RE: [EMAIL PROTECTED] htaccess session timeout

2005-11-22 Thread Boyle Owen 
> -Original Message-
> From: Brent Clark [mailto:[EMAIL PROTECTED]
> Sent: Mittwoch, 23. November 2005 07:27
> To: Apache
> Subject: [EMAIL PROTECTED] htaccess session timeout
> 
> 
> Hi all
> 
> Would anyone know if its possible to use htaccess with a 
> session timeout.
> 

Just to be clear, "htaccess" is a mechanism that allows certain directives to 
be applied to a particular directory just be putting a small file in that 
directory. Because this is most often used to provide Basic Authentication 
(password protection) people sometimes think they are equivalent. They're not. 
You can have a .htaccess file that contains non-Auth directives and you can do 
Basic Auth without using a .htaccess file.

> Basically I would like it so that if a user walks away from 
> there work station, on returning they have to re login.

Regarding your question; This isn't possible with Basic Auth; the browser 
caches the password and username (the credentials) and then resends them with 
every subsequent request to the same realm. So you will "stay logged in" 
indefinately.

Having said that, mod_auth_digest 
(http://httpd.apache.org/docs/2.0/mod/mod_auth_digest.html) has a 
AuthDigestNonceLifetime Directive which allows you to timestamp requests and so 
expire sessions. Not that mod_auth_digest is a bit experimental and not 
universally supported by browsers - depending on your application that might or 
might not matter...

The other way to go is to forget about doing the authentication in the HTTP 
layer and to use cookies. The server can put timestamps on the cookies so that 
you can keep track of when the client last accessed the realm. Then you can 
expire the request after a given time. Cookie handling requires a server-sided 
mechanism (PHP, CGI, ASP, Cocoon etc.) and is non-trivial.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> If anyone has any tips, advice or URL links, I would be most grateful.
> 
> Kind Regards
> Brent Clark
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

SV: [EMAIL PROTECTED] High cpu load on apache

2005-11-22 Thread Kjell Grindalen 
Hello, and thank you for the reply!

First of all I am not using any dynamically loaded module, and I am not
realyy using the proxy module either.
I could eaily rmove them and get the same functonality

Here is the output of pstack of a process taking nearly 50% cpu
I will try to get gdb working if this is not saying anything to anyone
I tried running pstack on the same process at intervals, and the output
looks pretty much the same every time

 pstack -F 28263
28263:  /usr/local/apache_prod/bin/httpd -k start
 ff309df4 apr_pool_cleanup_kill (45b798, 1f7f30, , 7efefeff,
81010100, ff00) + 20
 0003d51c ap_http_header_filter (1e1ca8, 45b798, 1e3971, 45c9c0, 68,
3d0d4) + 448
 0006861c ap_pass_brigade (1e1ca8, 45b798, ffbff050, 45c9c0, a6d70, 0) +
44
 0006acac ap_content_length_filter (1, 45b798, ff375c9c, 45c9c0, 4549a8,
6ac10) + 9c
 0006861c ap_pass_brigade (1e1c90, 45b798, 45b798, 45b79c, 45b79c,
1d91b8) + 44
 0006861c ap_pass_brigade (1e2328, 45b7b8, 1e1c90, 1f7f30, 1e2328,
45b7bc) + 44
 0006b350 ap_rflush (1e1010, , 1e1010, 0, 0, 0) + 44
 feda80e0 cb_write_body (ffbff714, 1f7f30, , 0, 0, 0) + f0
 fedbef4c writeResponseBody (ffbff480, 1f7f30, , 7efefeff,
81010100, ff00) + 2c
 fedc7794 esiResponsePassThru (ffbff480, 1cf900, 1e3971, 48, 68,
ff0a7c14) + e4
 fedc7310 esiResponseWrite (1cf928, 1, 1, 0, 6f0008, 7300) + 28
 fedc3c64 esiHandleRequest (ffbff480, 1, , 7efefeff, 81010100,
ff00) + f4
 fedb22f8 websphereHandleRequest (ffbff714, 1e1da0, f4240, f4240, 74,
72) + 350
 feda7560 as_handler (1e1010, 1e20dc, 116708, 0, a5c10, 12bbb0) + 150
 0005a388 ap_run_handler (1e1010, 0, 3b, 0, 12b610, 12b6a0) + 3c
 0005a948 ap_invoke_handler (1101c8, 90800, 1e1010, 0, feea0020, 1) + 78
 0003f890 ap_process_request (1e1010, a6800, 4, 1e1010, a6868, 0) + b0
 0003aab0 ap_process_http_connection (1d50b8, 1d4fe0, 1d4fe0, 4, a6868,
12c108) + f4
 00065cac ap_run_process_connection (1d50b8, 1d4fe0, 1d4fe0, 4, 1d3018,
1d8fb8) + 3c
 00058c34 child_main (1d3038, 1, a5800, a6c00, 1d8fb8, 4e2e) + 3b0
 00058d8c make_child (58400, 4, 0, 10, feea1360, 1d2b7c) + b4
 00058ea0 startup_children (5, 2, 5, a5800, a, 6) + 6c
 00059668 ap_mpm_run (a5800, ede40, 0, a6800, a5800, a5800) + 5a4
 0005f548 main (b1d50, b6bd8, ffbffcac, a6d60, a5c00, a5c00) + 610
 00026990 _start   (0, 0, 0, 0, 0, 0) + 5c 

Mvh

Kjell Grindalen

-Opprinnelig melding-
Fra: Joshua Slive [mailto:[EMAIL PROTECTED] 
Sendt: 22. november 2005 16:19
Til: users@httpd.apache.org
Emne: Re: [EMAIL PROTECTED] High cpu load on apache

On 11/22/05, Kjell Grindalen <[EMAIL PROTECTED]> wrote:
> I am runninng apache-2.0.55 on a Solaris 9 SPARC server.
> I use the server a a frontend for my websphere 5.1 server My configure

> looks like this
>
> ./configure --prefix=/usr/local/apache_prod --with-mpm=prefork 
> --enable-info --enable-so --enable-rewrite --enable-proxy 
> --enable-static-rotatelogs

And what modules are dynamically loaded?

>
> My problem is that after a while, some requests makes one or sometimes

> more, of my httpd servers hit the roof cpu-wise.
> And it stays there til I kille the process.

> A truss on the process only gives what you can see down below.

Much more useful would be to attach to the process with a debugger to
see what it is really doing.  Some info is at:
http://httpd.apache.org/dev/debugging.html#backtrace

Joshua.

-
The official User-To-User support forum of the Apache HTTP Server
Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


This e-mail and any attachments may contain confidential and
privileged information. If you are not the intended recipient,
please notify the sender immediately by return e-mail, delete this
e-mail and destroy any copies. Any dissemination or use of this
information by a person other than the intended recipient is
unauthorized and may be illegal.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] htaccess session timeout

2005-11-22 Thread Brent Clark 

Hi all

Would anyone know if its possible to use htaccess with a session timeout.

Basically I would like it so that if a user walks away from there work station, 
on returning they have to re login.

If anyone has any tips, advice or URL links, I would be most grateful.

Kind Regards
Brent Clark

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] apache2: spurious [black diamond] question marks in iso-8859-1 HTML files

2005-11-22 Thread Alan Ezust 
Aha, firefox was not displaying the document using the expected
charset. I guess this has nothing to do with httpd2 and is only
peculiar to firefox. IE does choose the correct charset, in fact. I
was confused because it was reproducing on windows and linux and mac,
but I guess it was 1.07 on all three of them, so it was basically the
same version.).


On 11/21/05, Joshua Slive <[EMAIL PROTECTED]> wrote:
> On 11/21/05, Alan Ezust <[EMAIL PROTECTED]> wrote:
> > I found two places where there was an AddDefaultCharset directive in
> > my config files. I commented them both out, and restarted the apache2
> > server. Still seeing those silly questionmarks. Then tried adding
> >
> > AddDefaultCharset off
> >
> > restarted. Still no dice. Any other suggestions?
>
> Then that means the documents probably aren't really in the charset
> that you think they are in.  In firefox you can use "view->character
> encoding" to adjust the character set and see which one works.
>
> Joshua.
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Spawned process doesn't get termination signal in worker MPM

2005-11-22 Thread Phil Endecott 

Dear List,

I have an Apache2 module that forks a new process when it first handles 
a request. Subsequent request-handling processes/threads communicate 
with this "back-end" process via shared memory.  This generally works, 
but I am having trouble at termination.  It seems that my backend 
process terminates when I'm using the "prefork" MPM, but not when I'm 
using "worker".


As far as I can see, in the "prefork" environment my process gets 
SIGTERM, which it handles (it needs to delete its shared memory segment) 
and then exits.  In the "worker" environment it looks as if it doesn't 
get any signal and becomes an oprphan, with init as its parent.  I find 
it odd that it gets SIGTERM - has Apache sent it? - normally it would 
get SIGHUP from the kernel when its process group leader terminates.  I 
guess that Apache is trying to kill its children itself, rather than 
letting the kernel do it, and is behaving differently in the two MPMs. 
But I have not told Apache anything about this process - how did it find 
its pid?


Doe this makes any sense to anyone?  I note that 2.1 has had some 
changes to shutdown; is this related?


This code is for Anyterm - http://anyterm.org/ - and you can see the 
code for the backend process at 
http://svn.anyterm.org/anyterm/trunk/apachemod/backend.cc.  The relevant 
bits are at the end of the file.


I'm using 2.0.54 on Debian.

Sorry this is a bit vague.  I'm just hoping someone will immediately 
recognise what's going wrong


Cheers,

--Phil.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Memory leak or normal behavior

2005-11-22 Thread Apostolos Pantsiopoulos 
I am running a source-built version of apache 2.0.55  with modperl 2 and 
php 5.0.5.
When one of my scripts use a lot of memory then I can see the httpd 
processes get quite large, which is quite normal.
But when my script finishes then this memory is not released from the 
httpd process (if it was cached by Linux I would understand it).
Is this a normal behavior? And if it is, will it not lead me to a 
fat-process-slow-response behaviour if I don't restart the service manually?


I've tried it using perl and php scripts. Especially the perl script was 
very simple. I just created an array filling it with garbage. Then at 
the end of the script I unset the array variable. Still the process that 
handled my request didn't free any memory after the end of the script. 
The same thing happens with php.


Shouldn't apache have a mechanism to free the memory it uses after a 
script execution.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] apache 1.3.33 multiple instances problem

2005-11-22 Thread Ken Murach 

Hi Joshua,

the httpd is actually the name of the script that calls the httpd binary 
(see below):


[EMAIL PROTECTED] bin]$ cat httpd
#!/sbin/sh
#
# Start up the Apache web server

case "$1" in
'start')
LD_LIBRARY_PATH=/usr/lib:/usr/local/lib;export LD_LIBRARY_PATH
if [ -x /usr/local/apache_1.3.33_ssl/bin/httpd -a -f 
/usr/users/itisgrp/servers/able/apache-conf/httpd.conf ]; then

echo "Starting the able Apache web server"
echo "\thttp://itis-appdev.harvard.edu:10061";
echo "\thttps://itis-appdev.harvard.edu:10062";
/usr/local/apache_1.3.33_ssl/bin/httpd -f 
/usr/users/itisgrp/servers/able/apache-conf/httpd.conf

fi
;;

'stop')
pid=`cat /usr/users/itisgrp/servers/able/logs/httpd.pid`
if [ X = "$pid"X ]; then
echo "HTTPD is not running, or pid file was shot dead."
else
/usr/bin/kill $pid
fi
;;
'restart')
$0 stop
$0 start
;;

*)
echo "Usage: $0 { start | stop | restart }"
exit 1
;;
esac
exit 0

Kenny

At 02:36 PM 11/22/2005 -0500, you wrote:

On 11/22/05, Ken Murach <[EMAIL PROTECTED]> wrote:
>  Hi Joshua,
>
>  Found out that for solaris, use the truss command instead of strace so I
> ran the truss command (see below):
>
>  [EMAIL PROTECTED] bin]$ truss -o /tmp/output httpd start

I don't know what that "httpd" is, but it certainly isn't the one that
comes from httpd.apache.org, becuase "start" is not a valid httpd
command line option.

In any case, you should try using the -X command line option to force
httpd into single-process mode for the truss.

Joshua.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] apache 1.3.33 multiple instances problem

2005-11-22 Thread Joshua Slive 
On 11/22/05, Ken Murach <[EMAIL PROTECTED]> wrote:
>  Hi Joshua,
>
>  Found out that for solaris, use the truss command instead of strace so I
> ran the truss command (see below):
>
>  [EMAIL PROTECTED] bin]$ truss -o /tmp/output httpd start

I don't know what that "httpd" is, but it certainly isn't the one that
comes from httpd.apache.org, becuase "start" is not a valid httpd
command line option.

In any case, you should try using the -X command line option to force
httpd into single-process mode for the truss.

Joshua.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Apache stops/freezes before "Digest: done"

2005-11-22 Thread Joshua Slive 
On 11/22/05, Joel CARNAT <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I had an Apache 2.0.54 running on gentoo/i386.
> I did an minor update (-r9 to -r31 which I suspect to be gentoo
> internals).
>
> Since then, Apache won't start anymore...
> I tried updating a few things (like mod_php, ...), cleanly remove
> packages and remaning directories and reinstalling the package but
> Apache still don't start (anymore).
>
> The error_log says (using -X -e debug) :

> [notice] Digest: generating secret for digest authentication ...
>
> here I should get "Digest: done" but I never.
> anyone thinks of somewhere I must look...
> I already did a lot of checkings but I must be forgetting something =)

mod_auth_digest is asking your system for some random bytes to use for
digest auth.  Your system is not providing them.

If you don't need digest auth, the simple solution is to simply remove
mod_auth_digest.  Otherwise, you'll need to figure out what source of
random numbers apr is using, and why it is failing.  This should be
automatic in the compile, so it is likely that gentoo messed something
up.  But I'm not an expert in this stuff.

Joshua.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Connection Refused

2005-11-22 Thread Michael Avila 
> Windows XP Pro
> Apache 2.0.55
> Dynamic IP Address on DSL
>
>
> For about a week or so whenever I start up my PC and try to connection to
Apache, I keep getting a message "The connection > was refused when
attempting to contact" and then the domain name.

>it's via the internet so that your request goes out to the internet and
back in again via your ISP-router-modem.

>Some experiments:

>- can you hit the site directly from inside the LAN? [to identify routing
problems]

Yes, as 127.0.0.1.

>- what if you use the IP address instead of the domain name? [to identify
DNS problems]

Usually, but not always, that works.

>Assuming these two things don't work, then it looks like an apache config
problem:

>- Check your "Listen" directive. Are you listening to port 80? If in doubt,
comment out all Listens then apache will default >to port 80.

Copy and paste from httpd.conf is

Listen 80

>- Do you specify the correct IP address in any Listen? If in doubt, comment
it out and apache will default to listen to all active IPs (I assume the PC
picks up its IP address by DHCP from the modem?)

I do not have an IP address with listen as it was changing dynamically. I
forgot it was set to statis because of the router in between. Question:
should that be

Listen :80

or

Listen 80

is correct?

>- Do other services on the server respond? (eg, SMTP on port 25, ICMP echo
on port 7)

Yes. Because they are all outbound first and do not use the DNS.


> I was blaming it on the dynamic address changing and the ISP DNS being
cached. It made sense even though the dynamic IP >address was updated at
ZoneEdit, the ISP cache still held the old address.
>
> Well, I now have a router between the modem and the PC and I am still
having the same problem even though the IP address is not changing. I can
query the modem, see the IP address, and check ZoneEdit and it is the same.
So now the cache should not need to be changed. So why is the connection
being refused?
>
> This is from the error.log file.
>
> [Mon Nov 21 07:56:40 2005] [notice] Apache/2.0.55 (Win32) PHP/4.3.9 DAV/2
configured -- resuming normal operations
> [Mon Nov 21 07:56:40 2005] [notice] Server built: Oct  9 2005 19:16:56
> [Mon Nov 21 07:56:40 2005] [notice] Parent: Created child process 1628
> [Mon Nov 21 07:56:40 2005] [notice] Child 1628: Child process is running
> [Mon Nov 21 07:56:40 2005] [notice] Child 1628: Acquired the start mutex.
> [Mon Nov 21 07:56:40 2005] [notice] Child 1628: Starting 250 worker
threads.
> [Mon Nov 21 08:32:56 2005] [notice] Apache/2.0.55 (Win32) PHP/4.3.9 DAV/2
configured -- resuming normal operations
> [Mon Nov 21 08:32:56 2005] [notice] Server built: Oct  9 2005 19:16:56
> [Mon Nov 21 08:32:56 2005] [notice] Parent: Created child process 812
> [Mon Nov 21 08:32:57 2005] [notice] Child 812: Child process is running
> [Mon Nov 21 08:32:57 2005] [notice] Child 812: Acquired the start mutex.
> [Mon Nov 21 08:32:57 2005] [notice] Child 812: Starting 250 worker
threads.
> [Mon Nov 21 10:36:29 2005] [notice] Apache/2.0.55 (Win32) PHP/4.3.9 DAV/2
configured -- resuming normal operations
> [Mon Nov 21 10:36:29 2005] [notice] Server built: Oct  9 2005 19:16:56
> [Mon Nov 21 10:36:29 2005] [notice] Parent: Created child process 844
> [Mon Nov 21 10:36:30 2005] [notice] Child 844: Child process is running
> [Mon Nov 21 10:36:30 2005] [notice] Child 844: Acquired the start mutex.
> [Mon Nov 21 10:36:30 2005] [notice] Child 844: Starting 250 worker
threads.
> [Mon Nov 21 15:08:06 2005] [notice] Apache/2.0.55 (Win32) PHP/4.3.9 DAV/2
configured -- resuming normal operations
> [Mon Nov 21 15:08:06 2005] [notice] Server built: Oct  9 2005 19:16:56
> [Mon Nov 21 15:08:06 2005] [notice] Parent: Created child process 1612
> [Mon Nov 21 15:08:07 2005] [notice] Child 1612: Child process is running
> [Mon Nov 21 15:08:07 2005] [notice] Child 1612: Acquired the start mutex.
> [Mon Nov 21 15:08:07 2005] [notice] Child 1612: Starting 250 worker
threads.
>
> There are no entries for today in the access.log file because I keep
getting the connection refused message.
>
> Does anyone have any ideas what might be causing this? Any suggestions to
try to change something? I appreciate any help.
>
> Thanks.
>
> Mike


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Vhost number limited ?

2005-11-22 Thread William A. Rowe, Jr. 

david micheneau wrote:

Do you know how many Virtual Host apache is able to manage ?


Unlimited.  But consider that memory, and especially the number of available
file descriptors (FDs) on your platform, considering you probably open at least
an access and error log for each vhost, will be your primary constraints.  You
need to tweak the number of FD's upwards (on some platforms, it's a compiled
in setting in httpd, on other platforms you tweak with ulimit.)

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] apache 1.3.33 multiple instances problem

2005-11-22 Thread Ken Murach 


Hi Joshua,
Found out that for solaris, use the truss command instead of strace so I
ran the truss command (see below):
[EMAIL PROTECTED] bin]$ truss -o /tmp/output httpd start
Starting the able Apache web server
   
http://itis-appdev.harvard.edu:10061
   
https://itis-appdev.harvard.edu:10062

[EMAIL PROTECTED] bin]$ cd /tmp
[EMAIL PROTECTED] tmp]$ more output
execve("/sbin/sh", 0xFFBFFBFC, 0xFFBFFC0C)  argc = 3
getpid()   
= 4921 [4920]
getpgid(4921)  
= 4920
getsid(4921)   
= 25379
brk(0x0006CAB0)
= 0
sysconfig(_CONFIG_SIGRT_MIN)   
= 39
sysconfig(_CONFIG_SIGRT_MAX)   
= 46
sigaltstack(0xFFBFFAF4,
0x)
= 0
sigaction(SIGHUP, 0x,
0xFFBFFA70)   = 0
sigaction(SIGHUP, 0xFFBFF9D0,
0xFFBFFA50)   = 0
sigaction(SIGINT, 0x,
0xFFBFFA70)   = 0
sigaction(SIGINT, 0xFFBFF9D0,
0xFFBFFA50)   = 0
sigaction(SIGQUIT, 0x, 0xFFBFFA70) 
= 0
sigaction(SIGQUIT, 0xFFBFF9D0, 0xFFBFFA50) 
= 0
sigaction(SIGILL, 0x,
0xFFBFFA70)   = 0
sigaction(SIGILL, 0xFFBFF9D0,
0xFFBFFA50)   = 0
sigaction(SIGTRAP, 0x, 0xFFBFFA70) 
= 0
sigaction(SIGTRAP, 0xFFBFF9D0, 0xFFBFFA50) 
= 0
sigaction(SIGABRT, 0x, 0xFFBFFA70) 
= 0
sigaction(SIGABRT, 0xFFBFF9D0, 0xFFBFFA50) 
= 0
sigaction(SIGEMT, 0x,
0xFFBFFA70)   = 0
sigaction(SIGEMT, 0xFFBFF9D0,
0xFFBFFA50)   = 0
sigaction(SIGFPE, 0x,
0xFFBFFA70)   = 0
sigaction(SIGFPE, 0xFFBFF9D0,
0xFFBFFA50)   = 0
sigaction(SIGBUS, 0x,
0xFFBFFA70)   = 0
sigaction(SIGBUS, 0xFFBFF9D0,
0xFFBFFA50)   = 0
sigaction(SIGSEGV, 0xFFBFF9D0, 0xFFBFFA50) 
= 0
sigaction(SIGSYS, 0x,
0xFFBFFA70)   = 0
sigaction(SIGSYS, 0xFFBFF9D0,
0xFFBFFA50)   = 0
sigaction(SIGPIPE, 0x, 0xFFBFFA70) 
= 0
sigaction(SIGPIPE, 0xFFBFF9D0, 0xFFBFFA50) 
= 0
sigaction(SIGALRM, 0x, 0xFFBFFA70) 
= 0
sigaction(SIGALRM, 0xFFBFF9D0, 0xFFBFFA50) 
= 0
sigaction(SIGTERM, 0x, 0xFFBFFA70) 
= 0
sigaction(SIGTERM, 0xFFBFF9D0, 0xFFBFFA50) 
= 0
sigaction(SIGUSR1, 0x, 0xFFBFFA70) 
= 0
sigaction(SIGUSR1, 0xFFBFF9D0, 0xFFBFFA50) 
= 0
sigaction(SIGUSR2, 0x, 0xFFBFFA70) 
= 0
sigaction(SIGUSR2, 0xFFBFF9D0, 0xFFBFFA50) 
= 0
sigaction(SIGPWR, 0x,
0xFFBFFA70)   = 0
sigaction(SIGPWR, 0xFFBFF9D0,
0xFFBFFA50)   = 0
sigaction(SIGURG, 0x,
0xFFBFFA70)   = 0
sigaction(SIGURG, 0xFFBFF9D0,
0xFFBFFA50)   = 0
sigaction(SIGPOLL, 0x, 0xFFBFFA70) 
= 0
sigaction(SIGPOLL, 0xFFBFF9D0, 0xFFBFFA50) 
= 0
sigaction(SIGVTALRM, 0x, 0xFFBFFA70)    = 0
sigaction(SIGVTALRM, 0xFFBFF9D0, 0xFFBFFA50)    = 0
sigaction(SIGPROF, 0x, 0xFFBFFA70) 
= 0
sigaction(SIGPROF, 0xFFBFF9D0, 0xFFBFFA50) 
= 0
sigaction(SIGXCPU, 0x, 0xFFBFFA70) 
= 0
sigaction(SIGXCPU, 0xFFBFF9D0, 0xFFBFFA50) 
= 0
sigaction(SIGXFSZ, 0x, 0xFFBFFA70) 
= 0
sigaction(SIGXFSZ, 0xFFBFF9D0, 0xFFBFFA50) 
= 0
sigaction(SIGRTMIN, 0xFFBFF9D0, 0xFFBFFA50) =
0
sigaction(SIGRTMIN+1, 0xFFBFF9D0, 0xFFBFFA50)   = 0
sigaction(SIGRTMIN+2, 0xFFBFF9D0, 0xFFBFFA50)   = 0
sigaction(SIGRTMIN+3, 0xFFBFF9D0, 0xFFBFFA50)   = 0
sigaction(SIGRTMAX-3, 0xFFBFF9D0, 0xFFBFFA50)   = 0
sigaction(SIGRTMAX-2, 0xFFBFF9D0, 0xFFBFFA50)   = 0
sigaction(SIGRTMAX-1, 0xFFBFF9D0, 0xFFBFFA50)   = 0
sigaction(SIGRTMAX, 0xFFBFF9D0, 0xFFBFFA50) =
0
brk(0x0006CCB0)
= 0
brk(0x0006CE48)
= 0
brk(0x0006D148)
= 0
getuid()   
= 1775 [1775]
getuid()   
= 1775 [1775]
getgid()   
= 1054 [1054]
getgid()   
= 1054 [1054]
open64("httpd",
O_RDONLY)  
= 3
close(19)  
Err#9 EBADF
fcntl(3, F_DUPFD,
0x0013)  
= 19
close(3)   
= 0
fcntl(19, F_SETFD,
0x0001) 
= 0
ioctl(2, TCGETA,
0xFFBFFA1C)   
= 0
ioctl(19, TCGETA,
0xFFBFFA1C)  
Err#25 ENOTTY
read(19, " # ! / s b i n / s h\n #"..,
128) = 128
read(19, " _ P A T H\n\t i f   [  "..,
128) = 128
brk(0x0006D448)
= 0
read(19, " o   " S t a r t i n g  "..,
128) = 128
read(19, " u : 1 0 0 6 2 "\n\t\t /"..,
128) = 128
read(19, " d = ` c a t   / u s r /"..,
128) = 128
brk(0x0006D848)
= 0
read(19, " h o t   d e a d . "\n\t"..,
128) = 128
read(19, "\n\t e x i t   1\n\t ; ;"..,
128) = 25
getuid()   
= 1775 [1775]
stat64("/usr/local/apache_1.3.33_ssl/bin/httpd", 0xFFBFF538) =
0
access("/usr/local/apache_1.3.33_ssl/b

Re: [EMAIL PROTECTED] What did I do wrong?

2005-11-22 Thread Oil Pine 
Hi,

I've solved the problem.
I failed to specify the port (:80) as follows:

NameVirtualHost *:80

#
# NOTE: NameVirtualHost cannot be used without a port specifier 
# (e.g. :80) if mod_ssl is being used, due to the nature of the
# SSL protocol.
#

pine

> I'd been running apache2 server on my fedora core 3 machine for some
> time. Since I set up two virtual servers, I've been getting the
> following error message. 
> 
> I did not mean to make the port SSL-enabled.
> 
> pine
> ---
> 
> Bad Request
> Your browser sent a request that this server could not understand.
> Reason: You're speaking plain HTTP to an SSL-enabled server port.
> Instead use the HTTPS scheme to access this URL, please.
> 
> 
>Hint: https://www.yxxx.org/
> 
> 
> 
> Apache/2.0.53 (Fedora) Server at www.yxxx.org Port 443
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>   "   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
> 
> 
> 
> 
> The information contained in this e-mail and any accompanying
> documents may contain information that is confidential or otherwise
> protected from disclosure. If you are not the intended recipient of
> this message, or if this message has been addressed to you in error,
> please immediately alert the sender by reply e-mail and then delete
> this message, including any attachments. Any dissemination,
> distribution or other use of the contents of this message by anyone
> other than the intended recipient is strictly prohibited.
> 
> 
> 


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Load images

2005-11-22 Thread Benjamin Adams 

My images have trouble loading at a good speed.
System, Mac Dual G5, apache 1.3.33

httpd.conf
---
RLimitNPROC max max
ExtendedStatus On
Timeout 40
KeepAlive On
MaxKeepAliveRequests 300
KeepAliveTimeout 10
MaxClients 500
MinSpareServers 5
MaxSpareServers 18
StartServers 5
MaxRequestsPerChild 1

also running php4.3.11 and mysql 4.1 on invision power boards
php.ini
[Zend]
;zend_optimizer.optimization_level=15
zend_optimizer.optimization_level=1023
zend_extension_manager.optimizer=/usr/local/Zend/lib/Optimizer-2.5.10
zend_optimizer.version=2.5.10
zend_extension=/usr/local/Zend/lib/ZendExtensionManager.so
zend_extension="/ea/eaccelerator-0.9.3/modules/eaccelerator.so"
eaccelerator.shm_size="64"
eaccelerator.cache_dir="/tmp/eaccelerator"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter="*.php *.phtml"
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="500"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="1"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

Can it be a problem running zend optimizer and eaccelerator? would  
running one be better then two.

Also, is there anything I can do for performance?
Thanks



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Migrating from IIS to Apache - how to keep the SSL certificate?

2005-11-22 Thread Joost de Heer 
herauthon wrote:
> Suspicious whitespace sequence : Avast Alert

could you please fix your mail program so it won't bug us with this
useless information?

Joost


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Vhost number limited ?

2005-11-22 Thread david micheneau 








Do you know how many Virtual Host apache is able to
manage ?

 

David.

 

 


 
  
  
   



   
   


 
  
  David Micheneau
  System Administrator
  
  
  Le Millenium
  12, quai de Queyries
  F-33072 Bordeaux Cedex
  
 
 
  
  [EMAIL PROTECTED]
  www.in-fusio.com 
  
  
  
   

phone:


+33
557 773 849

   
   

mobile:


+33
662 909 828

   
  
  
  
 



   
  
  
  
  
   
  
 
 
  
  
  
  
  
  
 


 

[EMAIL PROTECTED] Apache stops/freezes before "Digest: done"

2005-11-22 Thread Joel CARNAT 
Hi,

I had an Apache 2.0.54 running on gentoo/i386.
I did an minor update (-r9 to -r31 which I suspect to be gentoo
internals).

Since then, Apache won't start anymore...
I tried updating a few things (like mod_php, ...), cleanly remove
packages and remaning directories and reinstalling the package but
Apache still don't start (anymore).

The error_log says (using -X -e debug) :

[notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec2)
[warn] RSA server certificate CommonName (CN) `vc-sup.altran.net' does NOT 
match server name!?
[debug] mod_so.c(248): loaded module access_module
[debug] mod_so.c(248): loaded module auth_module
[debug] mod_so.c(248): loaded module auth_anon_module
[debug] mod_so.c(248): loaded module auth_dbm_module
[debug] mod_so.c(248): loaded module auth_digest_module
[debug] mod_so.c(248): loaded module charset_lite_module
[debug] mod_so.c(248): loaded module env_module
[debug] mod_so.c(248): loaded module expires_module
[debug] mod_so.c(248): loaded module headers_module
[debug] mod_so.c(248): loaded module mime_module
[debug] mod_so.c(248): loaded module negotiation_module
[debug] mod_so.c(248): loaded module setenvif_module
[debug] mod_so.c(248): loaded module log_config_module
[debug] mod_so.c(248): loaded module logio_module
[debug] mod_so.c(248): loaded module cgi_module
[debug] mod_so.c(248): loaded module cgid_module
[debug] mod_so.c(248): loaded module suexec_module
[debug] mod_so.c(248): loaded module alias_module
[debug] mod_so.c(248): loaded module rewrite_module
[debug] mod_so.c(248): loaded module actions_module
[debug] mod_so.c(248): loaded module autoindex_module
[debug] mod_so.c(248): loaded module dir_module
[debug] mod_so.c(248): loaded module ext_filter_module
[debug] mod_so.c(248): loaded module deflate_module
[debug] mod_so.c(248): loaded module include_module
[debug] mod_so.c(248): loaded module ssl_module
[debug] mod_so.c(248): loaded module ldap_module
[debug] mod_so.c(248): loaded module auth_ldap_module
[debug] mod_so.c(248): loaded module php4_module
[warn] NameVirtualHost *:80 has no VirtualHosts
[notice] Digest: generating secret for digest authentication ...

here I should get "Digest: done" but I never.
anyone thinks of somewhere I must look...
I already did a lot of checkings but I must be forgetting something =)

TIA,
Jo
-- 
,- This mail runs --.
`- NetBSD/smtp -'


pgp4V8fCOrkJh.pgp
Description: PGP signature

RE: [EMAIL PROTECTED] What did I do wrong?

2005-11-22 Thread Oil Pine 
Owen,

I get the error message to http://www.yxxx.org/ .

There is nothing configured for mod_ssl in my httpd.conf. mod_ssl is not
loaded or even listed in the config file. 

As I said, I did not have any problem until I set up virtual host. 

 
  ServerName www.yxxx.org
  ServerAlias yxxx.org *.yxxx.org
  DocumentRoot "/var/www/html"
  ServerAdmin [EMAIL PROTECTED]
  ServerSignature email
  DirectoryIndex  index.php index.html index.htm index.shtml 
  LogLevel  warn
  LogFormat "%h %l %u %t \"%r\" %>s %b" common
  CustomLog logs/www.yxxx.org-access_log common
  CustomLog logs/www.yxxx.org-referer_log "%{Referer}i -> %U"
  CustomLog logs/www.yxxx.org-agent_log "%{User-agent}i"
  ErrorLog logs/www.yxxx.org-error_log
#TransferLog logs/www.yxxx.org-access_log
#CustomLog logs/access_log combined
  HostNameLookups off
 
Options Indexes Includes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
 

-


On Tue, 2005-11-22 at 17:14 +0100, Boyle Owen wrote: 
> > -Original Message-
> > From: Oil Pine [mailto:[EMAIL PROTECTED]
> > Sent: Dienstag, 22. November 2005 17:02
> > To: httpd user group
> > Subject: [EMAIL PROTECTED] What did I do wrong?
> > 
> > 
> > I'd been running apache2 server on my fedora core 3 machine for some
> > time. Since I set up two virtual servers, I've been getting the
> > following error message. 
> > 
> > I did not mean to make the port SSL-enabled.
> 
> It's kinda hard to do this by accident... My guess is that your distro has a 
> default SSL site on IP:443.
> 
> When exactly do you get this message? You would have to type 
> http://www.yxxx.org:443/ into a browser to get it. Why would you want to look 
> at a plain HTTP site on port 443?
> 
> Rgds,
> Owen Boyle
> Disclaimer: Any disclaimer attached to this message may be ignored. 
> 
> > 
> > pine
> > ---
> > 
> > Bad Request
> > Your browser sent a request that this server could not understand.
> > Reason: You're speaking plain HTTP to an SSL-enabled server port.
> > Instead use the HTTPS scheme to access this URL, please.
> > 
> > 
> > Hint: https://www.yxxx.org/
> > 
> > 
> > __
> > __
> > Apache/2.0.53 (Fedora) Server at www.yxxx.org Port 443
> > 
> > 
> > -
> > The official User-To-User support forum of the Apache HTTP 
> > Server Project.
> > See http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> >"   from the digest: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > 
> > 
> Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
> Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
> private and personal nature. It is not related to the exchange or business 
> activities of the SWX Group. Le présent e-mail est un message privé et 
> personnel, sans rapport avec l'activité boursière du Groupe SWX.
>  
> 
> This message is for the named person's use only. It may contain confidential, 
> proprietary or legally privileged information. No confidentiality or 
> privilege is waived or lost by any mistransmission. If you receive this 
> message in error, please notify the sender urgently and then immediately 
> delete the message and any copies of it from your system. Please also 
> immediately destroy any hardcopies of the message. You must not, directly or 
> indirectly, use, disclose, distribute, print, or copy any part of this 
> message if you are not the intended recipient. The sender's company reserves 
> the right to monitor all e-mail communications through their networks. Any 
> views expressed in this message are those of the individual sender, except 
> where the message states otherwise and the sender is authorised to state them 
> to be the views of the sender's company.
> 
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] apache 1.3.33 multiple instances problem

2005-11-22 Thread Ken Murach 

Hi Joshua,

Thanks for replying to my posting. The logs directory for each account 
(able & fad) are 777 across the board and they are owned by itisgrp:itis.


Here's what I get when I try to start up apache 1.3.33 for the able account 
for example as itisgrp:


[EMAIL PROTECTED] bin]$ ./httpd stop
kill: 4286: no such process

[EMAIL PROTECTED] bin]$ ./httpd start
Starting the able Apache web server
http://itis-appdev.harvard.edu:10061
https://itis-appdev.harvard.edu:10062

[EMAIL PROTECTED] bin]$ ps -ef|grep able
root 11425 11420  0   Nov 14 ?0:00 
/usr/local/apache_1.3.28_ssl/bin/rotatelogs /www/qa/logs/able/apache/able-error
root 11512 11504  0   Nov 14 ?0:00 
/usr/local/apache_1.3.28_ssl/bin/rotatelogs /www/qa/logs/able/apache/able-acces
root 11504 11352  0   Nov 14 ?0:00 /bin/sh 
-c  /usr/local/apache_1.3.28_ssl/bin/rotatelogs /www/qa/logs/able/apach
root 11419 11352  0   Nov 14 ?0:00 /bin/sh 
-c  /usr/local/apache_1.3.28_ssl/bin/rotatelogs /www/qa/logs/able/apach
root 11449 11443  0   Nov 14 ?0:00 
/usr/local/apache_1.3.28_ssl/bin/rotatelogs /www/qa/logs/able/apache/able-rewri
root 11516 11503  0   Nov 14 ?0:00 
/usr/local/apache_1.3.28_ssl/bin/rotatelogs /www/qa/logs/able/apache/able-acces
root 11423 11419  0   Nov 14 ?0:00 
/usr/local/apache_1.3.28_ssl/bin/rotatelogs /www/qa/logs/able/apache/able-error
root 11443 11352  0   Nov 14 ?0:00 /bin/sh 
-c  /usr/local/apache_1.3.28_ssl/bin/rotatelogs /www/qa/logs/able/apach
root 11503 11352  0   Nov 14 ?0:00 /bin/sh 
-c  /usr/local/apache_1.3.28_ssl/bin/rotatelogs /www/qa/logs/able/apach
root 11420 11352  0   Nov 14 ?0:00 /bin/sh 
-c  /usr/local/apache_1.3.28_ssl/bin/rotatelogs /www/qa/logs/able/apach

 itisgrp  4375  3764  0 11:28:14 pts/11   0:00 grep able

[EMAIL PROTECTED] bin]$ cd ../logs
[EMAIL PROTECTED] logs]$ ls -al
total 82
drwxrwxrwx   2 itisgrp  itis 512 Nov 22 11:17 .
drwxrwxrwx  10 itisgrp  itis 512 Oct 25  2004 ..
-rw-r--r--   1 itisgrp  itis   10575 Nov 22 11:06 access.log
-rw-r--r--   1 itisgrp  itis 146 Nov 22 11:27 error.log
-rw-r--r--   1 itisgrp  itis   5 Nov 22 11:27 httpd.pid
-rw-r--r--   1 itisgrp  itis   25606 Nov 22 11:27 ssl_engine_log
-rw---   1 root other  0 Nov  9 15:04 ssl_mutex.1173
-rw---   1 itisgrp  itis   0 Aug 11 15:13 ssl_mutex.4268
-rw---   1 itisgrp  itis   0 May 27 18:52 ssl_mutex.8080
[EMAIL PROTECTED] logs]$ tail error.log
[Tue Nov 22 11:27:59 2005] [warn] pid file 
/usr/users/itisgrp/servers/able/logs/httpd.pid overwritten -- Unclean 
shutdown of previous Apache run?


I don't get any errors when trying to start up apache. The only apache that 
is currently running for able is 1.3.28 but user would like to have 1.3.28 
and 1.3.33 running simultaneously. Eventually will be moving from 1.3.28 to 
1.3.33.


What is strace and how do I run it??
Thanks again Joshua for your time
Kenny

At 11:22 AM 11/22/2005 -0500, you wrote:

On 11/22/05, Ken Murach <[EMAIL PROTECTED]> wrote:
> Hi everyone,
>
> My name is Ken Murach and I'm relatively new to the apache world. I'm a
> unix administrator and I was recently asked to install apache 1.3.33 on one
> of our servers. I was able to install/configure apache 1.3.33 successfully.
> However, the user itisgrp is unable to start apache 1.3.33 for either the
> able or fad account. However, I am able as root to start up apache 1.3.33
> for both able & fad and have 2 instances running simultaneously.
>
> Can't figure out why I can get this to work for root, but not as the
> non-root user itisgrp. I verified that able will be using port 10061 and
> fad will be using port 10055. I also verified that the script which calls
> the httpd binary for each uses the -f flag to specify different configs.
>
> I've also verified that the User directive for each config file specifies
> the itisgrp account and the Group directive specifies the itis group.

The User and Group directive will be ignored if you aren't root when
you start the server.

Do you get any error message when you start as non-root?  Are the log
directories writable by the non-root user?  Have you tried running
under strace (or equivalent) to catch failing syscalls?

Joshua.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional command

Re: [EMAIL PROTECTED] apache 1.3.33 multiple instances problem

2005-11-22 Thread Joshua Slive 
On 11/22/05, Ken Murach <[EMAIL PROTECTED]> wrote:
> Hi everyone,
>
> My name is Ken Murach and I'm relatively new to the apache world. I'm a
> unix administrator and I was recently asked to install apache 1.3.33 on one
> of our servers. I was able to install/configure apache 1.3.33 successfully.
> However, the user itisgrp is unable to start apache 1.3.33 for either the
> able or fad account. However, I am able as root to start up apache 1.3.33
> for both able & fad and have 2 instances running simultaneously.
>
> Can't figure out why I can get this to work for root, but not as the
> non-root user itisgrp. I verified that able will be using port 10061 and
> fad will be using port 10055. I also verified that the script which calls
> the httpd binary for each uses the -f flag to specify different configs.
>
> I've also verified that the User directive for each config file specifies
> the itisgrp account and the Group directive specifies the itis group.

The User and Group directive will be ignored if you aren't root when
you start the server.

Do you get any error message when you start as non-root?  Are the log
directories writable by the non-root user?  Have you tried running
under strace (or equivalent) to catch failing syscalls?

Joshua.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] apache 1.3.33 multiple instances problem

2005-11-22 Thread Ken Murach 

Hi everyone,

My name is Ken Murach and I'm relatively new to the apache world. I'm a 
unix administrator and I was recently asked to install apache 1.3.33 on one 
of our servers. I was able to install/configure apache 1.3.33 successfully. 
However, the user itisgrp is unable to start apache 1.3.33 for either the 
able or fad account. However, I am able as root to start up apache 1.3.33 
for both able & fad and have 2 instances running simultaneously.


Can't figure out why I can get this to work for root, but not as the 
non-root user itisgrp. I verified that able will be using port 10061 and 
fad will be using port 10055. I also verified that the script which calls 
the httpd binary for each uses the -f flag to specify different configs.


I've also verified that the User directive for each config file specifies 
the itisgrp account and the Group directive specifies the itis group.


Any help is greatly appreciated.
Thank you much
Sincerely
Ken Murach



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] What did I do wrong?

2005-11-22 Thread Boyle Owen 
> -Original Message-
> From: Oil Pine [mailto:[EMAIL PROTECTED]
> Sent: Dienstag, 22. November 2005 17:02
> To: httpd user group
> Subject: [EMAIL PROTECTED] What did I do wrong?
> 
> 
> I'd been running apache2 server on my fedora core 3 machine for some
> time. Since I set up two virtual servers, I've been getting the
> following error message. 
> 
> I did not mean to make the port SSL-enabled.

It's kinda hard to do this by accident... My guess is that your distro has a 
default SSL site on IP:443.

When exactly do you get this message? You would have to type 
http://www.yxxx.org:443/ into a browser to get it. Why would you want to look 
at a plain HTTP site on port 443?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> pine
> ---
> 
> Bad Request
> Your browser sent a request that this server could not understand.
> Reason: You're speaking plain HTTP to an SSL-enabled server port.
> Instead use the HTTPS scheme to access this URL, please.
> 
> 
> Hint: https://www.yxxx.org/
> 
> 
> __
> __
> Apache/2.0.53 (Fedora) Server at www.yxxx.org Port 443
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] What did I do wrong?

2005-11-22 Thread Josh Feather 

Did you enable mod_ssl...what command
did you use to configure apache?





"Oil Pine" <[EMAIL PROTECTED]>


11/22/2005 10:02 AM



Please respond to
users@httpd.apache.org






To
"httpd user group" 


cc



Subject
[EMAIL PROTECTED] What did I do wrong?








I'd been running apache2 server on my fedora core
3 machine for some
time. Since I set up two virtual servers, I've been getting the
following error message. 

I did not mean to make the port SSL-enabled.

pine
---

Bad Request
Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.


        Hint: https://www.yxxx.org/



Apache/2.0.53 (Fedora) Server at www.yxxx.org Port 443


-
The official User-To-User support forum of the Apache HTTP Server Project.
See  for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




 
The information contained in this e-mail and any accompanying documents may contain information that is confidential or otherwise protected from disclosure. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message, including any attachments. Any dissemination, distribution or other use of the contents of this message by anyone other than the intended recipient is strictly prohibited.

RE: [EMAIL PROTECTED] Problems with installing a precompiled tarball to separate directories

2005-11-22 Thread Axel-Stéphane SMORGRAV 
1. I would build and install httpd in the same root on all servers. If you 
install httpd under any other directory prefix, you will need to adjust the 
library path somehow, e.g. using LD_LIBRARY_PATH.

2. The web server configuration does not necessarily need to be below the httpd 
install root. You can very well install httpd under /usr/local/apache2 and have 
your Server Root in /var/www. You just need to make sure that apachectl starts 
httpd with the correct path to the configuration file, or not use apachectl to 
start the server but somehow write out the httpd command with correct arguments.

3. You can make a script that takes a template and a set of configuration 
properties as input, replaces symbolic properties in the template with values 
from the property file and thereby outputs a fully functional httpd.conf. There 
are very few configuration directives in httpd.conf that actually do require an 
absolute path, but there are a lot of addresses and other stuff that may change 
from one server to another. Such a strategy makes it easy to move your 
configuration around to different servers, change IP addresses, ports etc.

As an example, this is what one of my configuration files looks like:


### Section 1: Global Environment

ServerRoot "%%SERVER_ROOT%%"
ServerName %%SERVER_NAME%%:%%HTTP_PORT%%
PidFile %%SERVER_ROOT%%/logs/httpd.pid

AcceptMutex pthread
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15

User apache
Group apache

ServerAdmin %%ADMIN_MAIL%%
ErrorLog %%SERVER_LOGS%%/error_log
ScriptAlias /cgi-bin/ "%%SERVER_ROOT%%/cgi-bin/"

LoadModule info_module %%APACHE_ROOT%%/modules/mod_info.so
LoadModule cache_module %%APACHE_ROOT%%/modules/mod_cache.so
LoadModule disk_cache_module%%APACHE_ROOT%%/modules/mod_disk_cache.so
LoadModule expires_module   %%APACHE_ROOT%%/modules/mod_expires.so
LoadModule filter_module%%APACHE_ROOT%%/modules/mod_filter.so
LoadModule deflate_module   %%APACHE_ROOT%%/modules/mod_deflate.so

And this is an (partial) example of my property file:

#%%SERVER_ROOT%% = /u01/apache06
#%%SERVER_LOGS%% = /u01/apache06/logs
#%%APACHE_ROOT%% = /u01/opt/apache2
#%%MIME_TYPES%%  = /u01/opt/apache2/conf/mime.types
#%%SERVER_NAME%% = labelle16.dot.com.


-Original Message-
From: Per Weisteen [mailto:[EMAIL PROTECTED] 
Sent: Monday, November 21, 2005 10:58 AM
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] Problems with installing a precompiled tarball to 
separate directories

Hi

I need to be able to install Apache 1.3.34 to different directories on 
different servers (same OS and HW though) without having to build a separate 
version using different --PREFIX each time. I have tried to build with 
--PREFIX="" , then creating a tarball that is moved over to the target server 
and finally running make install -root=. This mechanism is documented in the INSTALL file for 1.3.34
but still doesn't seem to work. All files are copied to correct  but apachectl and httpd.conf doesn't contain correct paths. 
Any info would be most welcome.
--

Per Weisteen



Hydro IS Partner 

IS/IT Architect

Norsk Hydro ASA 

Email: [EMAIL PROTECTED] 
Get Firefox! 
NO-0240 Oslo, Norway

Phone:(+47) 2253 8227/Mobile:(+47) 9344 5312





-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] What did I do wrong?

2005-11-22 Thread Oil Pine 
I'd been running apache2 server on my fedora core 3 machine for some
time. Since I set up two virtual servers, I've been getting the
following error message. 

I did not mean to make the port SSL-enabled.

pine
---

Bad Request
Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.


Hint: https://www.yxxx.org/



Apache/2.0.53 (Fedora) Server at www.yxxx.org Port 443


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] mod_rewrite passing arguments in url

2005-11-22 Thread Joshua Slive 
On 11/22/05, Edu Miralles <[EMAIL PROTECTED]> wrote:
>
>
> I need to
> rewrite the url with the arguments between "-" onto a normal notation
> to php. As the log says, the rewriting it's ok but after applicate the
> rules, mod_rewrite splits the arguments, and at the end they are gone
>
>   In this group I have found similar problems, but their workaround has
> not worked
>
>   example:
>   titi-var1-value1-var2-value2 >
> http://myserver/~user/test/titi.php?var1=value1&var2=value2
>
> my .htaccess:
>
> RewriteEngine On
> RewriteRule ^(.*)(-.+)-([^-]+)-([^-&]*)([^-]*)\.html $1$2&$3=$4$5\.html
> [N]
> RewriteRule ^(.*)-([^-]+)-([^-]*)(.*)\.html
> http://myserver/~user/test/$1.php?$2=$3$4 [L, QSA]

The RewriteLog looks perfectly normal to me.  Are you sure that you
are correctly checking for the query string in your php script?  It
might help to, at least temporarily, add an "R" to your options to get
an external redirect so you can see what apache is really looking at.

Joshua.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] High cpu load on apache

2005-11-22 Thread Joshua Slive 
On 11/22/05, Kjell Grindalen <[EMAIL PROTECTED]> wrote:
> I am runninng apache-2.0.55 on a Solaris 9 SPARC server.
> I use the server a a frontend for my websphere 5.1 server
> My configure looks like this
>
> ./configure --prefix=/usr/local/apache_prod --with-mpm=prefork --enable-info
> --enable-so --enable-rewrite --enable-proxy --enable-static-rotatelogs

And what modules are dynamically loaded?

>
> My problem is that after a while, some requests makes one or sometimes more,
> of my httpd servers hit the roof cpu-wise.
> And it stays there til I kille the process.

> A truss on the process only gives what you can see down below.

Much more useful would be to attach to the process with a debugger to
see what it is really doing.  Some info is at:
http://httpd.apache.org/dev/debugging.html#backtrace

Joshua.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] About ab (or ab2) output

2005-11-22 Thread Daniel 
Hi to all!

I need help to understand the ab output. I tried a lot of associations
to the values but I always get an inconsistency :(

Below, is an example of output:

##
$ /usr/bin/time ab -n 1 -c 1 http://localhost/

This is ApacheBench, Version 2.0.41-dev <$Revision: 1.141 $> apache-2.0
Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Copyright (c) 1998-2002 The Apache Software Foundation, http://www.apache.org/

Benchmarking localhost (be patient).done


Server Software:Apache/1.3.33
Server Hostname:localhost
Server Port:80

Document Path:  /
Document Length:5258 bytes

Concurrency Level:  1
Time taken for tests:   0.1216 seconds
Complete requests:  1
Failed requests:0
Write errors:   0
Total transferred:  5539 bytes
HTML transferred:   5258 bytes
Requests per second:822.37 [#/sec] (mean)
Time per request:   1.216 [ms] (mean)
Time per request:   1.216 [ms] (mean, across all concurrent requests)
Transfer rate:  4111.84 [Kbytes/sec] received

Connection Times (ms)
  min  mean[+/-sd] median   max
Connect:00   0.0  0   0
Processing: 00   0.0  0   0
Waiting:00   0.0  0   0
Total:  00   0.0  0   0

0.01user 0.01system 0:00.01elapsed 166%CPU (0avgtext+0avgdata 0maxresident)k
0inputs+0outputs (479major+49minor)pagefaults 0swaps
##

I would like to understand the values "Time taken for tests", "Time
per request (mean)" and "Time per request (mean, across all concurrent
requests)".

1-) I did think that "Time taken for tests" was the runtime of ab, but
isn't (See the "time" output). What's the meaning of "Time taken for
tests"??

2-) What's the meaning of [ms]? It's miliseconds?

3-) What's the relation linking "Time per request" and "Time taken for
tests"? If I run the ab with 1 request and 1 concurrency level, these
values don't must to be equal?

4-) What's the relation linking "Time per request (mean)" and "Time
per request (mean, across all concurrent requests)"?

Thank you for atention,
Best regards,

Daniel Macêdo Batista
[EMAIL PROTECTED], http://www.ic.unicamp.br/~ra030022
Mestrando em Ciência da Computação pela Unicamp

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] High cpu load on apache

2005-11-22 Thread Kjell Grindalen 
Title: High cpu load on apache






Hi everyone!


I am runninng apache-2.0.55 on a Solaris 9 SPARC server.

I use the server a a frontend for my websphere 5.1 server

My configure looks like this


./configure --prefix=/usr/local/apache_prod --with-mpm=prefork --enable-info --enable-so --enable-rewrite --enable-proxy --enable-static-rotatelogs

My problem is that after a while, some requests makes one or sometimes more, of my httpd servers hit the roof cpu-wise.

And it stays there til I kille the process.


I have tried to apply the following patch, with no success


Øhttp://people.apache.org/~wrowe/httpd-2.0-proto-timeout.patch



A truss on the process only gives what you can see down below.



brk(0x005C2D98) = 0

brk(0x005C4D98) = 0

brk(0x005C4D98) = 0

brk(0x005C6D98) = 0

brk(0x005C6D98) = 0

brk(0x005C8D98) = 0

brk(0x005C8D98) = 0

brk(0x005CAD98) = 0

brk(0x005CAD98) = 0

brk(0x005CCD98) = 0

brk(0x005CCD98) = 0

brk(0x005CED98) = 0

brk(0x005CED98) = 0

brk(0x005D0D98) = 0

brk(0x005D0D98) = 0

brk(0x005D2D98) = 0

brk(0x005D2D98) = 0

brk(0x005D4D98) = 0

brk(0x005D4D98) = 0

brk(0x005D6D98) = 0

brk(0x005D6D98) = 0

brk(0x005D8D98) = 0

brk(0x005D8D98) = 0

brk(0x005DAD98) = 0

brk(0x005DAD98) = 0

brk(0x005DCD98) = 0

brk(0x005DCD98) = 0

brk(0x005DED98) = 0

brk(0x005DED98) = 0

brk(0x005E0D98) = 0

brk(0x005E0D98) = 0


Anyone have an idea what is wrong?



Mvh


Kjell Grindalen






This e-mail and any attachments may contain confidential and
privileged information. If you are not the intended recipient,
please notify the sender immediately by return e-mail, delete this
e-mail and destroy any copies. Any dissemination or use of this
information by a person other than the intended recipient is
unauthorized and may be illegal.

RE: [EMAIL PROTECTED] Proxy and Virtual Host

2005-11-22 Thread Flanakin Michael C Ctr HQ OSSG/OMR 
No, that's perfect. As long as outside requests come on port 80, I don't
care how internal ports are treated. The biggest thing was that I wasn't
sure if I could setup a proxy block within a virtual host block. Just
one question. Can I specify the domain address as opposed to the IP
address in the virtual host definition?


...


All of my traffic is coming to the same IP, so my assumption is that
having 3 or so virtual hosts with the same IP wouldn't work. If it will,
that'd be fine, tho. Also, would it be possible to have multiple domain
names proxied with one call (i.e. *.mysite.com)? This would save me time
when registering new subdomains and such.

Thanks for the help! I'll try this out when I get access to that
machine, again.

Michael


-Original Message-
From: Stuart Low [mailto:[EMAIL PROTECTED] 
Sent: Monday, November 21, 2005 9:54 PM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] Proxy and Virtual Host

Heya,

> www.mysite.com - IIS
> www.mysite.net - IIS
> svn.mysite.net - Apache
> Is this possible? I'm not very familiar with Httpd, but I have set it 
> up about half a dozen times for Subversion. Thanks in advance for any 
> help!

Yes it's possible. What you need to do is forward the incoming port 80
request to Apache. Then setup a mod_proxy setup for the virtualhosts you
require (ala mysite.com & svn.mysite.net). Provided local DNS resolution
is setup correctly the Apache server will do a lookup, resolve to the
local LAN address and proxy traffic to/from.

Something like:


ServerName www.mysite.com
ProxyRequests Off


Order deny,allow
Allow from all


ProxyPass / http://www.mysite.com:81/
ProxyPassReverse / http://www.mysite.com:81/



Where 123.123.123.123 is the address your inbound port 80 traffic is
going to. Port 81 is your IIS server (could put Apache on 81 and prrroxy
from 81 -> 80 if you feel like it).

Stuart


-
The official User-To-User support forum of the Apache HTTP Server
Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] mod_rewrite passing arguments in url

2005-11-22 Thread Edu Miralles 



I need to
rewrite the url with the arguments between "-" onto a normal notation
to php. As the log says, the rewriting it's ok but after applicate the
rules, mod_rewrite splits the arguments, and at the end they are gone

 In this group I have found similar problems, but their workaround has
not worked

 example:
 titi-var1-value1-var2-value2 >
http://myserver/~user/test/titi.php?var1=value1&var2=value2

my .htaccess:

RewriteEngine On
RewriteRule ^(.*)(-.+)-([^-]+)-([^-&]*)([^-]*)\.html $1$2&$3=$4$5\.html
[N]
RewriteRule ^(.*)-([^-]+)-([^-]*)(.*)\.html
http://myserver/~user/test/$1.php?$2=$3$4 [L, QSA]

 rewrite.log:

86f9a8c/initial] (2) [per-dir /home/user/www/test/] rewrite
titi-var1-val1.html -> http://myserver/~user/test/titi.php?var1=val1
84.97.183.87 - - [22/Nov/2005:00:48:25 +0100]
[myserver/sid#858445c][rid#86f9a8c/initial] (3) split
uri=http://myserver/~user/test/titi.php?var1=val1 ->
uri=http://server/~user/test/titi.php, args=var1=val1
84.97.183.87 - - [22/Nov/2005:00:48:25 +0100]
[myserver/sid#858445c][rid#86f9a8c/initial] (3) reduce
http://myserver/~user/test/titi.php -> /~user/test/titi.php
84.97.183.87 - - [22/Nov/2005:00:48:25 +0100]
[myserver/sid#858445c][rid#86f9a8c/initial] (1) [per-dir
/home/user/www/test/] internal redirect with /~user/test/titi.php
[INTERNAL REDIRECT]

  and my acces.log

84.97.183.87.rev.net - - [22/Nov/2005:01:36:41 +0100] "GET
/~user/test/titi-var1-val1.html HTTP/1.1" 200 174 "-" "Mozilla/5.0
(X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Firefox/1.0.7
(Debian package 1.0.7-1)"

 Really I can not figure out the reason of this bizarre way of
working,
 thanks in advance,
 Eduard

_
Charla con tus amigos en línea mediante MSN Messenger: 
http://messenger.latam.msn.com/



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Re: Migrating from IIS to Apache - how to keep the SSL certificate?

2005-11-22 Thread Joost de Heer 
[EMAIL PROTECTED] wrote:
> Hi,
>
> We are considering a migration from IIS to apache2 on a win2k server. I
> got mod_ssl up and running with a self-signed sertificate but I hit the
> wall when I tried to reuse our existing certificate signed from a CA.

First export the IIS certificate:

- Go to the IIS manager, go to the website with the certificate and cloose
'properties'
- Go to the tab 'Directory security'
- Click on 'View certificate' in the 'secure communications' section
- Click in the new screen on the tab 'details'
- Click on 'Export to file...'
- Select 'Yes, export the private key'
- Select only the option 'enable strong protection', and enter a password
- Give a filename
- Click on 'finish'.

Now you have a p12 certificate. Copy this certificate to your Apache machine

To get the key:
openssl pkcs12 -nocerts -in [.pfx] -out certificate.key

This asks for three passwords: first one is the export password used in
the previous step, and the second/third are the private key passwords. You
can later remove the private key password with

mv certificate.key certificate.key.encrypted
openssl rsa -in certificate.key.encrypted -out certificate.key

And to generate the cer:
openssl pkcs12 -nokeys -in [.pfx] -out certificate.cer

This is probably not the fastest way, but this is the documentation I made
for my colleagues.

Joost


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]