[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-developers] RE: SSL For Entire Server: SOLVED.
- Subject: RE: [cobalt-developers] RE: SSL For Entire Server: SOLVED.
- From: BlakeWebster <blake@xxxxxxxxxxxxxxxxxxx>
- Date: Tue Apr 18 18:09:23 2000
Hello:
Where do I get the 128-bit upgrade?
At the Cobalt Knowledge Base?
Thanks for your help Tony.
Blake
At 07:15 PM 4/18/00 -0500, you wrote:
>Blake,
>
>Before doing any of that, install the 128-bit SSL upgrade.
>If you already have try rebooting. Make sure you close your browser and
>reopen when testing.
>
>Tony
>
>> -----Original Message-----
>> From: cobalt-developers-admin@xxxxxxxxxxxxxxx
>> [mailto:cobalt-developers-admin@xxxxxxxxxxxxxxx]On Behalf Of
>> BlakeWebster
>> Sent: Tuesday, April 18, 2000 7:01 PM
>> To: cobalt-developers@xxxxxxxxxxxxxxx
>> Subject: Re: [cobalt-developers] RE: SSL For Entire Server: SOLVED.
>>
>>
>> Hello:
>> Will this coding work with the Thawte certificate?
>> With Thawte there is no cacert directory.
>>
>> Thanks.
>> Blake Webster
>>
>>
>>
>>
>>
>> At 12:04 PM 4/18/00 -0500, you wrote:
>> >Upgraded the Raq3i SSL to 128 with the 1.0 update pkg.
>> >
>> >In httpd.conf: (in the '# Hardcoded, issues with mod_perl and
>> cobalt modules
>> >section')
>> >
>> >Add $PerlConfig .= "SSLCACertificateFile
>> /home/sites/$group/certs/cacert\n";
>> >to the top section
>> >and
>> >$PerlConfig .= "SSLCACertificateFile /home/sites/home/certs/cacert\n"; to
>> >the bottom part.
>> >
>> >'cacert' is the SECOND certificate that Equifax issues. The
>> virtual site's
>> >SSL works fine now with
>> >no browser warnings.
>> >
>> >Equifax has a real deal going on now...their certs are $45 until
>> May 15. I
>> >got same day delivery yesterday.
>> >
>> >http://www.equifaxsecure.com/ebusinessid/index.html
>> >
>> >Tony
>> >
>> >> -----Original Message-----
>> >> From: cobalt-developers-admin@xxxxxxxxxxxxxxx
>> >> [mailto:cobalt-developers-admin@xxxxxxxxxxxxxxx]On Behalf Of Tony
>> >> Sent: Tuesday, April 18, 2000 11:01 AM
>> >> To: cobalt-developers@xxxxxxxxxxxxxxx
>> >> Cc: Cobalt-Users@List. Cobalt. Com
>> >> Subject: RE: [cobalt-developers] SSL For Entire Server
>> >>
>> >>
>> >> Almost the same problem here but working with Equifax certs.
>> >> Equifax issues TWO certs, one for the domain and a
>> SSLCACertificateFile.
>> >> Seems they use Thawte as their CA...anyway it seems that Cobalt did not
>> >> allow for a SSLCA cert path in their rewrite rules
>> >> in the httpd.conf section:
>> >>
>> >> # Hardcoded, issues with mod_perl and cobalt modules.
>> >> if (/^<\/Virtual/ and (-f "/etc/httpd/ssl/$group")) {
>> >> $ret = ssl_cert_check("/home/sites/$group/certs/");
>> >> if ($ret=~/^2/o) {
>> >> $PerlConfig .= "Listen $ip:443\n";
>> >> $PerlConfig .= "<VirtualHost $ip:443>\n";
>> >> $PerlConfig .= "SSLengine on\n";
>> >> $PerlConfig .= "SSLCertificateFile
>> >> /home/sites/$group/certs/certificate\n";
>> >> $PerlConfig .= "SSLCertificateKeyFile
>> >> /home/sites/$group/certs/key\n";
>> >> $PerlConfig .= join('', @ssl_conf);
>> >> } elsif (ssl_cert_check("/home/sites/home/certs/")
>> =~ /^2/ ) {
>> >> $PerlConfig .= "Listen $ip:443\n";
>> >> $PerlConfig .= "<VirtualHost $ip:443>\n";
>> >> $PerlConfig .= "SSLengine on\n";
>> >> $PerlConfig .= "SSLCertificateFile
>> >> /home/sites/home/certs/certificate\n";
>> >> $PerlConfig .= "SSLCertificateKeyFile
>> >> /home/sites/home/certs/key\n";
>> >> $PerlConfig .= join('', @ssl_conf);
>> >> } else {
>> >> print STDERR "Site $group has invalid
>> >> certificate: $ret\n";
>> >>
>> >> Deleting the main sites self-signed cert doesnt have any
>> effect. The virt
>> >> site's cert is successfully installed but when browsing to
>> that site via
>> >> https it picks up the main site's self-signed cert.
>> >> Can a
>> >> 'SSLCACertificateFile conf/ssl.crt/company-ca.crt' directive be
>> >> included in
>> >> the above code? I think that would
>> >> solve the problem.
>> >>
>> >> Nothing at http://www.modssl.org/docs/2.5/ssl_howto.html seems
>> to remotely
>> >> match what Cobalt did with SSL.
>> >>
>> >> Tony
>> >>
>> >
>> >
>> >_______________________________________________
>> >cobalt-developers mailing list
>>
>> >cobalt-developers@xxxxxxxxxxxxxxx
>> >http://list.cobalt.com/mailman/listinfo/cobalt-developers
>> >
>> ********************************************
>> Media Design Services
>> P.O. Box 3153
>> Santa Rosa, CA 95402
>> Phone: 707-575-1640
>> Fax: 707-578-3171
>> www.mediadesign-mds.com
>>
>> WebcamSearch.com
>> www.webcamsearch.com
>>
>> Northern California Tennis Connection
>> www.norcaltennis.com
>> *********************************************
>>
>> _______________________________________________
>> cobalt-developers mailing list
>> cobalt-developers@xxxxxxxxxxxxxxx
>> http://list.cobalt.com/mailman/listinfo/cobalt-developers
>>
>
>
>_______________________________________________
>cobalt-developers mailing list
>cobalt-developers@xxxxxxxxxxxxxxx
>http://list.cobalt.com/mailman/listinfo/cobalt-developers
>
********************************************
Media Design Services
P.O. Box 3153
Santa Rosa, CA 95402
Phone: 707-575-1640
Fax: 707-578-3171
www.mediadesign-mds.com
WebcamSearch.com
www.webcamsearch.com
Northern California Tennis Connection
www.norcaltennis.com
*********************************************