You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Ramon Fernandez <ra...@gmail.com> on 2006/06/05 19:58:02 UTC
[users@httpd] SSL simple question
Hello,
I'm trying to have a secure web login implemented with php and mysql. If I
want to be the CA, I have to import to all the clients the certificate that
I created?
If I choose a CA like Verisign, I will have to import anything? I'd like to
have a secure SSL site without pay anything .... is it possible?
thanks
Re: [users@httpd] VirtualHost
Posted by "William A. Rowe, Jr." <wr...@rowe-clan.net>.
Charlie Moher wrote:
> Please remove me from your mailing list immediately. Thank you.
Please follow the directions to remove yourself.
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] VirtualHost
Posted by Charlie Moher <cm...@hotmail.com>.
Please remove me from your mailing list immediately. Thank you.
>From: "Bill Angus" <md...@psychtest.com>
>Reply-To: users@httpd.apache.org
>To: <us...@httpd.apache.org>
>Subject: Re: [users@httpd] VirtualHost
>Date: Mon, 5 Jun 2006 12:54:21 -0700
>
>Even with the latest version of Apache SSL service (i.e. on port 443) and
>name-based-virtual-hosting, do not co-exist. At least not in the Windows 2k
>environment we have. Since you can have either name-based hosting on port
>80 - or an SSL server.... one solution is to establish 2 apache instances
>(one serving name-based hosting on port 80, the other serving SSL on port
>443).
>
>----- Original Message -----
> From: Marcos R. Cardoso
> To: users@httpd.apache.org
> Sent: Monday, June 05, 2006 12:33 PM
> Subject: [users@httpd] VirtualHost
>
>
> Somehow I'm not managing to make my Apache 2.0.54 work with OpenSSL
> 0.9.8b in a Win 2003 Server 100% correctly.
>
> If I include the VirtualHost directive in the http.conf the Apache
> doesn't start and Windows Events List gives me the following message:
> [warn] VirtualHost myDomain:443 overlaps with VirtualHost myDomain:443,
> the first has precedence, perhaps you need a NameVirtualHost directive
>
> But if I use the NameVirtualHost directive (like "NameVirtualHost
> myDomain" or "NameVirtualHost myDomain:443"), Apache keep on not
> starting and the Events List gives me the message that "It's usually
> allowed socket address only once" (I can't put the original message
> since it's in Portuguse, so it's barely translated to English).
>
> But the interesting part is that, even not using a virtual host, Apache
> starts normally and I can use https connection using the certificates
> that I generated temporarily, eve if it's not specified in the
> http.conf. I don't know if my Web Server is working in a proper way, so
> I would like some help on it.
>
>
> TIA,
>
> --
> Marcos R. Cardoso
> Seзгo de Processamento Tйcnico e Automaзгo
> Sistema Integrado de Bibliotecas
> FURB - Blumenau
> (047) 3321-0660
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
>Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
_________________________________________________________________
Don't just Search. Find! http://search.sympatico.msn.ca/default.aspx The new
MSN Search! Check it out!
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] VirtualHost
Posted by Bill Angus <md...@psychtest.com>.
Even with the latest version of Apache SSL service (i.e. on port 443) and name-based-virtual-hosting, do not co-exist. At least not in the Windows 2k environment we have. Since you can have either name-based hosting on port 80 - or an SSL server.... one solution is to establish 2 apache instances (one serving name-based hosting on port 80, the other serving SSL on port 443).
----- Original Message -----
From: Marcos R. Cardoso
To: users@httpd.apache.org
Sent: Monday, June 05, 2006 12:33 PM
Subject: [users@httpd] VirtualHost
Somehow I'm not managing to make my Apache 2.0.54 work with OpenSSL
0.9.8b in a Win 2003 Server 100% correctly.
If I include the VirtualHost directive in the http.conf the Apache
doesn't start and Windows Events List gives me the following message:
[warn] VirtualHost myDomain:443 overlaps with VirtualHost myDomain:443,
the first has precedence, perhaps you need a NameVirtualHost directive
But if I use the NameVirtualHost directive (like "NameVirtualHost
myDomain" or "NameVirtualHost myDomain:443"), Apache keep on not
starting and the Events List gives me the message that "It's usually
allowed socket address only once" (I can't put the original message
since it's in Portuguse, so it's barely translated to English).
But the interesting part is that, even not using a virtual host, Apache
starts normally and I can use https connection using the certificates
that I generated temporarily, eve if it's not specified in the
http.conf. I don't know if my Web Server is working in a proper way, so
I would like some help on it.
TIA,
--
Marcos R. Cardoso
Seção de Processamento Técnico e Automação
Sistema Integrado de Bibliotecas
FURB - Blumenau
(047) 3321-0660
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] VirtualHost
Posted by "Marcos R. Cardoso" <mc...@furb.br>.
Somehow I'm not managing to make my Apache 2.0.54 work with OpenSSL
0.9.8b in a Win 2003 Server 100% correctly.
If I include the VirtualHost directive in the http.conf the Apache
doesn't start and Windows Events List gives me the following message:
[warn] VirtualHost myDomain:443 overlaps with VirtualHost myDomain:443,
the first has precedence, perhaps you need a NameVirtualHost directive
But if I use the NameVirtualHost directive (like "NameVirtualHost
myDomain" or "NameVirtualHost myDomain:443"), Apache keep on not
starting and the Events List gives me the message that "It's usually
allowed socket address only once" (I can't put the original message
since it's in Portuguse, so it's barely translated to English).
But the interesting part is that, even not using a virtual host, Apache
starts normally and I can use https connection using the certificates
that I generated temporarily, eve if it's not specified in the
http.conf. I don't know if my Web Server is working in a proper way, so
I would like some help on it.
TIA,
--
Marcos R. Cardoso
Seção de Processamento Técnico e Automação
Sistema Integrado de Bibliotecas
FURB - Blumenau
(047) 3321-0660
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] SSL simple question
Posted by JP <jp...@tulane.edu>.
...
> > If I choose a CA like Verisign, I will have to import anything? I'd
> > like to have a secure SSL site without pay anything .... is it possible?
...
Hey. If you're working at a university, specifically, using a .edu domain,
you can use this service http://certs.ipsca.com/ to get them for free. I
believe the root cert for this CA is included in many distributed browsers
like IE, etc., but you'll want to verify this. That is, you won't need to
install their root cert in your clients. Otherwise, look up one of the
tutorials the other fellow mentioned. I use openssl. I haven't tried it,
but you could distribute your root cert via a webpage to make it really
easy. With IE, you just click a link and it will install itself I think.
Test that out to make sure. In the end, though, being your own CA is best
for intranet types of apps, not internet - but that's your call.
Good luck,
JP
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] SSL simple question
Posted by Jason Gerfen <ja...@scl.utah.edu>.
Ramon Fernandez wrote:
> Hello,
> I'm trying to have a secure web login implemented with php and mysql.
> If I want to be the CA, I have to import to all the clients the
> certificate that I created?
> If I choose a CA like Verisign, I will have to import anything? I'd
> like to have a secure SSL site without pay anything .... is it possible?
> thanks
Yes it is possible, you would need to generate your own public and
private certificates. There are a ton of tutorials via google on this.
--
Jas
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org