Custom Query (16 matches)
Results (1 - 3 of 16)
Ticket | Resolution | Summary | Owner | Reporter |
---|---|---|---|---|
#5 | fixed | Client-side certificates not recognzied | ||
Description |
imported from mantis, at 2011-10-02 macrotex wrote: I have this configuration in Apache: <VirtualHost example.com:443> GnuTLSEnable On GnuTLSPriorities NORMAL:!DHE-RSA:!DHE-DSS:!AES-256-CBC:%COMPAT GnuTLSCertificateFile /etc/ssl/certs/mdm-dev1-gnutls.pem GnuTLSKeyFile /etc/ssl/private/myserver-dev1.key # Client certs CA chain GnuTLSClientCAFile /etc/ssl/certs/ca-chain.pem GnuTLSExportCertificates On GnuTLSClientVerify ignore <LocationMatch /device.*/checkin> GnuTLSClientVerify require </LocationMatch> </VirtualHost>
I have a client going to this URL and submitting a client certificate (I know it does as I have tested this with mod_ssl and the client certificate gets passed). However, with mod_gnutls no certificate seems to get passed. In particular, the |
|||
#6 | fixed | Cannot build against Apache 2.4.4 | ||
Description |
(imported from mantis, from trainboy) Trying to build mod_gnutls under Apache 2.4.4. Here's what config thinks I'm trying to build: Configuration summary for mod_gnutls: * mod_gnutls version: 0.5.10 * Apache Modules directory: /usr/share/httpd-2.4/modules * GnuTLS Library version: 2.12.18 * SRP Authentication: yes Running make yields: libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../include -I /rpm/Apache/apr-1.4.6/include -I /rpm/Apache/apr-util-1.4.1/include -Wall -I/usr/local/include -DENABLE_SRP=1 -g -O2 -pthread -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -I/usr/share/httpd-2.4/include -g -O2 -MT libmod_gnutls_la-gnutls_hooks.lo -MD -MP -MF .deps/libmod_gnutls_la-gnutls_hooks.Tpo -c gnutls_hooks.c -fPIC -DPIC -o .libs/libmod_gnutls_la-gnutls_hooks.o gnutls_hooks.c: In function 'mgs_select_virtual_server_cb': gnutls_hooks.c:184: warning: 'gnutls_certificate_type_set_priority' is deprecated (declared at /usr/local/include/gnutls/compat.h:349) gnutls_hooks.c:189: warning: 'gnutls_certificate_type_set_priority' is deprecated (declared at /usr/local/include/gnutls/compat.h:349) gnutls_hooks.c: In function 'mgs_hook_post_config': gnutls_hooks.c:429: warning: 'gnutls_certificate_server_set_retrieve_function' is deprecated (declared at /usr/local/include/gnutls/compat.h:166) gnutls_hooks.c: In function 'create_gnutls_handle': gnutls_hooks.c:724: warning: 'gnutls_protocol_set_priority' is deprecated (declared at /usr/local/include/gnutls/compat.h:346) gnutls_hooks.c: In function 'mgs_hook_pre_connection': gnutls_hooks.c:753: error: 'conn_rec' has no member named 'remote_addr' gnutls_hooks.c:753: error: 'conn_rec' has no member named 'remote_ip' make[1]: *** [libmod_gnutls_la-gnutls_hooks.lo] Error 1 make[1]: Leaving directory `/rpm/Apache/mod_gnutls-0.5.10/src' make: *** [all-recursive] Error 1 Looks like the Apache guys have broken one or two of the structures that you depend upon. |
|||
#7 | fixed | Fix the use of ServerAlias Directive | ||
Description |
imported from mantis, a report from dash: <VirtualHost example.com:443> GnuTLSEnable On GnuTLSPriorities NORMAL GnuTLSCertificateFile /etc/ssl/certs/gnutls.pem GnuTLSKeyFile /etc/ssl/private/myserver.key ServerAlias www.example.com </VirtualHost> Certificate should match 'example.com' and 'www.example.com', currently it only matches 'example.com' |