Also a newbie to ssl, but with the help of this list got it working a few weeks
ago.
This document was very helpful for me when installing on solaris, even though
it is for RH, and you are using debian
http://www.linux-sxs.org/internet_serving/apache2.html
Also, for Common Name, using the IP a
please disregard
-Original Message-
From: [EMAIL PROTECTED]
Sent: Aug 30, 2005 9:24 AM
To: openssl-users@openssl.org
Subject: apachectl startssl question/problem on two boxes
when running usr/local/apache2/bin/apachectl startssl on
a development box, apache starts correctly.
when runni
when running usr/local/apache2/bin/apachectl startssl on
a development box, apache starts correctly.
when running the same command on a new box which
has been upgraded to apache2, the same startssl command,
or apachectl by itself, just displays a menu list.
startssl is not in the menu list.
CA.pl -sign finally worked. - the other method's of making certificates seemed
to work,
but I'm not sure if they were actually good certificates.
When CA.pl -sign finally worked, the https did too.
Thanks for all the helpful responses.
-Original Message-
From: Jorey Bump <[EMAIL PROTE
seeing error 8182
corrupt/invalid certificate: could not establish an encrypted connection
when trying to browse to https://ipaddress
any ideas?
also, when tyring to create certificates using CA.pl
the last step, CA.pl -sign does not work.
http://www.vanemery.com/Linux/Apache/apache-SSL.html
when running this
openssl s_client -connect 222.33.175.160:443 -state -debug > openlog2
this is the output:
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
depth=0 /C=US/ST=NewYork/L=YC/O=eee/OU=IT/CN=192.37.175.160/[EMAI
Thanks for the response.
how is stunnel used?
-Original Message-
From: Victor Duchovni <[EMAIL PROTECTED]>
Sent: Aug 10, 2005 10:18 PM
To: openssl-users@openssl.org
Subject: Re: openssl -connect works, https does not
On Wed, Aug 10, 2005 at 09:06:10PM -0400, [EMAIL PROTECTED] wrote:
> w
when connecting to an ip address on port 443 the openssl -connect
command works, but when browsing to the url with internet explorer,
the https://ipaddress/index.html does not display.
any ideas?
tia
__
OpenSSL Project
Thanks for the response.
Not sure if this post issue is similar - but once the connect works, https works
http://groups-beta.google.com/group/alt.apache.configuration/browse_thread/thread/e2ce8cc2db458885/3337e78d29ad78db?lnk=st&q=how+to+set+up+apache2+ssl.conf&rnum=2&hl=en#3337e78d29ad78db
Some
Thanks for the response.
The .key and .crt file have been moved to the defaut directories in the
ssl.conf files.
which are /usr/local/apache2/conf/ssl.crt and
/usr/local/apache2/conf/ssl.key
this document has instructions to manually connect to HTTPS
http://www.modssl.org/docs/2.8/ssl_faq.html#
Thanks for the response. Also this is a development server.
the how-to document placed the .crt and .key files
in the following directories.
cp mars-server.crt /etc/httpd/conf/ssl.crt
cp mars-server.key /etc/httpd/conf/ssl.key
cp my-ca.crt /etc/httpd/conf/ssl.crt
These directories do not exist o
Is the method of certificate/key creation as specified in thsi document:
http://www.vanemery.com/Linux/Apache/apache-SSL.html
correct?
-Original Message-
From: Jorey Bump <[EMAIL PROTECTED]>
Sent: Aug 10, 2005 2:45 PM
To: openssl-users@openssl.org
Subject: Re: apachectl startssl started,
Is it possible to clarify some of the confusion with the configuration?
>From what you wrote I don't really see what the issue is -
Any clarification would be appreciated.
The certificates were placed in a directory called CA.
How is this a problem?
Thank you.
-Original Message-
From:
These lines are from ssl.conf
DocumentRoot "/opt/apache/CA"
SSLCertificateFile /opt/apache/CA/192.33.175.160.crt
SSLCertificateKeyFile /opt/apache/CA/192.33.175.160.key
SSLCertificateChainFile /opt/apache/CA/my-ca.crt
SSLCACertificateFile /opt/apache/CA/my-ca.crt
SSLOptions +StdEnvVars
if apachectl startssl works, any idea how come
trying to open https://ipaddres:443/index.html cannot display the page?
the following log appears after trying
openssl s_client -connect IPAddress:443 -state -debug
No client certificate CA names sent
---
SSL handshake has read 2519 bytes and writt
reverse that - accidently changed the wrong file -
changing the group to nobody stopped the error_log errors
Many Thanks!
What is next required to see https://ipaddress:443/index.html ?
using netstat -na |grep LISTEN
displays 443
when typing https://ipaddress:443/index.html into a browser
Try:
Group nobody
Of course, you need to have the nobody group on your system (many
already do). Another popular choice for User/Group is apache (again, it
must be present, don't mess with this until you understand the
implications of creating a special user for Apache).
again, thanks very
> also looking into (22)Invalid argument: setgid: unable to set group id to
Group 4294967295
This is your real problem. Check your Group setting in your apache
configuration. You probably just need to get your permissions and
ownerships correct.
Thanks very much for your response. Any idea w
Trying to set up ssl for an intranet. There is no FQDN, just an IP address.
Is this possible?
I've create the certificate keys as X.X.X.X.key
instead of www.example.com.key
I'm able to run the startssl command (see below)
It asks for the pass phrase, and says it logs in, but the
error log (list
Trying to set up ssl for an intranet. There is no FQDN, just an IP address.
Is this possible?
I've create the certificate keys as X.X.X.X.key
instead of www.example.com.key
I'm able to run the startssl command (see below)
It asks for the pass phrase, and says it logs in, but the
error log (list
20 matches
Mail list logo
