Search Results

Search found 3673 results on 147 pages for 'pop3 ssl'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 11/147 | < Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >

  • nginx ssl redirect

    - by Lari13
    I have SSL-sertificate for www. mydomain.com How is the right config for nginx to get desired: SSL request without www (https://mydomain.com/somefile) will be redirected to https://www. mydomain.com/somefile This doesn't work, broser shows SSL-warning (wrong domain) :( server { listen 443 ssl; server_name mydomain.com; rewrite ^(.*) https://www.mydomain.com$1 permanent; ssl_certificate intermediate.crt; ssl_certificate_key www.mydomain.com.key; }

    Read the article

  • Django | Apache | Deploy website behind SSL

    - by planet260
    So here are my requirements. I have a website built in Django. I deployed it on Apache Ubuntu. Before there was no SSL involved so the deployment was pretty simple. But now the requirements are changed. Now I have to take a few actions like signup and login behind SSL and present the admin panel and other normally via HTTP. By following the this tutorial I have set-up Apache and SSL and generated certificates for SSL communication. But I am not sure how to proceed, ie. how to serve only a few of my actions through SSL. Below is my configuration. The normal actions are working fine but I don't know how to configure SSL calls. WSGIScriptAlias / /home/ubuntu/myproject/src/myproject/wsgi.py WSGIPythonPath /home/ubuntu/myproject/src <VirtualHost *:80> ServerName mydomain.com <Directory /home/ubuntu/myproject/src/myproject> <Files wsgi.py> order deny,allow Allow from all </Files> </Directory> Alias /static/admin/ "/home/ubuntu/myproject/src/static/admin/" <Directory "/home/ubuntu/myproject/src/static/admin/"> Order allow,deny Options Indexes Allow from all IndexOptions FancyIndexing </Directory> <Location "/login"> RewriteEngine on RewriteRule /admin(.*)$ https://mydomain.com/login$1 [L,R=301] </Location> </VirtualHost> <VirtualHost *:443> ServerName mydomain.com SSLEngine on SSLOptions +StrictRequire SSLCertificateFile /etc/apache2/ssl/apache.crt SSLCertificateKeyFile /etc/apache2/ssl/apache.key <Directory /home/ubuntu/myproject/src/myproject> <Files wsgi.py> order deny,allow Allow from all </Files> </Directory> Alias /static/admin/ "/home/ubuntu/myproject/src/static/admin/" <Directory "/home/ubuntu/myproject/src/static/admin/"> Order allow,deny Options Indexes Allow from all IndexOptions FancyIndexing </Directory> </VirtualHost> Can you please help me out on how to achieve this? What am I doing wrong? I have read a lot of tutorials but honestly I am not really good at configurations. Any help is appreciated.

    Read the article

  • Apache certificates for some urls not working

    - by Vegaasen
    We are having a rather strange problem with a Apache-installation. Here is a short summary: Currently I'm setting up Apache with https, and server-certificates. This is fairly easy and works straight out of the box - as expected. This is the configuration for this setup: Listen 443 SSLEngine on SSLCertificateFile "/progs/apache/ssl/example-site.no.pem" SSLCertificateKeyFile "/progs/apache/ssl/example-site.no.key" SSLCACertificateFile "/progs/apache/ssl/ca/example_root.pem" SSLCADNRequestFile "/progs/apache/ssl/ca/example_intermediate.pem" SSLVerifyClient none SSLVerifyDepth 3 SSLOptions +StdEnvVars +ExportCertData RequestHeader set ssl-ClientCert-Subject-CN "%{SSL_CLIENT_S_DN}s" RewriteEngine On ProxyPreserveHost On ProxyRequests On SSLProxyEngine On ... <LocationMatch /secureStuff/$> SSLVerifyClient require Order deny,allow Allow from All </LocationMatch> ... <Proxy balancer://exBalancer> Header add Set-Cookie "EX_ROUTE=EB.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED BalancerMember http://10.0.0.1:7200 route=ee1 retry=300 flushpackets=off keepalive=on BalancerMember http://10.0.0.2:7200 route=ee2 retry=300 flushpackets=off keepalive=on status=+H ProxySet stickysession=EX_ROUTE scolonpathdelim=Off timeout=10 nofailover=off failonstatus=505 maxattempts=1 lbmethod=bybusyness Order deny,allow Allow from all </Proxy> RewriteCond %{REQUEST_URI} !^/index.html [NC] RewriteRule ^/(.*)$ balancer://exBalancer/$1 [P,NC] ProxyPassReverse / balancer://exBalancer/ Header edit Set-Cookie "(.*)" "$1;HttpsOnly" ... So - everything works fine and as expected for all of the pages that are not a part of the LocationMatch-directive. When requesting something that matches the LocationMatch-directive, I'm asked for a certificate (hence the SSLVerifyClient required attribute) - and getting all the correct certificates in my browser that is based on the root/intermediate chain. After choosing a certificate and clicking "OK", this is what pops up in the apache logs: [ssl:info] [pid 9530:tid 25] [client :43357] AH01998: Connection closed to child 86 with abortive shutdown ( [Thu Oct 11 09:27:36.221876 2012] [ssl:debug] [pid 9530:tid 25] ssl_engine_io.c(1171): (70014)End of file found: [client 10.235.128.55:45846] AH02007: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!] And this just spams the logs. What is happening here? I can see this configuration working on my local machine, but not on one of our servers. There is no configration differences between the servers, only minor application-wise-changes. I've tried the following: 1) Removing CA-certificate-checking (works) 2) Adding required CA-certificate for the whole site (works) 3) Adding "SSLVerifyClient optional" does not work 4) ++ Server/Application Information Local: -OpenSSL v.1.0.1x -Apache 2.4.3 -Ubuntu -mpm: event -every configuration should be turned on (failing) server: -OpenSSL 0.9.8e -Apache 2.4.2 -SunOS -mpm: worker -every configuration should be turned on Please let me know if more information is needed, I'll provide it instantly. Brief sum-up: -Running apache 2.4 -Server certificates works just fine -Client certificates for some /Locations does not work, fails with errors PS: Could it be related with the OpenSSL version and the "Renegotiation" stuff related to TLS/SSLv3?

    Read the article

  • Can't send mail from Windows Phone (Postfix server)

    - by Dominic Williams
    Some background: I have a Dovecot/Postfix setup to handle email for a few domains. We have imap and smtp setup on various devices (Macs, iPhones, PCs, etc) and it works no problem. I've recently bought a Windows Phone and I'm trying to setup the mail account on there. I've got the imap part working great but for some reason it won't send mail. mail.log with debug_peer_list I've put this on pastebin because its quite long: http://pastebin.com/KdvMDxTL dovecot.log with verbose_ssl Apr 14 22:43:50 imap-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [109.151.23.129] Apr 14 22:43:50 imap-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [109.151.23.129] Apr 14 22:43:51 imap-login: Info: Login: user=<pixelfolio>, method=PLAIN, rip=109.151.23.129, lip=94.23.254.175, mpid=24390, TLS Apr 14 22:43:53 imap(pixelfolio): Info: Disconnected: Logged out bytes=9/331 Apr 14 22:43:53 imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [109.151.23.129] postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix debug_peer_list = 109.151.23.129 inet_interfaces = all mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 message_size_limit = 50240000 milter_default_action = accept milter_protocol = 2 mydestination = ks383809.kimsufi.com, localhost.kimsufi.com, localhost myhostname = ks383809.kimsufi.com mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname non_smtpd_milters = inet:127.0.0.1:8891,inet:localhost:8892 readme_directory = no recipient_delimiter = + smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_milters = inet:127.0.0.1:8891,inet:localhost:8892 smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes virtual_alias_domains = domz.co.uk ruck.in vjgary.co.uk scriptees.co.uk pixelfolio.co.uk filmtees.co.uk nbsbar.co.uk virtual_alias_maps = hash:/etc/postfix/alias_maps doveconf -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.38.2-grsec-xxxx-grs-ipv6-64 x86_64 Ubuntu 11.10 auth_mechanisms = plain login log_path = /var/log/dovecot.log mail_location = mbox:~/mail/:INBOX=/var/mail/%u passdb { driver = pam } protocols = imap service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { driver = passwd } verbose_ssl = yes Any suggestions or help greatly appreciated. I've been pulling my hair out with this for hours! EDIT This seems to be my exact problem, but I already have broken_sasl set to yes and the 'login' auth mechanism added? http://forums.gentoo.org/viewtopic-t-898610-start-0.html

    Read the article

  • wildcard ssl certificate - exchange 2010 - POP/IMAP problem

    - by Sise
    previously we have requested a wildcard ssl certificate from godaddy for our major domain. one of the reasons was the new established exchange server 2010. usually you require following names included in certificiate: FQDN (e.g. mail.whatever.com) Hostname (mail) Domain name (whatever.com) Autodiscover.whatever.com MX Record with the wildcard certificate these are all covered (except of the local hostname). During creation/importing of the ssl certificate into exchange 2010, exchange first asks, if a wildcard certificate is used and then encounters an error - due to the certificate is a wildcard certificate and not a certificate especially generated for the FQDN, SSL for POP and IMAP can not be provided. couldn't find any workaround or solution for this on google, so I hope, maybe some one here has an answer or solution for me! :) the exchange 2010 is running on a windows server 2008 R2 enterprise. thanks in advance and best regards, sise

    Read the article

  • How do I send email over SMTP with SSL using Java client?

    - by Ido
    I need to send email over smtp with ssl using java client. I'm not sure how to do that. If I have my server certificate installed on my Windows machine, how do I use it? If I want it to work on a non-Windows machine, do I need to get the certificates in a different way? BTW: If the SMTP server that I use is using SSL, can I be sure that it will send the mail to the recipient using SSL?

    Read the article

  • ISPConfig 3 SSL automatic rewrite

    - by lol
    I was wondering how you could get apache2 to redirect http://server.com:8080 to https://server.com:8080 - I have an ISPConfig 3 setup and the http://server.com:8080 virtual host currently prints a 400 back request error given that I've tried adding RewriteEngine on RewriteCond %{HTTPS} !^on$ [NC] RewriteRule . https://%{HTTP_HOST}:8080%{REQUEST_URI} [L] to the ispconfig.vhost file (and reloading the conf) with no success --edit!-- I've been playing around with it and adding an 'always redirect to google' into the ispconfig vhost and it works once you've already started talking ssl to it. this means the non-ssl connections are getting 'bad request errors' before the vhost is loaded... but where...? --edit 2!-- nope, the ssl is handled exclusively by the virtual host - if I turn off the ssl engine then the rewriting works perfectly (but obviously there is no ssl at https://) thanks!

    Read the article

  • ssl between balancer members?

    - by jemminger
    I have apache running on one machine as a load balancer: <VirtualHost *:443> ServerName ssl.example.com DocumentRoot /home/example/public SSLEngine on SSLCertificateFile /etc/pki/tls/certs/example.crt SSLCertificateKeyFile /etc/pki/tls/private/example.key <Proxy balancer://myappcluster> BalancerMember http://app1.example.com:12345 route=app1 BalancerMember http://app2.example.com:12345 route=app2 </Proxy> ProxyPass / balancer://myappcluster/ stickysession=_myapp_session ProxyPassReverse / balancer://myappcluster/ </VirtualHost> Note that the balancer takes requests under SSL port 443, but then communicates to the balancer members on a non-ssl port. Is it possible to have the forwarding to the balancer members be under SSL too? If so, is this the best/recommended way? If so, do I have to have another SSL cert for each balancer member? Does the SSLProxyEngine directive have anything to do with this?

    Read the article

  • Dedicated IP for SSL

    - by MotionGrafika
    I'll be needing a Dedicated IP & SSL for a website. I've noticed that SSL will work for either www or canonical name - but not both. So does mean that Dedicated IP would be set to only one of them ? If I set SSL for www then if a user goes to a URL manually without the www it would show invalid certificate - how do I bypass this ? mod_rewrite in htaccess ? IF I need SSL for a subdomain, thats another SSL Certificate & Dedicated IP to purchase ?

    Read the article

  • How to disable Apache http compression (mod_deflate) when SSL stream is compressed

    - by Mohammad Ali
    I found that Goggle Chrome supports ssl compression and Firefox should support it soon. I'm trying to configure Apache to to disable http compression if the ssl compression is used to prevent CPU overhead with the configuration option: SetEnvIf SSL_COMPRESS_METHOD DEFLATE no-gzip While the custom log (using %{SSL_COMPRESS_METHOD}x) shows that the ssl layer compression method is DEFLATE, the above option did not work and the http response content is still being compressed by Apache. I had to use the option: BrowserMatchNoCase ".Chrome." no-gzip' I prefer if there are more general method in case other browsers supports ssl compression or some has a version of chrome that does not have ssl compression.

    Read the article

  • Test tomcat for ssl renegotiation vulnerability

    - by Jim
    How can I test if my server is vulnerable for SSL renegotiation? I tried the following (using OpenSSL 0.9.8j-fips 07 Jan 2009: openssl s_client -connect 10.2.10.54:443 I see it connects, it brings the certificate chain, it shows the server certificate, and last: SSL handshake has read 2275 bytes and written 465 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: 50B4839724D2A1E7C515EB056FF4C0E57211B1D35253412053534C4A20202020 Session-ID-ctx: Master-Key: 7BC673D771D05599272E120D66477D44A2AF4CC83490CB3FDDCF62CB3FE67ECD051D6A3E9F143AE7C1BA39D0BF3510D4 Key-Arg : None Start Time: 1354008417 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) What does Secure Renegotiation IS supported mean? That SSL renegotiation is allowed? Then I did but did not get an exception or get the certificate again: verify error:num=20:unable to get local issuer certificate verify return:1 verify error:num=27:certificate not trusted verify return:1 verify error:num=21:unable to verify the first certificate verify return:1 HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Type: text/html;charset=ISO-8859-1 Content-Length: 174 Date: Tue, 27 Nov 2012 09:13:14 GMT Connection: close So is the server vulnerable to SSL renegotiation or not?

    Read the article

  • Multiple subdomains, SSL on only one using port 80

    - by Emil Flink
    I am running a Apache2 server with three subdomains defined in separate files in /etc/apache2/sites-available I need ONE of those subdomains to be SSL-secured on port 80 for an application to work. Port 80 is required due to circumstances out of my control. The other subdomains are also on port 80. Now, when all subdomains are enabled in Apache the SSL-subdomain is NOT running SSL. If I disable the other subdomains SSL on the SSL-subdomain WORKS. Is there a way to fix this?

    Read the article

  • HAProxy and Intermediate SSL Certificate Issue

    - by Sam K
    We are currently experiencing an issue with verifying a Comodo SSL certificate on an Ubuntu AWS cluster. Browsers are displaying the site/content fine and showing all the relevant certificate information (at least, all the ones we've checked), but certain network proxies and the online SSL checkers are showing we have an incomplete chain. We have tried the following to try to resolve this: Upgraded haproxy to the latest 1.5.3 Created a concatenated ".pem" file containing all the certificate (site, intermediate, w/ and w/out root) Added an explicit "ca-file" attribute to the "bind" line in our haproxy.cfg file. The ".pem" file verifies OK using openssl. The various intermediate and root certificates are installed and showing in /etc/ssl/certs. But the checks still come back with an incomplete chain. Can anyone advise about anything else we can check or any other changes we can make to try to fix this? Many thanks in advance... UPDATE: The only relevant line from the haproxy.cfg (I believe), is this one: bind *:443 ssl crt /etc/ssl/domainaname.com.pem

    Read the article

  • SSL 3.0 warning in Chrome on Ubuntu 10.04LTS

    - by Leopd
    I'm running Apache2 with SSL on Ubuntu 10.04LTS. Chrome gives me this annoying warning when I inspect the certificate: The connection had to be retried using SSL 3.0. This typically means that the server is using very old software and may have other security issues. The relevant part of the apache config looks like: SSLEngine on SSLCertificateFile /etc/ssl/... SSLCertificateKeyFile /etc/ssl/... SSLCACertificateFile /etc/ssl/... SSLProtocol -all +SSLv3 +TLSv1 The last line I added to try to address this problem, but it's not working. Any advice on properly enabling TLS?

    Read the article

  • why Apache with ssl but back end weblogic without ssl works?

    - by huangli
        Hello everyone. my question is very simple . The link below is a picture about my architecture. https://docs.google.com/open?id=0BxSXbpgYIZVOR212RVk4ZDN1Sm8.      The pic above shows the architecture right now and it works correctly ! which means I could visit apache with url https//apchehost:8080, could not visit the web app with https served by weblogic but I could visit these app with https served by Apache(Apache is proxy server).      My question is why the Apache is configured with ssl but weblogic without ssl works ? I think weblogic should also configured with ssl . If this works , what about security level ? Is the ssl really works if only Apache configured with ssl but Weblogic without it ? Thanks . condition: Apache 2.2.17 with weblogic module mod_wl_22.so Weblogic: 10.3 OS: Windows server 2003

    Read the article

  • Free POP3 .NET library?

    - by Shawn Simon
    Looking for a POP3 Client for .NET that basically just lets me log into a server and grab all the emails out, and maybe send some. I grabbed Indy.Sockets off of CodePlex and got it running but its throwing errors trying to decode the mail headers. Really anything is fine if it works.

    Read the article

  • Pop3 to SMTP message custom forwarder in C#

    - by Troy
    I'd like to write a service that periodically checks a POP3 account for new messages and based on custom business logic forwards the messages to an appropriate "To", and possibly changes the "From" as well. I might need to keep some messages on the server until certain conditions are ready for them to be forwarded. I found a sample using Chilkat .NET components that might work: http://www.example-code.com/csharp/pop3_forwarder.asp My question is: Are there any other examples of this in the .NET space using any other components? Thanks!

    Read the article

  • Automatically check bounced emails via POP3 ?

    - by Johannes
    Hi all, Can anyone recommend software or even a .net library to develop software, that will check for bounced emails and the reason for the bounce? I get bounced emails into a pop3 account that I can read then... I need it to keep my user database clean from invalid email addresses and want to automate this (mark user as invalid email). Thanks

    Read the article

  • Reading Email using Pop3 in C#

    - by Eldila
    I am looking for a method of reading emails using Pop3 in C# 2.0. Currently, I am using code found in CodeProject. However, this solution is less than ideal. The biggest problem is that it doesn't support emails written in unicode.

    Read the article

  • Question about POP3 message termination octet

    - by user361633
    This is from the POP3 RFC. "Responses to certain commands are multi-line. In these cases, which are clearly indicated below, after sending the first line of the response and a CRLF, any additional lines are sent, each terminated by a CRLF pair. When all lines of the response have been sent, a final line is sent, consisting of a termination octet (decimal code 046, ".") and a CRLF pair. If any line of the multi-line response begins with the termination octet, the line is "byte-stuffed" by pre-pending the termination octet to that line of the response. Hence a multi-line response is terminated with the five octets "CRLF.CRLF". When examining a multi-line response, the client checks to see if the line begins with the termination octet. If so and if octets other than CRLF follow, the first octet of the line (the termination octet) is stripped away. If so and if CRLF immediately follows the termination character, then the response from the POP server is ended and the line containing ".CRLF" is not considered part of the multi-line response." Well, i have problem with this, for example gmail sometimes sends the termination octet and then in the NEXT LINE sends the CRLF pair. For example: "+OK blah blah" "blah blah." "\r\n" That's very rare, but it happens sometimes, so obviously i'm unable to determine the end of the message in such case, because i'm expecting a line that consists of '.\r\n'. Seriously, is Gmail violating the POP3 protocol or i'm doing something wrong? Also i have a second question, english is not my first language so i cannot understand that completely: "If any line of the multi-line response begins with the termination octet, the line is "byte-stuffed" by pre-pending the termination octet to that line of the response. Hence a multi-line response is terminated with the five octets "CRLF.CRLF"." When exactly CRLF.CRLF is used? Can someone gives me a simple example? The rfc says that is used when any line of the response begins with the termination octet. But i don't see any lines that starts with '.' in the messages that are terminated with CRLF.CRLF. I checked that. Maybe i don't understand something, that's why i'm asking.

    Read the article

  • POP3 Transmission Process

    - by j-t-s
    Hi All I was wondering if anyone could help me out (not with code, although that would be appreciated), with the logic behind checking and retrieving messages from a POP3 mail server. I.e. Establish connection Validate credentials Enumerate message list Check each message to see if it's "new" Download "new" message(s). Would this be the correct way about doing this? Thank you

    Read the article

  • pop3 multiline problem

    - by stupid_idiot
    hi everyone, i'm making a client for pop3 and somehow i can't figure out how to handle multiline responses. There is no difference in the first response from server whether it is single or multiline, it always ends with CRLF (considering the usual case) so how do I do I know if I should call recv() once more?

    Read the article

  • apache Client Certificate Authentication errors: Certificate Verification: Error (18): self signed certificate

    - by decoy
    So I have been following instructions on setting up Client Certificate Authentication in Apache2 w/ mod_ssl. This is solely for the purpose of testing an application against CAA, not for any sort of production use. So far I've followed http://www.impetus.us/~rjmooney/projects/misc/clientcertauth.html for advice on generating my CA, server, and client encryption information. I've put all three of them into /etc/ssl/ca/private. I've setup the following additional directives in my default_ssl site file: <IfModule mod_ssl.c> <VirtualHost _default_:443> ... SSLEngine on SSLCertificateFile /etc/ssl/ca/private/server.crt SSLCertificateKeyFile /etc/ssl/ca/private/server.key SSLVerifyClient require SSLVerifyDepth 2 SSLCACertificatePath /etc/ssl/ca/private SSLCACertificateFile /etc/ssl/ca/private/ca.crt <Location /> SSLRequireSSL SSLVerifyClient require SSLVerifyDepth 2 </Location> <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> ... </VirtualHost> </IfModule> I've install the p12 file into Chrome, but when I go to visit https://localhost, I get the following errors Chrome: Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error. Apache: Certificate Verification: Error (18): self signed certificate If I had to guess, one of my directives is not setup right to load and verify the p12 w/ my self created CA. But I can't for the life of me figure out what it is. Would anyone have more experience here who could point me in the right direction?

    Read the article

  • Apache wont start after attempting to install SSL

    - by yummm
    Below is what my VirtualHosts look like in httpd.conf <VirtualHost *:80> # Admin email, Server Name (domain name) and any aliases ServerAdmin [email protected] ServerName mydomain.com ServerAlias www.mydomain.com # Index file and Document Root (where the public files are located) DirectoryIndex index.php DocumentRoot /home/mydomain/public_html/mydomain.com/public # Custom log file locations LogLevel warn ErrorLog /home/mydomain/public_html/mydomain.com/log/error.log CustomLog /home/mydomain/public_html/mydomain.com/log/access.log combined </VirtualHost> <VirtualHost *:443> SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/mydomain.com.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/mydomain.com.key ServerName mydomain.com DirectoryIndex index.php DocumentRoot /home/mydomain/public_html/mydomain.com/public </VirtualHost> I'm using the latest version of Apache on CentOS and there isn't any error being generated. Apache just will not start. Any ideas what I'm doing wrong? UPDATE - Found these messages in the error log: [Tue Mar 16 02:07:57 2010] [error] Init: Private key not found [Tue Mar 16 02:07:57 2010] [error] SSL Library Error: 218710120 error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag [Tue Mar 16 02:07:57 2010] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Tue Mar 16 02:07:57 2010] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error [Tue Mar 16 02:07:57 2010] [error] SSL Library Error: 218734605 error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >