Articles delegate-en/4060-4070 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
range 4060 - 4070   digest:
How to verify a server's certificate?
  08/11-11:45 . 4060  feedback@delegate.org (Yutaka Sato) [40]
___ Hi Monika, I implemented sslway.c of DeleGate to be compatible with the behavior of "apps/s_client.c" of OpenSSL. So if you test it with "openssl s_client" rather than "openssl verify", you will see
  08/11-15:58 . 4061  feedback@delegate.org (Yutaka Sato) [31]
___ Hallo, I searched documents about "SSL_CTX_set_default_verify_paths()" but it seems not so well documented. The function seems to use two environment variables (defined in OpenSSL/crypto/cryptlib.h
  08/11-18:17 . 4062  Monika Schilling <p3ehqbdyi-lnh3n2ci2gdr.ml@ml.delegate.org> [25]
___ Hi Yutaka, Yes, this works! So I have an immediate solution. What do you think about a new DeleGate option which allows to switch off this implicit action. This avoids the scattered configuration (D
  08/11-18:36 . 4063  feedback@delegate.org (Yutaka Sato) [37]
___ Hi, I did it tentatively for the testing :) But note that the SSL (TLS) configuration of DeleGate is moving from sslway options like -CApath to files under the CERTDIR (like ca-sv.pem) after DeleGat
  08/12-04:38 . 4064  Monika Schilling <p3ehqbdyi-lnh3n2ci2gdr.ml@ml.delegate.org> [23]
___ Hi Yutaka, Thank you for the pointer. I checked DeleGate 9.8.3 with the new way of configuration via files under CERTDIR. Everything works as expected. There is no need for using the trick with the
  08/12-15:08 . 4065  feedback@delegate.org (Yutaka Sato) [125]
___ Hi, Is it true? I can't understand it because the simple code of sslway.c does load the default certificates anyway if the loading of given certificate is succeeded, regardless whether or not it is
ICAP and MITM
  08/14-04:06 . 4066  Inside User <p4ihqbdyi-lnh3n2ci2gdr.ml@ml.delegate.org> [30]
___ DeleGate sounds like the only opensource project that stands a chance of providing similar features regarding MITM proxying of HTTPS, similar to that available in commercial products such as BlueCoa
How to verify a server's certificate?
  08/14-19:04 . 4067  Monika Schilling <p3ehqbdyi-lnh3n2ci2gdr.ml@ml.delegate.org> [131]
___ Yutaka, Yes! I just now checked it again. Calling DeleGate DGROOT=/home/ms/.DeleGate/9.8.3/pop.1und1.de DGCONF=/home/ms/bin/delegated-pop.1und1.de.conf /usr/local/bin/delegated-9.8.3 DGROOT=$DGROOT
  08/16-22:48 . 4068  feedback@delegate.org (Yutaka Sato) [257]
___ Monika, Your log does not include the status of "/etc/ssl/certs" so I can't confirm it. For example, the failure could occur if /etc/ssl/certs is empty, or thawteCp.pem is lacking, or the default ce
  08/17-02:29 . 4069  Monika Schilling <p3ehqbdyi-lnh3n2ci2gdr.ml@ml.delegate.org> [25]
___ Yakuta, I take this serious. So I entered turn 3 and unified the batch files of my test cases. Nothing (DGROOT, version of DG, ...) is hard coded anymore. These variables are now taken from a single
SSL Buffer_Underflow
  08/19-01:01 . 4070  =?ISO-8859-1?Q?Andr=E9_Egners?= <p4yhqbdyi-lnh3n2ci2gdr.ml@ml.delegate.org> [8]
___ Hello. I get a BUFFER_UNDERFLOW as a SSLEngineResult while calling unwrap. This happens every time the connection is closed. I'm using Delegate as a HTTPS Proxy with STLS=-fcl. The BUFFER_UNDERFLOW
  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
Generated:10/19 11:49:18 (1 sec) Expires:10/19 17:49:17 @_@V