Hi
Anybody who knows if mod_ssl can handle 'step up' connections ?
In other words start a 40 bit and send a Thawte certificate wich makes the
browser renegotiate for 128 bit ? ( encryption key's ).
/ Lars Segerlund.
__
Apach
Hi (again :) )
I'm moving some shop sites from an ISP to my server. Will i need to get
new certificates? The certificates will have been created by their key,
won't it? Or is there a way to recreate the cert?
Thanks.
Nick.
--
Nick Davies
Technical Director
Mag
I'm new to all this certificate stuff. I made my own via "make
certificate TYPE=custom". But now every time I try to access my site
netscape tells me that it doesn't recognize the certificate, and I should
only proceed if I trust the site. Now, I'm not about to pay Verisign $800
just so I can h
Hello.
I've configured an Apache+OpenSSL+ModSSL system.
I would like to use this system only to have data encryption, but I don't
want to use Certificates.
How can I don't use Certificates and have encryption with SSL?
Thanks in advanc
I have the SSL working fine. Perhaps I missed it in the
instructions, but I would like to change the details on my self-
signed certificate. How do I do that without risk of squirrling-up my
SSL installation ? Any tips would be appreciated.
Bill Webb
work properly. The University IS Dept. tells me that SSL
Certificates are a big hassle and it would be a mistake for the library
to try to maintain one. They have had major problems with certificates.
They are a totally NT shop. The library has the only UNIX server on
campus. So my question is, are
Hi. I need some help about servlets and mod_ssl.
I'm trying to establish a secure connection between a
servlet (GenericServlet) and Apache (with Apache
JServ). If the certificate authentication has been
correctly, I need the client certificate to be
received in the ServletRequest of my servlet (or
Does anyone know how to save incoming certificates to disk?
Or can anyone suggest a forum for apache module writers?
Cheers
..
Pj.
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.323 / Virus Database: 267.8.9/41 - Release Date: 5/07/2005
I've just been informed by Thawte that there are a number of problems with
IE5 and wildcard certificates. I'm looking into the details now and will
post them to this list for everyone's benefit.
-
John Airey
Internet Systems Support Officer, ITCSD, Royal National Institut
On Tue, Jul 11, 2000, Segerlund, Lars wrote:
> Anybody who knows if mod_ssl can handle 'step up' connections ?
>
> In other words start a 40 bit and send a Thawte certificate wich makes the
> browser renegotiate for 128 bit ? ( encryption key's ).
Yes, mod_ssl supports the step up of the Serve
Hello,
I have installed apache with mod_ssl and it works well.
Now I create client certificates with openssl and want
to send them with "application/x-x509-user-cert" to the
browser. I tested DER, PEM and PKCS12 but nothing really
worked. Netscape says it doesn't know the corresp
Hello,
I have installed Apache1.3.12+mod_ssl+OpenSSL on Win NT
For testing purposes,I am using the dummy site certificates provided.
I am able to run the SSL-aware apache.
I, now, installed the client certificate from Verisign and made the
following changes in 'httpd.conf' file
SSLVe
Hi,
Is there anyone here that is successfully using client certificates, to
provide automatic validation, logons and session management. In fact is
there anyone that has got one of the above working reliably.
It seems to me that the client software built into the browsers (mostly IE)
for SSL
Does Apache+mod_ssl needs stop/start to load new certificates or
I am missing something here? Seems that usual SIGHUP/SIGUSR1 does
not help.
Apache 1.3.12, mod_ssl 2.6.6, FreeBSD 3.5, Apache compiled withouth DSOs.
Mindaugas
http://www.hostex.net
September 22, 2000 4:19 AM
> To: [EMAIL PROTECTED]
> Subject: Certificates
>
>
>
> Hi (again :) )
>
> I'm moving some shop sites from an ISP to my server. Will i need to get
> new certificates? The certificates will have been created by their key,
> won't it?
old ISP release that?
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Nick Davies
> > Sent: Friday, September 22, 2000 4:19 AM
> > To: [EMAIL PROTECTED]
> > Subject: Certificates
> >
> >
> >
>
AM
> To: [EMAIL PROTECTED]
> Subject: Re: Certificates
>
>
> Kirk Benson wrote:
> >
> > You can only reuse the cert if the DNS name is the same.
> However, for the
> > sake of security it would make sense to obtain new certs with your own
> > keypair.
> &g
You will neet the .crt and the .key, and the passphrase too. That's it
though.
Austin
>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<
On 9/22/00, 3:19:07 AM, Nick Davies <
Keith Stropus wrote:
>
> I'm new to all this certificate stuff. I made my own via "make
> certificate TYPE=custom". But now every time I try to access my site
> netscape tells me that it doesn't recognize the certificate, and I should
> only proceed if I trust the site. Now, I'm not about to p
Sure. Buy a $125 cert from Thawte (http://www.thawte.com)
Dan Roscigno [EMAIL PROTECTED]
(425)864-5540
On Tue, 7 Nov 2000, Keith Stropus wrote:
> I'm new to all this certificate stuff. I made my own via "make
> certificate TYPE=custom". But now every time I try to access my site
> netscap
Hi
I would like to ask if it is possible to access a
certificate inside a servlet. If so how?
Thanks
Miguel
-
Email Enviado utilizando o serviço MegaMail
__
Apache Interface to
Bruno Melo wrote:
> I've configured an Apache+OpenSSL+ModSSL system.
> I would like to use this system only to have data encryption, but I don't
> want to use Certificates.
> How can I don't use Certificates and have encryption with SSL?
Er... You can't. In o
e time, not the server time. I've tested this with
IE 5.01 SP1 and Netscape 4.77.
Therefore the moral is to ensure that you renew all certificates before the
time on the certificate is reached anywhere in the world, to prevent browser
warnings. In practical terms this would mean renewing before
I've just "installed" a renewal cert from Thawte, and am a bit
confused... When I click on the Thawte "verify" button on my website,
it indicates that the expiry date has not changed - 2 days from today.
Here's what I did to "install" the renewal cert. After receiving the
new cert, I renamed t
Does mod_ssl have to have "SSLCACertificatePath and or File" to authenticate
a verisign test client certificate?
How To page reads
"SSLVerifyClient none
SSLVerifyClient require
SSLVerifyDepth 5
SSLCACertificateFile conf/ssl.crt/ca.crt
SSLCACertificatePath conf/ssl.crt
SSLOptions +Fake
Hi,
Please direct me to the OpenSSL mailing list if this question is more
appropriate over there...
I'm trying to roll my own wildcard certificate (i.e. where the CN =
*.domain.com)
I'm assuming there's more to it than just putting an asterisk in the CN field?
Any pointeres appreciated. I've g
Hi.
I have a CA (self-signed) of my own in PEM format. How do I transform my
certificate in one in DER format. I want to import it into Internet
Explorer, but it has to be the same (I have other certs already signed with
it). I've read the docs, but I can't see anything about it!
Can anyone help
How do you have a server work with multiple certificates? Thank you.
James Simmons
Linux System Admin
EdgeNet Inc / Chek Inc
[EMAIL PROTECTED]
http://www.edgeglobal.com/~jsimmons
__
Apache Interface to SSLeay (mod_ssl
Hi,
After having success with my fresh "Apache/1.3.3 (Win32) mod_ssl/2.1b6
SSLeay/0.9.0b",
I tried to connect to the webserver with client certificates enabled,
but get
only a "Certificate Chain too long" in the error logfile. I'm using the
Snake Oil
Certificate o
On Thu, Dec 16, 1999, [EMAIL PROTECTED] wrote:
> I have the SSL working fine. Perhaps I missed it in the
> instructions, but I would like to change the details on my self-
> signed certificate. How do I do that without risk of squirrling-up my
> SSL installation ? Any tips would be apprecia
On Thu, 16 Dec 1999 [EMAIL PROTECTED] wrote:
> I have the SSL working fine. Perhaps I missed it in the
> instructions, but I would like to change the details on my self-
> signed certificate. How do I do that without risk of squirrling-up my
> SSL installation ? Any tips would be appreciate
erver with mod-ssl and created
> my own certificate, but we will need an official certificate to make
> this work properly. The University IS Dept. tells me that SSL
> Certificates are a big hassle and it would be a mistake for the library
> to try to maintain one. They have had major
cate, but we will need an official certificate to make
> this work properly. The University IS Dept. tells me that SSL
> Certificates are a big hassle and it would be a mistake for the library
> to try to maintain one. They have had major problems with certificates.
> They are a totally
I don't know of any requirement to have a "paid for" certificate.
I don't know much either.
If you have openssl you can generate your own, it just won't be verifiable by a
third party.
--
-Lewis Bergman-
Texas Communications
915-695-6962
4309 Maple St.
Abilene, TX 79602
_
My mistake on my last post.
See the FAQ on the modssl.org site for exactly what you need to do.
--
-Lewis Bergman-
Texas Communications
915-695-6962
4309 Maple St.
Abilene, TX 79602
__
Apache Interface to OpenSSL (mod_ssl)
t. tells me that SSL
> Certificates are a big hassle and it would be a mistake for the library
> to try to maintain one. They have had major problems with certificates.
> They are a totally NT shop. The library has the only UNIX server on
> campus. So my question is, are there
Bob Richart said:
>> The University IS Dept. tells me that SSL Certificates are a big hassle
and it would be a mistake for the library to try to maintain one. They have
had major problems with certificates. They are a totally NT shop. The
library has the only UNIX server on campus.
In message <[EMAIL PROTECTED]> you write:
|> The only problem I have ever had with a certificate under either Unix
|> (Solaris and Linux) or NT was forgetting to renew one once. Sounds like
|> your University IS Dept is staffed by incompetents.
In this case, it might just be that IS feel they'r
need an official certificate to make
> this work properly. The University IS Dept. tells me that SSL
> Certificates are a big hassle and it would be a mistake for the library
> to try to maintain one. They have had major problems with certificates.
> They are a totally NT shop. The librar
(ie) is more difficult to do this
than netscape, and the MAC version of ie is even more difficult (if
not impossible) to add certificates (so suggest that mac users use
Netscape [hello? microsoft? did you hear that? hint hint.]).
You may want to create a separate secret key for the signing of
On Wed, Feb 23, 2000, Augusto Alvares wrote:
> Hi. I need some help about servlets and mod_ssl.
> I'm trying to establish a secure connection between a
> servlet (GenericServlet) and Apache (with Apache
> JServ). If the certificate authentication has been
> correctly, I need the client certificat
Augusto Alvares wrote:
>
> Hi. I need some help about servlets and mod_ssl.
> I'm trying to establish a secure connection between a
> servlet (GenericServlet) and Apache (with Apache
> JServ). If the certificate authentication has been
> correctly, I need the client certificate to be
> received i
Hi,
I'm trying to set up a SSL server for an extranet, and then create
client certificates for each one of the clients, so that only the
certificates signed with my server's key could connect to it. The server
configuration looks just fine, but I can't figure out how to cr
Hello All,
Apologies if this has been asked before, I'm new to this list.
I´m trying to create a Client Certificate to a MSExplorer Browser. I want to
generate certificates to a couple of clients and only this clients will be
allowed to access a specific URL from my site.
I´ve tryed to gen
Title: Intermediate Certificates
Hi,
Can you put more than one intermediate signer certificate for chaining in Apache?
Meaning having two lines in the apache config file.
SSLCertificateChainFile /usr/local/apache/conf/ssl.crt/ca.crt
SSLCertificateChainFile /usr/local/apache/conf/ssl.crt
Lv3,
TLSv1)
[trace] Init: (xxx:443) Configuring RSA server certificate
[info] Init: (xxx:443) RSA server certificate enables Server Gated
Cryptography (SGC)
[trace] Init: (xxx:443) Configuring RSA server private key
[trace] Init: (xxx:443) Configuring server certificate
of the
modules that ship with apache (auth ones are an easy
start). Not sure about forums.
Regards
Matt
--- Pj <[EMAIL PROTECTED]> wrote:
> Does anyone know how to save incoming certificates
> to disk?
> Or can anyone suggest a forum for apache module
> writers?
>
> Chee
On Wed, Jun 28, 2000 at 03:37:27PM +0100, Airey, John wrote:
> I've just been informed by Thawte that there are a number of problems with
> IE5 and wildcard certificates. I'm looking into the details now and will
> post them to this list for everyone's benefit.
>
On Tue, Jul 11, 2000 at 08:32:09AM +0200, Thomas Barthel wrote:
> Hello,
>
> I have installed apache with mod_ssl and it works well.
> Now I create client certificates with openssl and want
> to send them with "application/x-x509-user-cert" to the
> browser. I te
>
> For all these operations you must be aware that two different items
> are needed:
> - the private key (secret)
> - the public key (included in the "certificate")
>
> If you only download the user-cert, the corresponding private key
> is missing, this is what Netscape tries to tell you.
>
>
On Tue, Jul 11, 2000 at 09:16:34AM +0200, Thomas Barthel wrote:
> Maybe I'm too new to this topic but isn't it true that PKCS12 contains both
> the public and the private key?
Yes, the PKCS12 does support both keys. You however cannot download the
PKCS12 directly into the browser. You can only do
> Yes, the PKCS12 does support both keys. You however cannot download the
> PKCS12 directly into the browser. You can only download it to a file
> and then import it.
> The direct download technique is only available for the cert (which only
> contains the public key):
> http://home.netscape.com/e
> > There seems to be a MIME-type for PKCS12 available:
> > http://www.crosswinds.net/san-marino/~jom/filex/mime.htm
> > .p12 application/pkcs-12
> > .p12 application/x-pkcs-12
> >
> > I however don't know whether it is actually supported by Netscape.
> > (If it is, please inform us.)
>
> thanks
If I obtain an SSL certificate from a top level CA (like Verisign, for
instance), can I then issue other certificates using MY cert as the CA cert?
Will browsers then execute a chain look up back to Verisign to satisfy the
validity of the cert?
> Robert T. Stutes
>
> Robert Stutes
>
On Tue, Sep 12, 2000 at 10:02:57AM +1000, [EMAIL PROTECTED] wrote:
>
> Is there anyone here that is successfully using client certificates, to
> provide automatic validation, logons and session management. In fact is
> there anyone that has got one of the above working reliably.
Y
On Thu, Sep 14, 2000, Mindaugas Riauba wrote:
> Does Apache+mod_ssl needs stop/start to load new certificates or
> I am missing something here? Seems that usual SIGHUP/SIGUSR1 does
> not help.
>
> Apache 1.3.12, mod_ssl 2.6.6, FreeBSD 3.5, Apache compiled withouth DSOs.
Y
> > Does Apache+mod_ssl needs stop/start to load new certificates or
> > I am missing something here? Seems that usual SIGHUP/SIGUSR1 does
> > not help.
> >
> > Apache 1.3.12, mod_ssl 2.6.6, FreeBSD 3.5, Apache compiled withouth
DSOs.
> Yes, you have to per
On Thu, Sep 14, 2000, Mindaugas Riauba wrote:
> > > Does Apache+mod_ssl needs stop/start to load new certificates or
> > > I am missing something here? Seems that usual SIGHUP/SIGUSR1 does
> > > not help.
> > >
> > > Apache 1.3.12, mod_ssl 2.6.6,
Id like to configure my mod_ssl-2.5.1-1.3.11 enabled Apache-1.3.11, to
serve up what I would call Netscape "People" certificates. That is they
dont get installed in "Yours" or CA "Signers. This would emulate the
download magic that occurs if you went to a CA lik
TED]>
Sent: Tuesday, January 09, 2001 3:44 AM
Subject: servelts/certificates
> Hi
>
> I would like to ask if it is possible to access a
> certificate inside a servlet. If so how?
>
> Thanks
>
> Miguel
>
> ---
About accessing certificates in a servlet can anyone
inform me if Tomcat works. I have tomcat 3.2.1 running
with apache 1.3.14 and i would like to know if it is
possible to run servlets with certificate access.
Miguel Fontes
-
Email Enviado
ROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, January 10, 2001 12:47 AM
Subject: Re: servelts/certificates
> About accessing certificates in a servlet can anyone
> inform me if Tomcat works. I have tomcat 3.2.1 running
> with apache 1.3.14 and i would like to know if it is
Does anyone know about a workaround/fix for the below problem? We'd
like to use a wildcard certificate ...
I tested the "wildcard" test-certificate offered by www.thawte.com
The test:
I control the DNS, so I put a "*.gmoney.com" entry in my DNS file,
and ping tested multiple names, ie. hello.
I have an Apache server running multiple Name Based Virtual Hosts, all
running SSL with both server and client authentication. I have not been
able to set up different server certificates for individual virtual hosts,
and I have been told that this is not possible.
Is this really the case and
Hello,
I have a problem with apache-1.3.20 + mod_ssl-2.8.4-1.3.20 +
openssl-0.9.6a + mm-1.1.3.
The ssl-module is built in as a shared object. The apache runs on SuSE
Linux with a 2.0.36 kernel.
If I have more than 114 certificates in the certificatepath, https
doesn´t work.
Have you any
. I am using pem format certificates.
BoB Woodraska
IB Systems Administrator
PCS
(605) 362-1260
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL
gn.sh is distributed with the mod_ssl distribution (subdir
pkg.contrib/). Use this script for signing.
Now you can use this CA to sign server CSR's in order to create real SSL
Certificates for use inside an Apache webserver (assuming you already
have a server.csr at hand):
$ ./sign.sh server.c
Hi,
We are using
Apache/1.3.9 (Unix) mod_ssl/2.4.10 and we
could authenticate our windows 2000 ca server certificates to whole part of
server.How can I authenticate my clients for a particular URL based on
certificates but still allow arbitrary clients to access the remaining parts of
On Tue, 29 Jan 2002, Andrew Pollock wrote:
> I'm trying to roll my own wildcard certificate (i.e. where the CN =
> *.domain.com)
>
> I'm assuming there's more to it than just putting an asterisk in the CN
> field?
Nope... there's no more to it than that. At least that's the experience
I've had.
On 29.01.2002 at 11:12:02, "Julian C. Dunn" <[EMAIL PROTECTED]> wrote:
> On Tue, 29 Jan 2002, Andrew Pollock wrote:
>
> > I'm trying to roll my own wildcard certificate (i.e. where the CN =
> > *.domain.com)
> >
> > I'm assuming there's more to it than just putting an asterisk in the CN
> > fiel
On Tue, 29 Jan 2002, Andrew Pollock wrote:
> On 29.01.2002 at 11:12:02, "Julian C. Dunn" <[EMAIL PROTECTED]> wrote:
>
> > Nope... there's no more to it than that. At least that's the experience
> > I've had. Apache will complain (warn) that your CN doesn't match the name
> > of the server, but ev
On 29.01.2002 at 14:46:30, "Julian C. Dunn" <[EMAIL PROTECTED]> wrote:
> On Tue, 29 Jan 2002, Andrew Pollock wrote:
>
> > On 29.01.2002 at 11:12:02, "Julian C. Dunn" <[EMAIL PROTECTED]>
wrote:
> >
> > > Nope... there's no more to it than that. At least that's the experience
> > > I've had. Apach
On Tue, 29 Jan 2002, Andrew Pollock wrote:
> No, it's two subdomains of the same domain.
>
> https://ops.suretyit.com.au/
> https://sales.suretyit.com.au/
That's because you're trying to use a cert that has its CN as
*.singtech.com.au, and the site(s) you are using it on are
*.suretyit.com.au.
On 29.01.2002 at 23:36:53, "Julian C. Dunn" <[EMAIL PROTECTED]> wrote:
> On Tue, 29 Jan 2002, Andrew Pollock wrote:
>
> > No, it's two subdomains of the same domain.
> >
> > https://ops.suretyit.com.au/
> > https://sales.suretyit.com.au/
>
> That's because you're trying to use a cert that has i
On Tue, Jan 29, 2002 at 10:56:16AM +1000, Andrew Pollock wrote:
> I'm trying to roll my own wildcard certificate (i.e. where the CN =
> *.domain.com)
> I'm assuming there's more to it than just putting an asterisk in the CN field?
While CN="*.domain.com" is the typical thing to do, I've found t
Hey All,
This subject has probably already been broached, but is it possible to
change certificates dynamically? I'm having problems getting apache to
present the new certificate during renegotiation.
For example, I start apache with a pre-existing self-signed certificate.
Then I upl
Hello modssl users !
I managed to set up an ssl aware web server.
Although I searched the web and also the list
archive I haven't been able to create a client
certificate which is signed by my own CA for
client authentication.
Could someone describe the process of creating
such a certificate in
hi,
i don't know if this list is the best for my question, my deepest apologies if
not
is there a way to know thanks to apache and/or modssl if a given root ca is
installed on the client side (browser) ?
what i want to avoid is a page like :
***
click here to insta
Hi.
I'm running Apache 1.3.4, mod-ssl 2.2.3 and SSLeay 0.9.0b.
I've already set up the browser with SSL, and even some more stuff, and all
works fine.
The question is when I issue a client certificate. I've already read the
ns-ca.doc and followed the instructions of F. Hirsch about the script to
On Mon, Mar 08, 1999, Nuno Miguel Neves wrote:
> I have a CA (self-signed) of my own in PEM format. How do I transform my
> certificate in one in DER format.
$ ssleay x509 -in ca.pem -out ca.der -outform der
> I want to import it into Internet
> Explorer, but it has to be the same (I have othe
On Tue, Mar 09, 1999, James Simmons wrote:
> How do you have a server work with multiple certificates? Thank you.
Do you mean whether a single Apache instance can run more than one virtual
host and each of those virtual hosts with a different certificate (answer
would be: yes) or whethe
Ralf S. Engelschall [SMTP:[EMAIL PROTECTED]]
Sent: Wednesday, March 10, 1999 7:38 AM
To: [EMAIL PROTECTED]
Subject:Re: Multiple Certificates?
On Tue, Mar 09, 1999, James Simmons wrote:
> How do you have a server work with multiple certificates? Thank you.
Do you mean whether a s
On Wed, Mar 10, 1999, Juergen Rensen wrote:
> >Do you mean whether a single Apache instance can run more than one virtual
> >host and each of those virtual hosts with a different certificate (answer
> >would be: yes)
>
> Oh?! Does this imply that you can have multiple virtual SSL hosts hanging
On Wed, 10 Mar 1999, Juergen Rensen wrote:
> >Do you mean whether a single Apache instance can run more than one virtual
> >host and each of those virtual hosts with a different certificate (answer
> >would be: yes)
>
> Oh?! Does this imply that you can have multiple virtual SSL hosts hanging
>
> > Oh?! Does this imply that you can have multiple virtual SSL hosts hanging
> > off the same IP address?
>
> No, I'm just talking about virtual hosts and implicitly assumed that this in
> SSL-context always means IP-based. In other words: The virtual hosts cannot
> share the same IP, of cours
On Wed, Mar 10, 1999, Dan Roscigno wrote:
> > > Oh?! Does this imply that you can have multiple virtual SSL hosts hanging
> > > off the same IP address?
> >
> > No, I'm just talking about virtual hosts and implicitly assumed that this in
> > SSL-context always means IP-based. In other words: Th
> > Another thing that can be done is to have a wildcard cert
> > (common name = *.domain) this will allow you to have
> > foo.domain:443, bar.domain:443, www.domain:443 etc. All of
> > the domains have the same ip address and port, and they all
> > use the same cert. I know that Thawte issues
Do NetScape & IE support such *.domain certs?
Juergen
-Original Message-
From: Ralf S. Engelschall [SMTP:[EMAIL PROTECTED]]
Sent: Thursday, March 11, 1999 3:29 AM
To: [EMAIL PROTECTED]
Subject:Re: Multiple Certificates?
On Wed, Mar 10, 1999, Dan Roscigno w
On Wed, Mar 10, 1999, Dan Roscigno wrote:
> > > Another thing that can be done is to have a wildcard cert
> > > (common name = *.domain) this will allow you to have
> > > foo.domain:443, bar.domain:443, www.domain:443 etc. All of
> > > the domains have the same ip address and port, and they all
On Wed, Mar 10, 1999 at 10:35:11AM +0100, Ralf S. Engelschall wrote
(to the sw-mod-ssl mailing list):
> On Wed, Mar 10, 1999, Juergen Rensen wrote:
>> I tried to setup
>> virtual SSL hosts on the same IP address, but Apache always returned one
>> and the same default site. Has this changed?
>
> > On Wed, Mar 10, 1999, Juergen Rensen wrote:
>
> >> I tried to setup
> >> virtual SSL hosts on the same IP address, but Apache always returned one
> >> and the same default site. Has this changed?
>
> > No, this cannot be changed. It's the chicken and egg problem HTTP
> > over SSL/TLS alway
Nuno Miguel da Cruz Neves a écrit :
> Hi.
>
> I'm running Apache 1.3.4, mod-ssl 2.2.3 and SSLeay 0.9.0b.
> I've already set up the browser with SSL, and even some more stuff, and all
> works fine.
>
> The question is when I issue a client certificate. I've already read the
> ns-ca.doc and follo
On Tue, Oct 20, 1998, [EMAIL PROTECTED] wrote:
> After having success with my fresh "Apache/1.3.3 (Win32) mod_ssl/2.1b6
> SSLeay/0.9.0b",
> I tried to connect to the webserver with client certificates enabled,
> but get
> only a "Certificate Chain too long"
> On Tue, Oct 20, 1998, [EMAIL PROTECTED] wrote:
>
> > After having success with my fresh "Apache/1.3.3 (Win32) mod_ssl/2.1b6
> > SSLeay/0.9.0b",
> > I tried to connect to the webserver with client certificates enabled,
> > but get
> > only a &qu
Hi,
is there any way for making CLIENT certificates using SSLeay & mod-ssl?
if not, is there any CA which offers free client certificates or the
only way to get one is selling it? (I need it just with testing
purpuses)
Thanks in advance.
Jesus Al
i installed a self-signed certificate in my web site and the day before it expired
i installed a new one. this seemed to screw up browsers that thought that the old
one was valid. so i deleted the certificate out of netscape but for the life of me
i cannot work out how to delet it from ie, anyone
Hello,
I just installed Apache+ssl using OpenSSL and, of course, mod-ssl.
I'm using a certificate from VeriSign. I can fire up the server. There
are no error messages from simply starting it. In fact, it will even
serve pages off of the non-ssl part of the server. However, when I try
a
Hi,
how do people build SSL systems which do not require the client to
accept certificates? E.g. if you want to order a book at www.amazon.de
and you are using the SSL connection, users do not have to accept the
certificates, although the certificate of the website is not in the
browser
I am extremely happy now.
I have successfully implemented Apache 1.3.6 + SSL 0.9.3a.
I have user controlled access with passwords.
It has only taken about 1.5 weeks.
The last step is to create client certificates.
I only have about 20 people accessing the site.
I want to restrict access to
Hi,
I use certificates in Apache SSL : I have made these certificates
with Netscape Certificate Server and in DN I have the field OID
When Apache list the DN of the certificate I see the object identifier
instead of oid:how can I say to Apache that this object identifier
corresponds to OID
1 - 100 of 448 matches
Mail list logo
