You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by "Jens-U. Mozdzen" <jm...@nde.ag> on 2013/03/03 23:36:26 UTC

Re: [users@httpd] SSL session problem

Zitat von Jens-Uwe Mozdzen <jm...@nde.ag>:
> Zitat von "Jens-U. Mozdzen" <jm...@nde.ag>:
>> Hi list,
>>
>> I could use a helping hand with a SSL problem.
> [...]

Anything I should do differently to get at least an ack from this  
list? Or is there some other, more appropriate list? I'd then be  
grateful for some pointer...

Regards,
Jens


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] SSL session problem

Posted by Jens-Uwe Mozdzen <jm...@nde.ag>.

Hi Tom,

Zitat von Tom Evans <te...@googlemail.com>:
> On Sun, Mar 3, 2013 at 10:36 PM, Jens-U. Mozdzen <jm...@nde.ag> wrote:
>> Zitat von Jens-Uwe Mozdzen <jm...@nde.ag>:
>>>
>>> Zitat von "Jens-U. Mozdzen" <jm...@nde.ag>:
>>>>
>>>> Hi list,
>>>>
>>>> I could use a helping hand with a SSL problem.
>>>
>>> [...]
>>
>>
>> Anything I should do differently to get at least an ack from this list? Or
>> is there some other, more appropriate list? I'd then be grateful for some
>> pointer...
>>
>
> ack. This is the appropriate list, but I haven't a clue about your
> in-depth SSL issue.

thank you for the response :)

> [...]
> If it doesn't, at least you can tell the list a stock apache and stock
> SSL experienced this error, which may be more enticing than having to
> setup a vendor's old stack to find (potentially) old bugs.

As I was able to show that a current Apache/openssl combo works, I'm  
taking this to the vendor support channels to get resolved.

As this is a rather complicated issue indeed, in a code area which had  
stirred some dust earlier and the SuSE server is rather common, I  
wanted to get a first opinion from the list. Now that I have, I know  
whom to bug ;)

With regards,
Jens
-- 
Jens-U. Mozdzen                         voice   : +49-40-559 51 75
NDE Netzdesign und -entwicklung AG      fax     : +49-40-559 51 77
Postfach 61 03 15                       mobile  : +49-179-4 98 21 98
D-22423 Hamburg                         e-mail  : jmozdzen@nde.ag

         Vorsitzende des Aufsichtsrates: Angelika Mozdzen
           Sitz und Registergericht: Hamburg, HRB 90934
                   Vorstand: Jens-U. Mozdzen
                    USt-IdNr. DE 814 013 983


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] SSL session problem

Posted by Tom Evans <te...@googlemail.com>.

On Sun, Mar 3, 2013 at 10:36 PM, Jens-U. Mozdzen <jm...@nde.ag> wrote:
> Zitat von Jens-Uwe Mozdzen <jm...@nde.ag>:
>>
>> Zitat von "Jens-U. Mozdzen" <jm...@nde.ag>:
>>>
>>> Hi list,
>>>
>>> I could use a helping hand with a SSL problem.
>>
>> [...]
>
>
> Anything I should do differently to get at least an ack from this list? Or
> is there some other, more appropriate list? I'd then be grateful for some
> pointer...
>

ack. This is the appropriate list, but I haven't a clue about your
in-depth SSL issue.

> It's about a web mail site (running Horde5 on SLES11SP2 with latest Novell updates, that's i.e. apache2-2.2.12-1.10.1 and openssl-0.9.8j-0.44.1)

So, big companies love to stick on various versions of open source
software. They may even go back and fold security fixes in to these
older versions, but they are unlikely to fold new features or bug
fixes back in.

The very first thing that you should do is to uninstall those
versions, install the latest versions of apache 2.2, and your choice
of latest SSL version - either 0.9.8y or 1.0.1e, not some arbitrary
choice - and see if that does fix your problem. If it does, go back to
Novell and tell them.

If it doesn't, at least you can tell the list a stock apache and stock
SSL experienced this error, which may be more enticing than having to
setup a vendor's old stack to find (potentially) old bugs.

Cheers

Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org