Re: [users@httpd] Multi site SSL problems
On Thu, May 9, 2024 at 6:54 PM Chris me wrote: > Hi, I am having an issue trying to get multiple sites with their own SSL > cert. I purchased AlphaSSL certs for them. > > The strange thing, the first cert works, the second gives me an > ERR_SSL_PROTOCOL_ERROR, but only on some systems. > > > > This is what I am using now: > > > > ( > > Site1 is fine, Site2 gives me the error. > > > > I originally tried with NameVirtualHost *.443 > > And then > > But when I go to site2, it complains that the cert is invalid because it > is using the cert from site1? > > ) > > > > > > > > NameVirtualHost 192.99.9.188:443 > > > > > > ServerName www.site1.com > > ServerAdmin webmas...@site1.com > > DocumentRoot /home/httpd/sites/site1 > > > > > > Order allow,deny > > Allow from all > > > > > > SSLEngine on > > SSLProtocol all -SSLv2 -SSLv3 > > SSLCertificateFile/etc/ssl/site1.ca/server.crt > > SSLCertificateKeyFile /etc/ssl/site1.ca/server.key > > SSLCertificateChainFile /etc/ssl/site1.ca/bundle.crt > > > > > > > > ServerName www.site2.com > > ServerAdmin webmas...@site2.com > > DocumentRoot /home/httpd/sites/site2 > > > > > > Order allow,deny > > Allow from all > > > > > > SSLEngine on > > SSLProtocol all -SSLv2 -SSLv3 > > SSLCertificateFile/etc/ssl/site2.ca/server.crt > > SSLCertificateKeyFile /etc/ssl/site2.ca/server.key > > SSLCertificateChainFile /etc/ssl/site2.ca/bundle.crt > > > > > So many red flags here: - Always use *:PORT when defining a vhost, unless you know exactly what you are doing - Set the ServerName directive in every single vhost - Do not use the 2.2 authz directives (Allow/Deny/Order) and use Require instead - Unload the mod_access_compat module when apachectl configtest passes Lastly, show the output from apachectl -S when the fixes are applied
[users@httpd] Multi site SSL problems
Hi, I am having an issue trying to get multiple sites with their own SSL cert. I purchased AlphaSSL certs for them. The strange thing, the first cert works, the second gives me an ERR_SSL_PROTOCOL_ERROR, but only on some systems. This is what I am using now: ( Site1 is fine, Site2 gives me the error. I originally tried with NameVirtualHost *.443 And then But when I go to site2, it complains that the cert is invalid because it is using the cert from site1? ) NameVirtualHost 192.99.9.188:443 ServerName www.site1.com ServerAdmin webmas...@site1.com DocumentRoot /home/httpd/sites/site1 Order allow,deny Allow from all SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCertificateFile/etc/ssl/site1.ca/server.crt SSLCertificateKeyFile /etc/ssl/site1.ca/server.key SSLCertificateChainFile /etc/ssl/site1.ca/bundle.crt ServerName www.site2.com ServerAdmin webmas...@site2.com DocumentRoot /home/httpd/sites/site2 Order allow,deny Allow from all SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCertificateFile/etc/ssl/site2.ca/server.crt SSLCertificateKeyFile /etc/ssl/site2.ca/server.key SSLCertificateChainFile /etc/ssl/site2.ca/bundle.crt
[users@httpd] Re: How to Perform stateless restarts with checkpointing enabled
Please ignore this thread, I wanted to post this to a different Apache mailing list. Apologies. On Thu, May 9, 2024 at 2:49 PM Kartikey Pant wrote: > We have a source/sink mechanism which uses checkpoints for persistence and > can operate in a minor data loss scenario. Is there a method to use > checkpoints (to enable use of those source/sink operators) while disabling > stateful recovery during restarts? > > Our setup uses Flink 1.16.1 alongside Flink Kubernetes Operator 1.5.0. We > are also using stateless upgrades with the operator but while the job is > restarting, it's still restoring from the last stable checkpoint. Is there > any option in Flink or Flink Kubernetes Operator which could help us in > this? >
[users@httpd] How to Perform stateless restarts with checkpointing enabled
We have a source/sink mechanism which uses checkpoints for persistence and can operate in a minor data loss scenario. Is there a method to use checkpoints (to enable use of those source/sink operators) while disabling stateful recovery during restarts? Our setup uses Flink 1.16.1 alongside Flink Kubernetes Operator 1.5.0. We are also using stateless upgrades with the operator but while the job is restarting, it's still restoring from the last stable checkpoint. Is there any option in Flink or Flink Kubernetes Operator which could help us in this?
