Custom Query (16 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:


Results (1 - 3 of 16)

1 2 3 4 5 6
Ticket Resolution Summary Owner Reporter
#5 fixed Client-side certificates not recognzied https://id.mayfirst.org/dkg https://id.mayfirst.org/dkg
Description

imported from mantis, at 2011-10-02 macrotex wrote:

I have this configuration in Apache:

<VirtualHost example.com:443>
  GnuTLSEnable On
  GnuTLSPriorities NORMAL:!DHE-RSA:!DHE-DSS:!AES-256-CBC:%COMPAT
  GnuTLSCertificateFile /etc/ssl/certs/mdm-dev1-gnutls.pem
  GnuTLSKeyFile /etc/ssl/private/myserver-dev1.key
  # Client certs CA chain
  GnuTLSClientCAFile /etc/ssl/certs/ca-chain.pem
  GnuTLSExportCertificates On
  GnuTLSClientVerify ignore

  <LocationMatch /device.*/checkin>
     GnuTLSClientVerify require
  </LocationMatch>
</VirtualHost>

I have a client going to this URL and submitting a client certificate (I know it does as I have tested this with mod_ssl and the client certificate gets passed). However, with mod_gnutls no certificate seems to get passed. In particular, the SSL_CLIENT_S_DN environment variable is empty.

#6 fixed Cannot build against Apache 2.4.4 https://id.mayfirst.org/dkg https://id.mayfirst.org/dkg
Description

(imported from mantis, from trainboy)

Trying to build mod_gnutls under Apache 2.4.4. Here's what config thinks I'm trying to build:

  Configuration summary for mod_gnutls:

     * mod_gnutls version: 0.5.10
     * Apache Modules directory: /usr/share/httpd-2.4/modules
     * GnuTLS Library version: 2.12.18
     * SRP Authentication: yes

Running make yields:

libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../include
     -I /rpm/Apache/apr-1.4.6/include -I /rpm/Apache/apr-util-1.4.1/include
     -Wall -I/usr/local/include -DENABLE_SRP=1 -g -O2 -pthread -DLINUX=2
     -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE
     -I/usr/share/httpd-2.4/include -g -O2
     -MT libmod_gnutls_la-gnutls_hooks.lo -MD -MP
     -MF .deps/libmod_gnutls_la-gnutls_hooks.Tpo -c gnutls_hooks.c
     -fPIC -DPIC -o .libs/libmod_gnutls_la-gnutls_hooks.o
gnutls_hooks.c: In function 'mgs_select_virtual_server_cb':
gnutls_hooks.c:184: warning: 'gnutls_certificate_type_set_priority' is
     deprecated (declared at /usr/local/include/gnutls/compat.h:349)
gnutls_hooks.c:189: warning: 'gnutls_certificate_type_set_priority' is
     deprecated (declared at /usr/local/include/gnutls/compat.h:349)
gnutls_hooks.c: In function 'mgs_hook_post_config':
gnutls_hooks.c:429: warning: 'gnutls_certificate_server_set_retrieve_function'
     is deprecated (declared at /usr/local/include/gnutls/compat.h:166)
gnutls_hooks.c: In function 'create_gnutls_handle':
gnutls_hooks.c:724: warning: 'gnutls_protocol_set_priority' is deprecated
     (declared at /usr/local/include/gnutls/compat.h:346)
gnutls_hooks.c: In function 'mgs_hook_pre_connection':
gnutls_hooks.c:753: error: 'conn_rec' has no member named 'remote_addr'
gnutls_hooks.c:753: error: 'conn_rec' has no member named 'remote_ip'
make[1]: *** [libmod_gnutls_la-gnutls_hooks.lo] Error 1
make[1]: Leaving directory `/rpm/Apache/mod_gnutls-0.5.10/src'
make: *** [all-recursive] Error 1

Looks like the Apache guys have broken one or two of the structures that you depend upon.

#7 fixed Fix the use of ServerAlias Directive https://id.mayfirst.org/dkg https://id.mayfirst.org/dkg
Description

imported from mantis, a report from dash:

<VirtualHost example.com:443>
  GnuTLSEnable On
  GnuTLSPriorities NORMAL
  GnuTLSCertificateFile /etc/ssl/certs/gnutls.pem
  GnuTLSKeyFile /etc/ssl/private/myserver.key
  ServerAlias www.example.com
</VirtualHost>

Certificate should match 'example.com' and 'www.example.com', currently it only matches 'example.com'

1 2 3 4 5 6
Note: See TracQuery for help on using queries.