httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Evans <tevans...@googlemail.com>
Subject Re: [users@httpd] SSL session problem
Date Mon, 04 Mar 2013 13:01:27 GMT
On Sun, Mar 3, 2013 at 10:36 PM, Jens-U. Mozdzen <jmozdzen@nde.ag> wrote:
> Zitat von Jens-Uwe Mozdzen <jmozdzen@nde.ag>:
>>
>> Zitat von "Jens-U. Mozdzen" <jmozdzen@nde.ag>:
>>>
>>> Hi list,
>>>
>>> I could use a helping hand with a SSL problem.
>>
>> [...]
>
>
> Anything I should do differently to get at least an ack from this list? Or
> is there some other, more appropriate list? I'd then be grateful for some
> pointer...
>

ack. This is the appropriate list, but I haven't a clue about your
in-depth SSL issue.

> It's about a web mail site (running Horde5 on SLES11SP2 with latest Novell updates, that's
i.e. apache2-2.2.12-1.10.1 and openssl-0.9.8j-0.44.1)

So, big companies love to stick on various versions of open source
software. They may even go back and fold security fixes in to these
older versions, but they are unlikely to fold new features or bug
fixes back in.

The very first thing that you should do is to uninstall those
versions, install the latest versions of apache 2.2, and your choice
of latest SSL version - either 0.9.8y or 1.0.1e, not some arbitrary
choice - and see if that does fix your problem. If it does, go back to
Novell and tell them.

If it doesn't, at least you can tell the list a stock apache and stock
SSL experienced this error, which may be more enticing than having to
setup a vendor's old stack to find (potentially) old bugs.

Cheers

Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message