mod-ssl

ssl_error_rx_record_too_long and Apache SSL

I've got a customer trying to access one of my sites, and they keep getting this error > ssl_error_rx_record_too_long They're getting this error on all browsers, all platforms. I can't reproduce the problem at all. My server and myself are located in the USA, the customer is located in India. I googled on the problem, and the main sou...

DOD Common Access Card (CAC) Authentication

I have figured out all the necessary steps to get DOD CAC card based client certificate authentication working in Apache, but am now struggling to pull a good GUID for the user from the certificate I am receiving. Is there a GUID available on the certificate that will not change when the CAC card is renewed? I was thinking of using the...

Dazed and confused about configuring Apache with SSL support.

Hello everyone, I've spent a few hours trying to configure my Apache server to use SSL with no public IP, just localhost. I've created the certificate OK, I think (it has been like a crash course on black magic for me), and when I try tro access https://localhost, the browser says "Connected to localhost..." on the status line but just ...

OpenSSL error preventing Apache2.2 startup on win32

So I go to start my Apache2.2 service, which uses mod_ssl, from the command line with "-k start -e debug". It shows all the modules loading, waits a second or two, then returns me to the command prompt without error. The service, however, is no longer running. In the error log, there's this text: Starting the Apache2.2-ssl service Th...

PHP does not work over ssl connections

Hi, I just got my ssl certificate to work for the first time. For some reason when I connect to my website using https my browser tries to download the php file. I have the following line in my httpd.conf. Isn't this the line which makes sure php files are run using php? AddType application/x-httpd-php .php What else do I need to ch...

Does mod_ssl 2.8.31 work with Apache 2.2?

Hi experts, I'm trying to setup a mod_ssl - Apache server for authentication purpose. I just downloaded the latest mod_ssl package (2.8.31) and the CHANGE document says it's only been upgraded to Apache 1.3.41. However, 1.3.x is no longer maintained. Should I stick with the older version of the Apache just because mod_ssl said so or s...

'undefined symbol: SSL_get_servername' message when starting Apache Web Server

Hi: I installed httpd-2.2.16 and openssl-1.0.0 on Red Hat Linux 5: when starting the Apache a 'undefined symbol: SSL_get_servername' message is generated on the command line. Listed below are the parameters used for the Apache installation (section A) and the generated error message when Apache is started (SECTION B). Can anyone point...

Sanity Check - Should my Public AMIs for EC2 generate new Apache SSL Certs on First Boot?

I want to offer ready-to-deploy Public Ubuntu Lucid AMIs on Amazon Web Services EC2. As these AMIs use open-source web apps, I want to pre-configure apache mod_ssl and force all traffic over https. That's easy enough. I'm interested in a sanity check: just how insecure would it be to deploy without a first run script that generates a n...

Current version of "Using mod_ssl on Mac OS X" documentation?

I'm fairly new to Mac I want to enable SSL on my Mac (10.6.4) for some local development. In searching for an answer, I ran across Using mod_ssl on Mac OS X. However, this Apple developer support document looked out of date. In further searching, I ran across Configuring mod_ssl on Mac OS Snow Leopard which basically asked the same qu...

Setting an apache reverse proxy as a gateway between client cert authentication (mod_ssl) and basic authentication for backend server

Hi, I have a backend server that expects a Basic HTTP Authentication. I can't touch this server and its authentication mode. But, I'd like to replace this authentication by a client certificate on a reverse proxy in front of this server. This would make something like this : User --(ssl auth)--> ReverseProxy ---(Basic Auth with login)...

Apache ssl-enabled vhost returns random 400 bad request

I've setup two local vhosts (http and self-signed https) for billing.example.com and trying them in firefox with firebug. Http vhost only purpose is redirecting all requests to https. Almost each time I request page from https, one or two files with associated resources (images, js, css, etc...) and sometimes php page itself return 400 ...