory leak - Apache2.0.47 and openSSL 0.9.7c

Mads, that worked - thank you. Had my test harness working for about 75 hours - and performed about 13 Million trans. Not a memory leak in sight. Thanks again John > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Mads Toftum > Sent:

RE: FW: Memory leak - Apache2.0.47 and openSSL 0.9.7c

300 John > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Mads Toftum > Sent: 19 December 2003 09:37 > To: [EMAIL PROTECTED] > Subject: Re: FW: Memory leak - Apache2.0.47 and openSSL 0.9.7c > > > On Fri, Dec 19, 2003 at 09

FW: Memory leak - Apache2.0.47 and openSSL 0.9.7c

. I do have output from the load generator and the utility that I can send anyone. John __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTE

RE: Cannot Access Includes Above Current Directory

This isn't really a mod_ssl issue, but I suggest you use the absolute path for included php as the current directory is probably where the httpd binary is, or perhaps where the config files are. (I changed the subject as my last post was rejected, somehow) - John Airey, BSc (Jt Hons), CNA,

Re: multiple SSL instances with aliased IPs

On Mon, Nov 24, 2003 at 05:12:45PM +0100, Boyle Owen wrote: [snip loads] Many thanks for your quick response. I shall try your suggestions tonight. cheers -- John - [EMAIL PROTECTED] - http://www.reiteration.net/~jfm For PGP public key finger [EMAIL PROTECTED] or see webpage

multiple SSL instances with aliased IPs

L server* Each domain name has its own userspace. Can anyone help me here? Thanks -- John - [EMAIL PROTECTED] - http://www.reiteration.net/~jfm For PGP public key finger [EMAIL PROTECTED] or see webpage __ Apache Interface to O

RE: virtual hosting

> -Original Message- > From: Boocock, John (Academy) [mailto:[EMAIL PROTECTED] > Sent: 22 August 2003 14:04 > To: '[EMAIL PROTECTED]' > Subject: RE: virtual hosting > > > Although I'm sure that most people get quite bored and > frustrated abou

RE: virtual hosting

Although I'm sure that most people get quite bored and frustrated about questions on virtual hosting that have appeared countless times in the archives I don't think I've ever noticed what I was wondering being answered. If you had a wildcard certificate which worked for *.domain.com, would name v

RE: Problems with old MSIE 5.0

I use SSLSessionCache shm:logs/ssl_scache(512000) SSLSessionCacheTimeout 300 and it works for me... John > -Original Message- > From: Torvald Baade Bringsvor [mailto:[EMAIL PROTECTED] > Sent: 29 July 2003 12:48 > To: '[EMAIL PROTECTED]' > Subject: R

RE: Problems with old MSIE 5.0

particularly well). I don't see a great deal of point in putting resources into solving this one, except to ask what SSLSessionCache settings are you using? These have been known to cause problems with IE. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD,

RE: Problems with old MSIE 5.0

That hasn't answered my question about which exact version it is. Is it SP1, SP2, SP3 or no service pack? Those are the details that are needed to look into this. If in fact the end user hasn't applied Microsoft's patches to Microsoft's browser, how can that be your problem?

RE: Problems with old MSIE 5.0

I haven't checked the situation with SP4 (yet). The official line from Microsoft is that IE5.01 SP2 is no longer available, as it is in the "extended support phase": http://www.microsoft.com/windows/ie/support/ie51exsupport.asp - John Airey, BSc (Jt Hons), CNA, RHCE Internet syste

RE: https access problems

I've just double-checked and the Red Hat 7.3 RPM packages (apache-1.3.27-2 and mod_ssl-2.8.12-2) use dbm instead of the shm caching that was in 7.2: SSLSessionCache dbm:logs/ssl_scache SSLSessionCacheTimeout 300 I hope this hasn't sent you off the wrong way... - John Aire

RE: https access problems

Do you have the ipchains or iptables firewall enabled? Try "service ipchains stop" and "service iptables stop" to disable it completely and then try again. In the former case "lokkit" will allow you to configure your firewall to accept connections on the relevant

RE: netscape warning message

unable to open your key and certificate files. John > -Original Message- > From: Austin Conger (IT) [mailto:[EMAIL PROTECTED] > Sent: 02 April 2003 15:55 > To: [EMAIL PROTECTED] > Subject: RE: netscape warning message > > > Hi John, > > I have restarte

RE: netscape warning message

localhost.localdomain cert. I take it that the above paths are where your key and certificate are? - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848

RE: APache 2.x + Mod_ssl : Ive a problem!

Did you install the mod_ssl package too? Did you know that Red Hat renamed the package from "apache" to "httpd" (for some kind of consistency I guess, although confusing to those who know about it already). - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support o

Wildcard certificates from GlobalSign

I've just received an email from GlobalSign that makes it appear that Wildcard certificates are still financially viable. If anyone wants details can they contact me off the list. Thank you. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Inst

RE: openssl upgrade

est versions, but it worked fine with one of the betas. I could make up some RPMs for the latest openssl version, but I've not had any demand (or much time. I've spent most of the last three weeks trying to rebuild an evil windoze server). See the openssl FAQ for some more details. -

Apache 2.x SSL failing -- "no listening sockets available, shutting down"

Hello, I have attempted several times on 2 platforms to install and run Apache SSL. Linux PPC and Linux Redhat8.0 This is the build source -- httpd-2.0.44.tar.gz I followed various ./configuration options and here are the last tried: configured by ./configure, generated by GNU Autoconf 2.54,

Re: Help on Apache 2.0.43 + SSL installation

openssl compile (with gcc) use: ./config --prefix= shared threads no-idea '-fPIC' Then build Apache 2.x: ./configure --with-layout=Apache --prefix=/depot/apache2 \ --enable-mods-shared=most \ --with-ssl= \ --enable-ssl=shared make ; make install Note when usi

ssl on win2000

Does SSL work on a win2000, apache(1.3.xx or 2.xx - precompiled binary) and php(4.3.x) system? If yes, is there someone who can tell what to do for installing it and make it work?  I need a httpds for win2000. Thank you.   John M.

RE: securing one area of a vhost in apache 2

requesting these pages another way, eg with a browser or even curl (http://curl.haxx.se)? Like Mads says, it does look to be a client error. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, T

RE: securing one area of a vhost in apache 2

SSLRequireSSL See the SSLRequireSSL directive for more details. http://www.modssl.org/docs/2.8/ssl_reference.html#ToC22 - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6

RE: Linux Red Hat 7.2 + openSSL 0.9.7 + Apache 1.3.27 + mod_ssl 2.8.1 2 = PROBLEMS!!!

other packages installed, eg php. You'll need to remove these too. DON'T REMOVE THE REDHAT OPENSSL PACKAGE. You'll have even more problems if you do... Like Owen, I don't think you can build mod_ssl without mm either. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems

What happened to http://www.modssl.org/contrib

return @R; } chdir("../../ftp/contrib/"); @L = &ls("*"); foreach $l (@L) { next if ($l =~ m|^\s*$|); $l =~ s|(\s+)(\S+[^/])(\s*\n)$|$1."$2".$3|e; $l =~ s|(\s+)(\S+/)(\s*\n)$|$1."$2".$3|e; foreach $hi (@HI) { $l =~ s|^(.*$hi.*)$|$1 [LATEST]|;

RE: Problems compiling mod_ssl with apache 2.0.44

her points above are valid though. It is probably best though to put newer stuff for Red Hat under /usr/local so you don't break anything installed. Now, upgrading openssl-0.9.6 on a Red Hat box (7.0-8.0 inclusive) will screw things up bigtime (see the specific section in the openssl FAQ). If

RE: modssl versus other ssl servers

Oops, my mistake. The page http://www.securityspace.com/s_survey/payrepdetail.html?ym=200212&cat=Apache Tech&repid=10903 says 1.4 million mod_ssl sites out of 5.3 million Apache sites. I'd reckon that mod_ssl is the number one secure server on the 'net. - John Airey, BSc (J

RE: modssl versus other ssl servers

For just under $2000, Security space will give you a report on it. http://www.securityspace.com/s_survey/payrepdetail.html?ym=200212&cat=Apache Tech&repid=10903 (Which explains why the links on the modssl site to statistics are out of date). - John Airey, BSc (Jt Hons), CNA, RHCE

RE: Verifying enabled ciphers?

What round? Wow! That's news too me. Now I can resume my travels as I had paused for conscerns of walking off the edge > >-Original Message- > >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > > > >Nearly everything we believe is second hand. For example, less than 500 > >people

RE: Verifying enabled ciphers?

Apologies for the last message everyone. I thought I was sending it personally, and not to the list. Must pay more attention in the mornings. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2

RE: Verifying enabled ciphers?

ere most "believers" in Evolution are at, simply following the flock. His section on problems with the theory is interesting, as those problems are still true, and there are many more problems too. John - NOTICE: The information contained in this email and any attachments is conf

RE: Verifying enabled ciphers?

orries. You'll need more information about all of these one from your auditor, rather than just sweeping statements. We had a security auditor recently who said much the same. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the B

RE: Wildcard Certs

. It looks highly likely that this will be the first year since 1998 that we don't continue with wildcard certificates and go back to managing certificates individually. Thanks for raising this one Mads. Hopefully the position is now clear. - John Airey, BSc (Jt Hons), CNA, RHCE Internet sy

RE: Wildcard Certs

that Thawte had regarding wildcard certificates when we renewed last year. I'll post exact details when I get them. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 3752

RE: Wildcard Certs

they were losing money by issuing them. We had to give a statement last year on how many sites we'd run it on and agreed a price for them. I will check with my contacts within Thawte and get a definitive response. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, IT

Use TLS 1.0 needed in Internet Explorer

authority can not be verified and when I view the details I can see the chain has not been resolved. However, by selecting Use TLS 1.0 in the Advanced preferences I can get it to work. Why would my web site be demanding use of TLS when by default IE doesn't use it? Thanks,

RE: httpd won't start

httpd.conf configuration file (with any data you don't want made public removed) would be most useful. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0)

RE: POST with mod_ssl intermittently fails with a 405

variable). John > -Original Message- > From: Jan-Piet Mens [mailto:[EMAIL PROTECTED]] > Sent: 17 December 2002 17:39 > To: [EMAIL PROTECTED] > Subject: RE: POST with mod_ssl intermittently fails with a 405 > > > I've got an upload_max_filesize = 2M and a

RE: POST with mod_ssl intermittently fails with a 405

Oops. I meant to say that you should have "memory_limit" twice "upload_max_filesize". I've had problem when they've both been the same. John > -Original Message- > From: Jan-Piet Mens [mailto:[EMAIL PROTECTED]] > Sent: 17 December 2002 16:50 >

RE: POST with mod_ssl intermittently fails with a 405

Sorry to be slow on the uptake. How big is your POST? I had an issue with memory_limit, post_max_size and upload_max_filesize (all in /etc/php.ini). If your POST is bigger than the limits within php, the script may give up. This could be the cause of what you are seeing. - John Airey, BSc (Jt

RE: POST with mod_ssl intermittently fails with a 405

I've just re-read the original posters message, and it is possible that when they say the system is "self-built" that they built an older version of openssl. However, given what I've already said that is unlikely. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems su

RE: POST with mod_ssl intermittently fails with a 405

Sorry to correct you Owen, (you are usually spot on), but RedHat 7.x/8.0 will all show openssl 0.9.6b. Provided that the machine is up to date (eg using Red Hat Network at https://rhn.redhat.com) it will have all the updates. And no, I'm not on commission... - John Airey, BSc (Jt Hons)

RE: What is a good way to determine this

el. Perhaps the server writes this entry before the SSL handshaking completes? (I'd have to look in the source). - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375

RE: OpenSSL RPMs and Apache/modssl install

in that you wish to use is it worth recompiling, and in that case you can use /usr/local/ssl or /usr/local to build it in (ie, don't overwrite the /usr/bin/openssl file). Although as you are in the US then you are restricted by a number of US patents anyway. See the openssl FAQ for more informa

RE: Is anyone successfully running OWA2K behind Apache/mod_ssl?

te. On Exchange 5.5/IIS4 we've disabled both Challenge/Response (as this prevents Netscape or Mozilla getting into your mailbox) and *anonymous* access. We do get a niggly message "your password will expire in 0 days", but we just ignore it. If you followed my last message, you'

RE: Is anyone successfully running OWA2K behind Apache/mod_ssl?

/IIS4 we've disabled both Challenge/Response (as this prevents Netscape or Mozilla getting into your mailbox) and basic authentication. We do get a niggly message "your password will expire in 0 days", but we just ignore it. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems sup

RE: Is anyone successfully runnin OWA2K behind Apache/mod_ssl?

lives don't give very much performance advantage anyway. After all, the apache-mod_ssl server will have keep-alives disabled (or should do). - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU,

RE: Configuring Multiple Certicates SSL over an unique IP

. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] If we could learn one thing from September 11th 2001, it would be the utter

Re: Stronghold and Apache/mod_ssl certificate compatibility

configured correctly, the requests are coming in encrypted, but the server is not decrypting. You can't transfer your httpd.conf directly though, copy over your virtual hosts and any special handlers/rules to a default apache config and see how that works. John Darin Holloway Web Develope

RE: mod_ssl-2.0.40-8

I used an RPM or compiled it myself, so hopefully version 8.0 does what I haven't managed yet. Thanks for the information. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44

RE: mod_ssl-2.0.40-8

been doing this since version 7.0. With version 8.0, the "apache" package name disappears and is called "httpd" instead. I guess they are synchronising the names of the packages to match the daemon names, although I haven't yet checked to see if "bind" has becom

RE: ssl_scache.dir and ssl_scache.pag

e. On your system you might need "apachectl reload" instead as the above example is for a Red Hat Linux system. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733

RE: Site for modssl.org

An rpm for mod_ssl comes with Red Hat 7.2 (I assume that's what you are referring to). As for latest, there should be an update available from Red Hat fairly soon. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bak

RE: SSL Not Working from Outside LAN

Great. "chkconfig ipchains off" should stop it running in all runlevels. John > -Original Message- > From: Jeff Umstead [mailto:[EMAIL PROTECTED]] > Sent: 07 October 2002 16:01 > To: [EMAIL PROTECTED] > Subject: RE: SSL Not Working from Outside LAN > > &

RE: Installing mod_ssl

ions. Don't remove the openssl package that comes with 7.3 though. You'll break several packages that come with 7.3 such as ssh, sendmail and nearly all the email programs. I used to compile apache and mod_ssl, but now I prefer to wait for the packages from Red Hat. - John Airey, BSc

RE: SSL Not Working from Outside LAN

topping packets coming in. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] Theories of evolution are like buses - there

RE: mod_ssl / mod_proxy interaction

Could you eloborate on why you say that reverse proxy with SSL won't work? We've been running it for years on our Exchange system here, although granted that uses 5.5 rather than 2000. Testing of access to OWA 2000 is on my to-do list. Thank you. - John Airey, BSc (Jt Hons), CNA, RHC

RE: certificate + network ACL + passwords problem?

on at http://httpd.apache.org/docs/mod/mod_access.html#allow doesn't all work for me. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370

RE: Red Hat Linux update for Linux Slapper worm

Microsoft look professional, which is a scary thought. John > -Original Message- > From: Mark J Cox [mailto:[EMAIL PROTECTED]] > Sent: 20 September 2002 12:25 > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Re: Red Hat Linux update for Linux Sl

Red Hat Linux update for Linux Slapper worm

s fixed in their latest version. I didn't even get told this when I rang their support department. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44

Red Hat Linux update for Linux Slapper worm

4312. If I haven't heard from them soon, I will probably release an update myself. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [

RE: Using Aliases and SSL

reason why this shouldn't work. Can you post an example please?   - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] R

Re: httpd.conf

8.0.3:443 that will get the result you desire. later John begin:vcard n:Ott;John tel;pager:202 688 9735 tel;cell:301 502 4356 tel;work:202 687 8929 x-mozilla-html:FALSE org:Georgetown University;UIS-SNS version:2.1 email;internet:[EMAIL PROTECTED] title:UNIX Systems Programmer adr;quoted-p

RE: Apache Operations?

That depends on which firewall you have. Mail me off the list with details and I'll see what I can do to help. I was hoping to speak at this year's apachecon on "Apache and Firewalls", but it wasn't to be! Maybe next year... - John Airey, BSc (Jt Hons), CNA, RHCE

Re: Compiling apache with mod_perl + mod_ssl on HP-UX 10.2; link problem

rally use HPs compliers and utilities. later John __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]

Distributed Session Cache

web server? I see that there is a great deal of work on distributed shared memory (mostly for parallel computing). Has anyone put one of these solutions under mm? John -- John Bly Milton IV (512) w:493-2764, h:323-5622, m:750-1783 FundsXpress [EMAIL PROTECTED] Don't

Trouble Building on Win32

Was there every a resolution to the issue on Building Apache 1.3.26 with mod_ssl 2.8.10 for Windows 2000 platform.  I am running into the same issue. This issue was originally submitted by Noah White. (see link below)   Thanks in advance for any assistance on this matter.   John

RE: problem when i create private key

Try this instead openssl genrsa -des3 -rand file1:file2:file3:file4:file5 -out ca.key 1024 Where file1 to file5 are reasonably random files. Log files are handy for this. - John Airey Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough

RE: Static Page after SSL Handshake Failure ??

ng anyway: http://curl.haxx.se - John Airey Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] Is the statement 'There is no such thing as truth' true?

correctly setting SSL_LDFLAGS under Solaris

or Solaris and any other OS that supports runtime linker flags. Thanks, John [EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL

RE: 1 certificate for several sites using redirection ?

Sounds like you have some absolute links rather than relative links. You can also use proxypass /test https://other-subdomain.ourdomain.com If the data needs to be secured between the proxy and the destination server. - John Airey Internet systems support officer, ITCSD, Royal National

RE: 1 certificate for several sites using redirection ?

There's always the possibility of a wildcard certificate, but you'd need to have the same domain name throughout. Some browsers don't work with them. See www.thawte.com for details. - John Airey Internet systems support officer, ITCSD, Royal National Institute of the Blind

Re: 2.0.36 + mod-ssl + Win2k = Easy Money

in the apache\bin use >apache -D SSL to install apache to run as a service with SSL >apache -i -D SSL Hope this helps someone out there, and thanks to everyone who helped us! John. - Original Message - From: "Mark Chew" <[EMAIL PROTECTED]> To: <[EMAIL PROT

RE: RHL7.0 with openssl0.9.5a & 0.9.6

d and reinstalled because of the number of dependencies on them. Likewise, I'd never use no-deps without a really really good reason. - John Airey Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 F

Re: 2.0.36 + mod-ssl + Win2k = Easy Money

We have discovered that if we start Apache from the console with >apache -D SSL on our windows server, then we have ssl support... Please, someone, how do we get ssl support running as a service? It seems we have wasted a couple of days, simply to find this out! J

Re: 2.0.36 + mod-ssl + Win2k = Easy Money

on linux with no problems, we are now into our 5th day of stuffing around and still no ssl. Maybe you can give us some pointers? We are using the default configs as given with apache but there must be something else that needs to be done to get windows to work with the ssl? John. - Original

Re: 2.0.36 + mod-ssl + Win2k = Easy Money

Thanks Chris, There is a summary of what we did on the original post to this thread... any help is appreciated, thanks, John. - Original Message - From: "Chris Hsiang" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, June 10, 2002 11:16 AM Subject

Re: 2.0.36 + mod-ssl + Win2k = Easy Money

this right? John. - Original Message - From: "Victor Medina" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, June 09, 2002 3:33 PM Subject: Re: 2.0.36 + mod-ssl + Win2k = Easy Money Hi there! I can provide Apache binaries with mod_ssl included and z

2.0.36 + mod-ssl + Win2k = Easy Money

nd web etc And still we get errors! now we are getting "undefined external _alloca" errors... So now we offer money for anyone who can help... we really would like to get this right so we can write a proper howto, plus we have a critical project we need to complete. Than

  1   2   3   4   5   6   >