Apologies for cross-posting to both mailing lists, but since I got
replies via both ways I feel this is the easiest way to sync them.
On 2013-02-26 10:21, kristian.fiskerstr...@sumptuouscapital.com wrote:
I would indeed like to get more feedback on the pools. My first
question is whether you
Hi Phil,
If someone has a current good example of Apache config for this, we
should add that too.
this is how my apache proxies requests to sks:
VirtualHost MY-KEYSERVER-IP:11371
ServerName MY-KEYSERVER-HOSTNAME
ServerAlias pool.sks-keyservers.net
ServerAlias
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 02/27/2013 09:08 PM, Stephan Seitz wrote:
Hi Phil,
If someone has a current good example of Apache config for this,
we should add that too.
Hi Stephan,
Are the ServerAliases strictly necessary for a port binding to 11371?
Presumably
On 02/27/2013 12:36 PM, Kristian Fiskerstrand wrote:
Are the ServerAliases strictly necessary for a port binding to 11371?
Presumably you're not using canonical names to determine the service.
If the aliases really are necessary, keep in mind that some pools are
using a CNAME to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 02/26/2013 11:17 PM, Phil Pennock wrote:
On 2013-02-26 at 11:16 +0100, Niels Laukens wrote:
I'm having trouble getting keys of the pools on
sks-keyservers.net. I've just retried with the suggested
debug-option with following result:
Okay,
On 2013-02-27 at 21:08 +0100, Stephan Seitz wrote:
this is how my apache proxies requests to sks:
I see that the Server: header from SKS is being preserved in your setup;
is the Via header also automatically derived? Did you want to put in
anything just to say Apache?
I've put this into the
Phil Pennock wrote:
If someone has a current good example of Apache config for this, we
should add that too.
Using this on both servers, ports 80 11371
VirtualHost *:11371
ServerName keyserver.example.net
ServerAlias pool.sks-keyservers.net *.pool.sks-keyservers.net
On 2013-02-27 at 10:57 +0100, Niels Laukens wrote:
Apologies for cross-posting to both mailing lists, but since I got
replies via both ways I feel this is the easiest way to sync them.
Current status: Kristian and I have debugged and he found the core
issue. If I load down my server, we can