On Apr 11, 2008, at 1:10 PM, Curtis H. Wilbar Jr. wrote:
Take a look at
http://www.verisign.com/support/advisories/page_040611.html
You can download the intermediate cert and install it in
your file system and point to it with SSLCertificateChainFile
in your Apache's SSL configuration as Ross
Take a look at
http://www.verisign.com/support/advisories/page_040611.html
You can download the intermediate cert and install it in
your file system and point to it with SSLCertificateChainFile
in your Apache's SSL configuration as Ross Cavanagh pointed
out.
I've been bit by this one personally
On Apr 10, 2008, at 6:08 PM, Kai Schaetzl wrote:
Scott Silva wrote on Thu, 10 Apr 2008 12:28:42 -0700:
I think you can download the intermediate certs from their webpage.
I had a look at their KB website yesterday and exactly the page that
explains how to get and install the intermediates i
Scott Silva wrote on Thu, 10 Apr 2008 12:28:42 -0700:
> I think you can download the intermediate certs from their webpage.
I had a look at their KB website yesterday and exactly the page that
explains how to get and install the intermediates is gone:
https://knowledge.verisign.com/support/ssl-c
Tony Schreiner wrote on Wed, 09 Apr 2008 21:14:25 -0400:
> Does that mean
> you don't get a dialog saying the site is not verifiable?
Correct. With IE7.
> Because I sure
> do, with several browsers on different platforms.
Checked now with FF2 and get a warning. They don't recognize the
inter
Rick Barnes wrote:
Tony Schreiner wrote:
I recently aquired a Verisign SSL certificate for my web server on
Centos 4, with apache 2.0.59 from centosplus.
It however doesn't seem to be working the way I've set it up,
browsers connect but are told the certiticate is not recognized.
Showing mor
Jay Leafey wrote:
Tony Schreiner wrote:
Kai Schaetzl wrote:
Tony Schreiner wrote on Wed, 9 Apr 2008 15:29:16 -0400:
However, you didn't provide any of the information I asked for. You
are not talking of www.bc.edu, do you?
Kai
ok, ok.
https://bioinformatics.bc.edu
Tony
I could be f
Tony Schreiner wrote:
Kai Schaetzl wrote:
Tony Schreiner wrote on Wed, 9 Apr 2008 15:29:16 -0400:
However, you didn't provide any of the information I asked for. You
are not talking of www.bc.edu, do you?
Kai
ok, ok.
https://bioinformatics.bc.edu
Tony
I could be full of cheese here,
Tony Schreiner wrote on Wed, 09 Apr 2008 18:25:55 -0400:
> https://bioinformatics.bc.edu
That is just fine, as expected. If a browser doesn't like it, it's a
problem in the browser. Probably it hasn't updated it's root CA list for
some time and is missing the intermediary certificate (which is
Kai Schaetzl wrote:
Tony Schreiner wrote on Wed, 9 Apr 2008 15:29:16 -0400:
I was under the (obviously mistaken) impression that one certificate
per hostname was the rule. and I created the certificate with the
hostname I want to use; which is resolvable; and reachable with
regular http
Kai Schaetzl napsal(a):
IE does and I think FF does as well. But IE doesn't support this specific
extension.
Kai
Both support TLS. FF supports server name indication, only IE7 on Vista
supports server name indication. IE7 on XP doesn't. :o(
D.
__
Jim Perrin wrote on Wed, 9 Apr 2008 16:40:24 -0400:
> Your
> packages work, yes, but do they function with the verisign cert he's
> already got?
More important: do they work with most browsers? There is a test page for
this (don't recall URL, but can be found on apache bugzilla) and last time
I
Les Mikesell wrote on Wed, 09 Apr 2008 16:06:59 -0500:
> Do browsers do TLS these days?
IE does and I think FF does as well. But IE doesn't support this specific
extension.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
___
Tony Schreiner wrote on Wed, 9 Apr 2008 15:29:16 -0400:
> I was under the (obviously mistaken) impression that one certificate
> per hostname was the rule. and I created the certificate with the
> hostname I want to use; which is resolvable; and reachable with
> regular http over port 80. An
Jim Perrin wrote on Wed, 9 Apr 2008 15:24:09 -0400:
> "Name-based virtual hosting cannot be used with SSL secure servers
> because of the nature of the SSL protocol."
that documentation (also in the 2.2 one) in the way that they have written
it as an exclusive truth is simply not true. One just
Jim Perrin wrote on Wed, 9 Apr 2008 14:37:11 -0400:
> It better be, because for apache 2.0, it's the ONLY way you can do vhosts.
> You have to have 1 ip per vhost for ssl. This is in the apache documentation
>
> For httpd 2.2, you can do name based vhosts, but not with standard ssl
> certs like v
Jim Perrin wrote:
On Wed, Apr 9, 2008 at 4:35 PM, David Hrbác( <[EMAIL PROTECTED]> wrote:
Jim, you are not right... SSL 3.0 support Server Name Indication and of
course TLS 1.0. For those who are interested there are repos for C{4,5}
located here:
Since I should have included this in my prev
On Wed, Apr 9, 2008 at 4:35 PM, David Hrbác( <[EMAIL PROTECTED]> wrote:
> Jim, you are not right... SSL 3.0 support Server Name Indication and of
> course TLS 1.0. For those who are interested there are repos for C{4,5}
> located here:
Since I should have included this in my previous reply... I
On Wed, Apr 9, 2008 at 4:35 PM, David Hrbác( <[EMAIL PROTECTED]> wrote:
> Jim, you are not right... SSL 3.0 support Server Name Indication and of
> course TLS 1.0. For those who are interested there are repos for C{4,5}
> located here:
My comments were/are based on the apache documentation (link
Jim Perrin napsal(a):
"Name-based virtual hosting cannot be used with SSL secure servers
because of the nature of the SSL protocol."
See http://httpd.apache.org/docs/2.0/vhosts/name-based.html for more info
Jim, you are not right... SSL 3.0 support Server Name Indication and of
course TLS 1.0
On Apr 9, 2008, at 3:16 PM, Kai Schaetzl wrote:
Tony Schreiner wrote on Wed, 9 Apr 2008 14:22:22 -0400:
It however doesn't seem to be working the way I've set it up,
browsers connect but are told the certiticate is not recognized.
Unfortunately, the most important information is missing fro
On Wed, Apr 9, 2008 at 3:15 PM, Tony Schreiner <[EMAIL PROTECTED]> wrote:
> crud...
Well, as Kai brings up, you get one cert per IP. If you're using
subdomains you *might* be able to get away with this.
*.example.com as a cert common name will work for foo.example.com, and
bar.example.com. etc.
Tony Schreiner wrote:
I recently aquired a Verisign SSL certificate for my web server on
Centos 4, with apache 2.0.59 from centosplus.
It however doesn't seem to be working the way I've set it up, browsers
connect but are told the certiticate is not recognized. Showing more
info, the informat
Tony Schreiner wrote on Wed, 9 Apr 2008 14:22:22 -0400:
> It however doesn't seem to be working the way I've set it up,
> browsers connect but are told the certiticate is not recognized.
Unfortunately, the most important information is missing from your
explanation: please give the exact URL,
On Apr 9, 2008, at 2:37 PM, Jim Perrin wrote:
On Wed, Apr 9, 2008 at 2:22 PM, Tony Schreiner <[EMAIL PROTECTED]>
wrote:
nameprotected.domain.edu is a DNS CNAME to the actual host.
How do folks do SSL and virtual hosts? multiple IP addresses is
not an
option for me.
It better be, be
Tony Schreiner wrote:
I recently aquired a Verisign SSL certificate for my web server on
Centos 4, with apache 2.0.59 from centosplus.
It however doesn't seem to be working the way I've set it up, browsers
connect but are told the certiticate is not recognized. Showing more
info, the informat
On Wed, Apr 9, 2008 at 2:22 PM, Tony Schreiner <[EMAIL PROTECTED]> wrote:
> nameprotected.domain.edu is a DNS CNAME to the actual host.
>
> How do folks do SSL and virtual hosts? multiple IP addresses is not an
> option for me.
It better be, because for apache 2.0, it's the ONLY way you can do
27 matches
Mail list logo
