Custom Query (16 matches)
Results (1 - 3 of 16)
| Ticket | Resolution | Summary | Owner | Reporter |
|---|---|---|---|---|
| #5 | fixed | Client-side certificates not recognzied | ||
| Description |
imported from mantis, at 2011-10-02 macrotex wrote: I have this configuration in Apache: <VirtualHost example.com:443>
GnuTLSEnable On
GnuTLSPriorities NORMAL:!DHE-RSA:!DHE-DSS:!AES-256-CBC:%COMPAT
GnuTLSCertificateFile /etc/ssl/certs/mdm-dev1-gnutls.pem
GnuTLSKeyFile /etc/ssl/private/myserver-dev1.key
# Client certs CA chain
GnuTLSClientCAFile /etc/ssl/certs/ca-chain.pem
GnuTLSExportCertificates On
GnuTLSClientVerify ignore
<LocationMatch /device.*/checkin>
GnuTLSClientVerify require
</LocationMatch>
</VirtualHost>
I have a client going to this URL and submitting a client certificate (I know it does as I have tested this with mod_ssl and the client certificate gets passed). However, with mod_gnutls no certificate seems to get passed. In particular, the |
|||
| #6 | fixed | Cannot build against Apache 2.4.4 | ||
| Description |
(imported from mantis, from trainboy) Trying to build mod_gnutls under Apache 2.4.4. Here's what config thinks I'm trying to build: Configuration summary for mod_gnutls:
* mod_gnutls version: 0.5.10
* Apache Modules directory: /usr/share/httpd-2.4/modules
* GnuTLS Library version: 2.12.18
* SRP Authentication: yes
Running make yields: libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../include
-I /rpm/Apache/apr-1.4.6/include -I /rpm/Apache/apr-util-1.4.1/include
-Wall -I/usr/local/include -DENABLE_SRP=1 -g -O2 -pthread -DLINUX=2
-D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE
-I/usr/share/httpd-2.4/include -g -O2
-MT libmod_gnutls_la-gnutls_hooks.lo -MD -MP
-MF .deps/libmod_gnutls_la-gnutls_hooks.Tpo -c gnutls_hooks.c
-fPIC -DPIC -o .libs/libmod_gnutls_la-gnutls_hooks.o
gnutls_hooks.c: In function 'mgs_select_virtual_server_cb':
gnutls_hooks.c:184: warning: 'gnutls_certificate_type_set_priority' is
deprecated (declared at /usr/local/include/gnutls/compat.h:349)
gnutls_hooks.c:189: warning: 'gnutls_certificate_type_set_priority' is
deprecated (declared at /usr/local/include/gnutls/compat.h:349)
gnutls_hooks.c: In function 'mgs_hook_post_config':
gnutls_hooks.c:429: warning: 'gnutls_certificate_server_set_retrieve_function'
is deprecated (declared at /usr/local/include/gnutls/compat.h:166)
gnutls_hooks.c: In function 'create_gnutls_handle':
gnutls_hooks.c:724: warning: 'gnutls_protocol_set_priority' is deprecated
(declared at /usr/local/include/gnutls/compat.h:346)
gnutls_hooks.c: In function 'mgs_hook_pre_connection':
gnutls_hooks.c:753: error: 'conn_rec' has no member named 'remote_addr'
gnutls_hooks.c:753: error: 'conn_rec' has no member named 'remote_ip'
make[1]: *** [libmod_gnutls_la-gnutls_hooks.lo] Error 1
make[1]: Leaving directory `/rpm/Apache/mod_gnutls-0.5.10/src'
make: *** [all-recursive] Error 1
Looks like the Apache guys have broken one or two of the structures that you depend upon. |
|||
| #7 | fixed | Fix the use of ServerAlias Directive | ||
| Description |
imported from mantis, a report from dash: <VirtualHost example.com:443> GnuTLSEnable On GnuTLSPriorities NORMAL GnuTLSCertificateFile /etc/ssl/certs/gnutls.pem GnuTLSKeyFile /etc/ssl/private/myserver.key ServerAlias www.example.com </VirtualHost> Certificate should match 'example.com' and 'www.example.com', currently it only matches 'example.com' |
|||
