tk dev wrote:
>
>
> 3.as i know, modssl & apache-ssl is different. how
> should i start apache after i enabled ssl? should i
> stop the current apache? should i change/start/stop
> any daemon?
>
/sbin/init.d/apache reload
Most of the scripts in that directory have start, stop and reload
func
no others.
the http protocol itself dosnt support any other method.
-原始邮件-
发件人: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]代表 [EMAIL PROTECTED]
发送时间: 2000年8月25日 12:10
收件人: [EMAIL PROTECTED]
主题: RE: using ssl in http protocol
do you means that on server side, i can only free the resour
do you means that on server side, i can only free the resource of certion persistent
connection when
1. reading/writing error occures when server trys to read/write from the socket;
2. server side timeout(can be configed by hand.) occures.
is there any http headers for keeping the persistent
They come with the dist.
openssl-0.9.5a/demos/ssl
Crispin
On Fri, 25 Aug 2000, Ham Jae-Hyun wrote:
> Hello!
>
> I am an graduate student at POSTEH in Korea.
> I want to develop an socket server and client using openssl library.
> But it is difficult for me to develop them. ^^;;
> I can't find
you means
you want to develop a ssl socket server and a ssl socket client? or just a
simple client and server?
if it is
the fist choice, you can read the source code of demo/ssl/* of
openssl.
if it is
the second choice, read some book. it is easy
-原始邮件-发件人: [EMAIL
Hello!
I am an graduate student at POSTEH in Korea.
I want to develop an socket server and client using openssl
library.
But it is difficult for me to develop them. ^^;;
I can't find any simple examples...
Could you send me the example sources of simple socket server
and client
-Original Message-
From: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Thursday, August 24, 2000 6:50 PM
Subject: re: using ssl in http protocol
>a question about persistent mode in http
>
>if in keep-alive mode, in the server side, how can i recong
hi,
you might want to try apache.org
> if in keep-alive mode, in the server side, how can i recongize a persistent
>connection is shut down, and free the preserved resources of it? from the appearence
>of http request and response, there seems on obvious steps to tell the server an
>persist
you should judge the persistent connection by look up the http header. in http header,
it give the http version and etc, default, http version1.0 dont support persistent
connection, http version 1.1 support it.
By look up the header, the web server know whether shutdown the connection or not
af
a question about persistent mode in http
if in keep-alive mode, in the server side, how can i recongize a persistent connection
is shut down, and free the preserved resources of it? from the appearence of http
request and response, there seems on obvious steps to tell the server an persistent
hi greg,
--- Greg Stark <[EMAIL PROTECTED]> wrote:
> Are you trying to generate a CA root certificate, an
> SSL server certificate,
> both, or neither?
>
both-how do i do it?
thanks for answering.
tk
> Greg Stark, [EMAIL PROTECTED]
> Chief Security Architect
> Ethentica, Inc.
> www.ethentica.co
[EMAIL PROTECTED] wrote:
>
> The problem is Netscape's alias-key.db and alias-cert.db file format.
> Using Netscape utilities, you generate the key pair.
> The admin server has a link that will generate the CSR.
> You can cut and paste the CSR and submit it to a CA.
> When I tried to run it throu
Hi !!!
I've got the demo which creates certificate ( selfsigned )
and now I would like to add v3 extensions, in particular
KeyUsage extension with some bits on. Do I have to use
conf file or could I set this up directly, without using conf ?
I am not using OpenSSL command line utility but crypto
The problem is Netscape's alias-key.db and alias-cert.db file format.
Using Netscape utilities, you generate the key pair.
The admin server has a link that will generate the CSR.
You can cut and paste the CSR and submit it to a CA.
When I tried to run it through OpenSSL, it complains about not be
I've had success using the CA.sh script (as opposed to the CA.pl version); from my
notes:
- modify the config file (.cnf)
- may need to change CA.sh to use config file if it's not the default name
- misc/CA.sh -newca
- - to create new CA cert
- type in passphrase
- enter the director
[EMAIL PROTECTED] wrote:
>
> Sorry, this is long.
>
> I would like to generate a self-signed Certificate for internal testing
> purposes.
> I've downloaded OpenSSL 0.9.5a and have played a bit with the utilities.
>
> Netscape Enterprise (Suitespot) Server provides the means to generate
> key-pa
Hi there,
We are using the OpenSSL library in a web server product and are experiencing
SMP (multi-processor) performance issues on Solaris. I have already hooked in my
own memory allocation routines as I know that heap contention is a cause of many
SMP related issues. This helped considerably, h
Sorry, this is long.
I would like to generate a self-signed Certificate for internal testing
purposes.
I've downloaded OpenSSL 0.9.5a and have played a bit with the utilities.
Netscape Enterprise (Suitespot) Server provides the means to generate
key-pairs, and Certificate Signing Requests.
Great
I cannot get openssl
to make without errors. I keep getting "No such file or directory" on the
first 11 file then a cryptlib.o Error 1. I am trying to install SSH
on a Solaris 2.6 box. Any thoughts?
William Pleasants
Qwest Communications
Network Security Engineer
Have a look at www.stunnel.org
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of nissim
Sent: jeudi 24 août 2000 19:22
To: [EMAIL PROTECTED]
Subject: I really need to implement secure pop & secure imap !
Hello all ,
Sorry for my ignorance bu t i really
Hi,
Thanks a lot for your reply.
I have given the command CA.pl -newca.
It has prompted for CA Certificate file.
I have made ENTER then a message displays
"Making a Certificate"
after that it has come to the $.
demoCA directory is created but certificate is not created.
Whether I have to ch
On Thu, Aug 24, 2000 at 09:03:53PM +0300, nissim wrote:
> I need some more information about to full procedure including making the keys and
> building the whole package .
> I need to mention that currently i have built the openssl package and now i need
> to configure it all with the regular imap
I am not sure if this is indeed the source of the problem, but to deal with
export browsers with a 1024-bit certificate, one needs to generate a
temporary key 512-bits long, since that's all those browsers can handle.
In openssl, one does this using SSL_CTX_set_tmp_rsa_callback(...)
Arun.
"If y
Lutz Jaenicke wrote:
On Thu, Aug 24, 2000 at 08:21:51PM +0300, nissim
wrote:
> I also ren the CA.pl -newca to create the certification as it was
said
> on the man of CA.pl but how the hell am i going to put it
> all together with imap & pop to secure them over ssl .
>
> I subscribed this mailing
-Original Message-
From: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Thursday, August 24, 2000 6:53 AM
Subject: using ssl in http protocol
>one question:
>http is a connectionless protocol(at least 1.0 is, and i don't know if
there are some imple
Hello everybody!
I'm trying to install openssl-0.9.5 on Windows NT
using VC++ 4.2. I've followed the instructions given at the INSTALL.W32
file, but i've had to change some parameters in the nt.mak file (I want to build
a static version of the library). I've succeed it, but now I would like
[Moved to openssl-users]
AFAIK, SSL_RECEIVED_SHUTDOWN means the **other side** (ie. the server) sent
you a shutdown. This could be because you are using HTTP/1.0 and not asking
for a Keep-Alive connection in your request. All such connections are
required to be shut-down by the protocol.
In any
Hi, Henning:
Definality, there is no legality problem, the installations will be for
internal operations usage only.
Thanks a lot.
Ricky
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Henning von Bargen
Sent: Wednesday, August 23, 2000 11:59 PM
To: [E
On Thu, Aug 24, 2000 at 08:21:51PM +0300, nissim wrote:
> I also ren the CA.pl -newca to create the certification as it was said
> on the man of CA.pl but how the hell am i going to put it
> all together with imap & pop to secure them over ssl .
>
> I subscribed this mailing list because i saw a
29 matches
Mail list logo
