Re: HTTPS Problem

From: Martin v. Löwis <martin_at_v.loewis.de>
Date: 2003-06-21 20:55:20 CEST

Geoff Beaumont <geoffbeaumont@stormhammer.com> writes:

> > Yes. In my case, I found that the installation of the CA certificates
> > was incorrect. Apache would first not read them, and then fail to
> > verify them as I had to set the verify depth to 2.
>
> What depth should be set then? I don't appear to have it set explicitly.

It depends on how many steps there are to your root CA.

> printenv doesn't appear to tell me anything about the certificates - output
> from Mozilla with HTTPS/Basic Auth at end of mail.

You don't have an encrypted connection. If you had one, there would be

SSL_SERVER_I_DN
SSL_SERVER_S_DN
SSL_CIPHER
SSL_SESSION_ID

Did you generate a server certificate? How exactly did you install
that? If you '/etc/init.d/httpd stop', then 'httpd -DSSL', does this
show any error messages? Do you see any errors about the certificates
in the log files?

Do the browsers ask you to accept the certificate, just as they ask
you when you connect to https://www.dcl.hpi.uni-potsdam.de?

Regards,
Martin

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Jun 21 20:56:26 2003

This message: [ Message body ]
Next message: Martin v. Löwis: "Re: how to add a new CA certificates permanently?"
Previous message: Gilbert Fine: "how to add a new CA certificates permanently?"
In reply to: Geoff Beaumont: "Re: HTTPS Problem"
Next in thread: Geoff Beaumont: "Re: HTTPS Problem"
Reply: Geoff Beaumont: "Re: HTTPS Problem"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]