Re: [VOTE] Release Apache Traffic Server 3.2.3

Fri, 12 Oct 2012 08:16:56 -0700 

On Oct 11, 2012, at 11:57 PM, Jan-Frode Myklebust <janfr...@tanso.net> wrote:

> On Fri, Oct 12, 2012 at 12:53 AM, James Peach <jamespe...@me.com> wrote:
> 
>> 
>> What's your SSL configuration look like? What are your certificates?
>> 

That looks perfectly reasonable. What does webint.example.net resolve to on the 
client? Can you show me the result of "curl -v -v"?

> ssl_multicert.config:
> 
> dest_ip=81.167.37.99
> ssl_cert_name=/etc/pki/tls/certs/star.webint.example.no.crt
> ssl_key_name=/etc/pki/tls/private/star.webint.example.no.key
> ssl_ca_name=/etc/pki/tls/certs/star.webint.example.no.ca-bundle
> dest_ip=81.167.37.125
> ssl_cert_name=/etc/pki/tls/certs/services.example.no.crt
> ssl_key_name=/etc/pki/tls/private/STAR.services.example.no.without.passphrase.key
> ssl_ca_name=/etc/pki/tls/certs/gd_bundle.crt
> 
> 
> records.config:
> 
> CONFIG proxy.config.http.server_ports STRING 80:ipv4 80:ipv6
> 443:ipv4:ssl 443:ipv6:ssl
> CONFIG proxy.config.ssl.number.threads INT 0
> CONFIG proxy.config.ssl.SSLv2 INT 0
> CONFIG proxy.config.ssl.SSLv3 INT 1
> CONFIG proxy.config.ssl.TLSv1 INT 1
> CONFIG proxy.config.ssl.server.cipher_suite STRING
> RC4-SHA:AES128-SHA:DES-CBC3-SHA:AES256-SHA:ALL:!aNULL:!EXP:!LOW:!MD5:!SSLV2:!NULL
> CONFIG proxy.config.ssl.server.honor_cipher_order INT 0
> CONFIG proxy.config.ssl.compression INT 1
> CONFIG proxy.config.ssl.client.certification_level INT 0
> CONFIG proxy.config.ssl.server.cert_chain.filename STRING NULL
> CONFIG proxy.config.ssl.server.cert.path STRING /etc/pki/tls/certs/
> CONFIG proxy.config.ssl.server.private_key.path STRING /etc/pki/tls/private/
> CONFIG proxy.config.ssl.CA.cert.filename STRING NULL
> CONFIG proxy.config.ssl.CA.cert.path STRING /etc/trafficserver
> CONFIG proxy.config.ssl.client.verify.server INT 0
> CONFIG proxy.config.ssl.client.cert.filename STRING NULL
> CONFIG proxy.config.ssl.client.cert.path STRING /etc/trafficserver
> CONFIG proxy.config.ssl.client.private_key.filename STRING NULL
> CONFIG proxy.config.ssl.client.private_key.path STRING /etc/trafficserver
> CONFIG proxy.config.ssl.client.CA.cert.filename STRING NULL
> CONFIG proxy.config.ssl.client.CA.cert.path STRING /etc/trafficserver
> 
> 
>  -jf

Reply via email to