Apache Client/Server SSL Authentication

In /etc/httpd/ssl.cert/server

openssl req -new -newkey rsa:2048 -nodes -out server.csr -keyout server.key
openssl x509 -trustout -signkey server.key -days 365 -req -in server.csr -out server.pem
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
echo "02" > server.srl

In /etc/httpd/ssl.cert/clients

openssl req -new -newkey rsa:2048 -nodes -out client.req -keyout client.key
openssl x509 -CA ../server/server.pem -CAkey ../server/server.key -CAserial ../server/server.srl -req -in client.req -out client.pem -days 365
openssl pkcs12 -export -clcerts -in client.pem -inkey client.key -out client.p12 -name "Client Certificate"

Import client.p12 into your browser

Add to /etc/httpd/httpd.conf

<VirtualHost *:443>
DocumentRoot /httpd/sites/ssl.site/htdocs
ServerName ssl.site
ServerAdmin ssl@site.xx
ErrorLog /httpd/logs/ssl.site-error_log
CustomLog /httpd/logs/ssl.site-access_log common
SSLEngine on
SSLVerifyClient require
SSLVerifyDepth 1
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCACertificateFile /etc/httpd/ssl.cert/server/server.pem
SSLCertificateFile /etc/httpd/ssl.cert/server/server.crt
SSLCertificateKeyFile /etc/httpd/ssl.cert/server/server.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /httpd/logs/ssl.site-request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

Courier-IMAP SSL-Patch

Courier-IMAP reports:

./.libs/libcouriertls.a(libcouriertls.o)(.text+0x46e): In function `rsa_callback':
/home/catch/courier-imap-4.0.6/tcpd/libcouriertls.c:216: undefined reference to `RSA_generate_key'

Find the line "LIBS=" In tcpd/Makefile, and add "-lcrypto":

LIBS= -lcrypto

re-run make

ucspi-tcp and daemontools using Glibc-2.3.x

ucspi-tcp reports:
/usr/bin/ld: errno: TLS definition in /lib/libc.so.6 section .tbss mismatches non-TLS reference in tcpserver.o

daemontools reports:
/usr/bin/ld: errno: TLS definition in /lib/libc.so.6 section .tbss mismatches non-TLS reference in envdir.o

Make the following changed in these files:
ucspi-tcp-0.88/error.h
admin/daemontools-0.76/src/error.h

replace:
extern int errno;

with:
#include

Apache-2.0.54 with Openssl-0.9.8 (patch)

/httpd-2.0.54/modules/ssl/ssl_toolkit_compat.h

#define HAVE_SSL_X509V3_EXT_d2i
#endif

+ #ifndef PEM_F_DEF_CALLBACK
+ #ifdef PEM_F_PEM_DEF_CALLBACK
+ /* In OpenSSL 0.9.8 PEM_F_DEF_CALLBACK was renamed */
+ #define PEM_F_DEF_CALLBACK PEM_F_PEM_DEF_CALLBACK
+ #endif
+ #endif

#elif defined (SSLC_VERSION_NUMBER) /* RSA */

SqlJunkies :: SQL Server Performance - Common Symptoms and Tools

SqlJunkies :: SQL Server Performance - Common Symptoms and Tools: The cases usually start with, The overall performance has degraded over time, It is just slow, or The workload...

How do I remove a nonexistent domain controller?

How do I remove a nonexistent domain controller?

Showing unread item in exchange public folders

The key to the solution is Outlook 2003...

Just add the public folder to favorite folders.

Voice Jitter / Delay on Asterisk PBX...

Could be caused by a cheap (bad) line card...

Try changing to another line card (Digium or Fritz)...