Joshua Slive wrote:
On 9/16/06, Josh Wyatt <Josh.Wyatt@xxxxxxxxxxxxxx> wrote:I'd like to use NULL authentication, ciphers, etc to reduce the proxyapache <-> oapache SSL overhead. How can I configure oapache and proxyapache to use NULL for authentication, ciphers, etc?I don't know the answer to that. I suspect it is impossible without modifying the configuratio n of oapache to accept null ciphers. But in any case, this is silly. Why no just configure oapache to use ordinary http instead? Joshua.
I agree it's silly that SSL is required. But it truly is for this application (https is hard-coded as the beginning of all URLs), and it's a COTS application, so we can't change that bit. Now, I absolutely DO have control over oapache's configuration. And as I stated in my initial post, I already tried specifying NULL ciphers with. Quoting my initial post: 'SSLProxyCipherSuite NULL' on proxyapache, and 'SSLCipherSuite NULL' on oapache. In oapache's logfiles I get: [Fri Sep 15 22:00:51 2006] [error] mod_ssl: SSL handshake failed (server oapache:8888, client proxyapache) (OpenSSL library error follows)[Fri Sep 15 22:00:51 2006] [error] OpenSSL: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher [Hint: Too restrictive SSLCipherSuite or using DSA server certificate?]
Any help you can provide would be greatly appreciated. Thanks, Josh --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|