similar to: Development with SSL client certificates

I have apache 1.3 with mod_ssl in front of mongrel/rails. Apache is setup to require client certification, and I''m trying to figure out how to pass the ssl env variables to mongrel. Here is the apache config to proxy requests to mongrel. I haven''t tried to pass env variables like this before so I''m not sure if it''s the apache config I have wrong, if mongrel

I've pulled out the no-longer-necessary remnants of the old way of handling auth and before_filters as well as fixing a couple bugs that had crept in along the way. Unit test fixes for the refactoring will follow in a subsequent patch. Signed-off-by: Scott Seago <sseago at redhat.com> --- src/app/controllers/application.rb | 46 ----------------

Greetings. I was wondering if there were any plans to add support for an SSL certificate chain file? This is useful to provide a valid certificate chain for lower cost signing authorities. I'm afraid that I'm not 100% positive of the implementation requirements. Although it does seem that OpenSSL supports this concept. I am aware that Apache HTTPD (via mod_ssl) and Courier-IMAP offer

Not much of a noob, but I will try. I just configured httpd and installed mod_ssl and got my certificate from GoDaddy and put them on the server with ssl.conf pointing at them. I am getting this error: SSLCertificateFile: file '/etc/pki/tls/certs/enmu.edu.crt' does not exist or is empty It's a cute error. I have checked several times for misspellings, looked at the enmu.edu.crt

Apache was working with self signed certificate. We changed the ssl.conf file to read certicates from godaddy and it it failed to restart because of incorrecrt parphrase. bash-3.2# /sbin/service httpd restart Stopping httpd: [ OK ] Starting httpd: Apache/2.2.3 mod_ssl/2.2.3 (Pass Phrase Dialog) Some of your private key files are encrypted for

Thanks for the note. I had never seen anything in the postfix and apache documentation that the CRLs could be intermingled with the CRTs in the CRT file. The documentation for those programs suggests putting the CRLs in a separate file (e.g. apache SSLCARevocationFile) or doesn't talk about putting CRLs in with the certs (e.g. postfix smtpd_tls_cert_file). If it works to put them all in one

Hi, I have ecommerce stores on my server who use the same instantssl certificate without any problems. These particular certificates were migrated over from one plesk system to my new server with centOS 3.4 and plesk 7.5.1 reloaded. When I generated a new csr for a new client on my centOS server and chose apache mod_ssl at instantssl for the csr I got the certificate, installed it (first new

Hello, I've got a client who wants to go ssl. He's running a web server, smtp/pop, and ftps and imaps is coming as well. I'm looking for a wildcard ssl certificate i believe it's called but one on the budget plan. I am also wanting to ensure that the mod_ssl with httpd on the server is only using the strongest encryption methods and protocols. Thanks. Dave.

I've tried setting up multiple SSL-Certificates (using letsencrypt) for dovecot on my ubuntu machine. Used dovecot version is 2.2.18. Regarding to official docs this should be working. My test-client (Thunderbird on linux) has been mentioned to be working fine with SNI here: https://wiki.dovecot.org/SSL/SNIClientSupport https://wiki.dovecot.org/SSL/DovecotConfiguration#line-89 >

I have a wsdl client that will work standalone but as soon as I put identical code into a Rails controller I get an Errno::ECONNREFUSED #(Connection refused -connect(2)...) Any ideas? ======================= ||Standalone: (works) || ======================= require ''soap/wsdlDriver'' require ''http-access2'' user = ''fwkaufm'' wsdl

Hi list, ? I am currently trying to configure dovecot to act as a imap proxy in front of a Groupwise server. Because of a policy no services of the gw server may be directly served to the web. So currently this is only a security measure. Dovecot was previously used for providing sasl-auth capabilities to postfix. IMAP proxy features should be added now. Authentication backend is LDAP. OS is

I''m still a newb but having fun - Any help on this problem will be much appreciated. I have mymodel Call.rb class Call < ActiveRecord::Base belongs_to :user has_many:visits, :dependent => :destroy has_many:visits do def latest find :all, :order => ''id DESC'', :limit => 3 end def all_latest find

Hi all, Ok, been wanting to do this for a while, and I after the Heartbleed fiasco, the boss finally agreed to let me buy some real certs... Until now, we've been using self-signed certs with the following dovecot config: ssl = required ssl_cert = </etc/ssl/ourCerts/imap.pem ssl_key = </etc/ssl/ourCerts/imap_key.pem Now, I've created new keys/certs and the CSR, got the new

I'm using Dovecot 2.2.5. I'm setting up and new IMAPS server for personal use (i.e. only me). I have success with self-signed certificates but not with others (e.g. StartSSL.com) With StartSSL certs: I've been able to connect and test commands via: openssl s_client -connect imaps.unixathome.org:993 Can you configure your iPhone or Macbook to access the above? Authentication

Hi, I am trying to generate client certificates (to use in internal web/email servers) but the process is aborting. I can generate the CA OK but when I try to generate the client... openssl ca -days 365 -out certs/xxxx.crt -in csr/xxx.csr -config ../tls/openssl.cnf Using configuration from ../tls/openssl.cnf Enter pass phrase for ../CA/private/cakey.pem: wrong number of fields on line 1

We use an apache server (version 2.0.54) with mod_ssl and the latest rails version on a Gentoo Linux OS. We tried to run our application in both, a virtual host using HTTP and another using HTTPS with identical server configurations. With HTTP, we did not have any problem, but HTTPS did not allow us to upload files in rails into a database. The log file displays a fcgi timeout and the HTTP

Hi, I have some questions about Puppet client request through a reverse SSL proxy with pache and mod_ssl. It''s about pure design and IP public adress. I want to use Puppet framework on distributed environnement through pulic network with NAT and so on. We have already a reverse proxy which handle SSL termination for Web server publication. Site are publish with HTTPS with some wildcard

Hi all I want to outsource an extension for ApplicationController, that I had in application.rb so far, into a plugin. I have created this plugin, and in init.rb I load require File.dirname(__FILE__) + ''/lib/application_controller'' In lib/application_controller.rb I have the following code: class ApplicationController before_filter :prepare_user ... end This worked

Using the brand-spanking new map.resources for REST goodness, is there a way to pass in additional parameters, or do I have to go back to standard routes. For example, is there a way to use the map.resources to response to urls like: /blog/2005/02/03/ => :controller => :blog, :action => :show, :year => 2005, :month => ''02'', :day => ''03''

Slowly figuring out how to get my SaltedHashLoginGenerator stuff working. The wiki page says to put "before_filter :login_required" in the user (my "user" is "member") controller or in ApplicationController. However, wherever I put it I get NoMethodError. The rest of the SHLG stuff seems to be working... or at least I could get to the signup page, register, and