Re: [users@httpd] Change TMP dir

2016-05-23 Thread Paolo Giammarco
I configured apache as a reverse proxy, and when I do an upload it writes in the /tmp directory but is too small. *Rispetta l'ambiente. Non stampare questa mail se non è necessario.* 2016-05-23 22:29 GMT+02:00 Nick Kew : > On Mon, 23 May 2016 15:28:29 +0200 > Paolo

Re: [users@httpd] TLS 1.1 and 1.2 and SNI support

2016-05-23 Thread Igor Cicimov
On 24 May 2016 12:28 am, "linux.il" wrote: > > > > On Mon, May 23, 2016 at 5:16 PM, Eric Covener wrote: >> >> > For some reason if I add "-TLSv1" to SSLProtocol directive in my default >> > SSL vhost, SNI isn't working anymore: >> > >> > "SSLProtocol

Re: [users@httpd] Change TMP dir

2016-05-23 Thread Nick Kew
On Mon, 23 May 2016 15:28:29 +0200 Paolo Giammarco wrote: > Hello to all. > Should I change the default temporary directory (/tmp) using apache > but I can not. In what context is /tmp being used? If it's something like CGI, they don't get the server's environment,

Re: [users@httpd] TLS 1.1 and 1.2 and SNI support

2016-05-23 Thread linux.il
On Mon, May 23, 2016 at 5:31 PM, Eric Covener wrote: > On Mon, May 23, 2016 at 10:27 AM, linux.il wrote: > > I'm using the same "curl" and "wget" for testing. As far as I disable > TLS > > v1.0, I get "curl: (35) SSL connect error" and > > "ERROR:

Re: [users@httpd] TLS 1.1 and 1.2 and SNI support

2016-05-23 Thread Eric Covener
On Mon, May 23, 2016 at 10:27 AM, linux.il wrote: > I'm using the same "curl" and "wget" for testing. As far as I disable TLS > v1.0, I get "curl: (35) SSL connect error" and > "ERROR: certificate common name “mydefault-ssl-vhost-name” doesn’t match > requested host name

Re: [users@httpd] TLS 1.1 and 1.2 and SNI support

2016-05-23 Thread linux.il
On Mon, May 23, 2016 at 5:16 PM, Eric Covener wrote: > > For some reason if I add "-TLSv1" to SSLProtocol directive in my default > > SSL vhost, SNI isn't working anymore: > > > > "SSLProtocol All -SSLv2 -SSLv3 -TLSv1" > > > > What protocol is used? Does the

Re: [users@httpd] TLS 1.1 and 1.2 and SNI support

2016-05-23 Thread Eric Covener
> For some reason if I add "-TLSv1" to SSLProtocol directive in my default > SSL vhost, SNI isn't working anymore: > > "SSLProtocol All -SSLv2 -SSLv3 -TLSv1" > What protocol is used? Does the client send the SNI extension?

Re: [users@httpd] TLS 1.1 and 1.2 and SNI support

2016-05-23 Thread linux.il
On Mon, May 23, 2016 at 4:39 PM, Eric Covener wrote: > On Mon, May 23, 2016 at 9:36 AM, linux.il wrote: > > As far as I see from my experiments (Apache 2.4.6 on RHEL7) and users > > reports, SNI needs TLS 1.0 and doesn't work with TLS1.1/1.2. > > This

Re: [users@httpd] TLS 1.1 and 1.2 and SNI support

2016-05-23 Thread Eric Covener
On Mon, May 23, 2016 at 9:36 AM, linux.il wrote: > As far as I see from my experiments (Apache 2.4.6 on RHEL7) and users > reports, SNI needs TLS 1.0 and doesn't work with TLS1.1/1.2. > This behavior seems me really weird; unfortunately I couldn't find any > explanation for

[users@httpd] TLS 1.1 and 1.2 and SNI support

2016-05-23 Thread linux.il
As far as I see from my experiments (Apache 2.4.6 on RHEL7) and users reports, SNI needs TLS 1.0 and doesn't work with TLS1.1/1.2. This behavior seems me really weird; unfortunately I couldn't find any explanation for it. My question is: did I miss something? Is there any way to use SNI w/o

[users@httpd] Change TMP dir

2016-05-23 Thread Paolo Giammarco
Hello to all. Should I change the default temporary directory (/tmp) using apache but I can not. I tried to edit the file /etc/apache2/envvars adding: export TMPDIR=/newtmp export TMP=/newtmp but no, I modified /etc/init.d/apache2 adding: ENV = "$ENV TMPDIR=/newtmp TMP=/newtmp" still nothing.

Re: [users@httpd] mod_proxy and DNS resolving

2016-05-23 Thread Luca Toscano
Hi Matthias, I replied to the comment that you pointed out with Jim's answer and I updated the trunk documentation with a note about DNS resolution: http://httpd.apache.org/docs/trunk/mod/mod_proxy.html#workers HTML diff only: