On Wed, Oct 6, 2021 at 8:58 PM Konstantin Kolinko
wrote:
> ср, 6 окт. 2021 г. в 13:10, Martin Knoblauch :
> >
> > Hi,
> >
> > sorry for asking this likely stupid question. This is with Apache HTTPD
> 2.4.48.
> >
> > I want to change the value of the X
DENY, one with
SAMEORIGIN. And falls back to DENY :-(
When I add an unset before the set, it works
Header unset X-Frame-Options
Header always set X-Frame-Options SAMEORIGIN
Is my understanding of the mod_header documentation wrong, or do I miss
somethiong subtle?
Che
E_ARGUMENTS}\)/exec \1/'
/usr/sbin/apache2ctl` )
Might it be a sensible change in the apachectl to always call the binary with
"exec" (at least on the systems where exec exists)
Thanks
Best
Martin
----
Dr. Martin K
.g. if
TLS 1.0 and TLS 1.2 are both enabled, make sure to also leave TLS 1.1
enabled.
Apparently this changed from 1.0.2 and I can no longer have TLSv1.0 without
also enabling TLSv1.1. Time to beat up the old clients harder.
Sorry for the noise
Martin
On Wed, Oct 21, 2020 at 11:37 PM Martin Knobla
ols:
SSLv2 disabled
SSLv3 disabled
TLSv1.0 enabled
TLSv1.1 enabled
TLSv1.2 enabled
TLSv1.3 enabled
which is not what I want. So, any ideas? Am I doing something wrong?
Cheers
Martin
--
------
Martin Knoblauch
email: k n o b i AT knobisoft
orts no regular expressions. However, with wildcards,
which does work in a sudoers file, you can construct almost any command you may
need. It will not look pretty, but it will work.
Use the Cmnd_Alias, avoid Asterisk!
--
Martin
signature.asc
Description: OpenPGP digital signature
Hi Bernd,
very short answer to 1.:
Yes, you want to write data there. Hence you need rite privileges. Make sure,
privileges of www-data are restricted to that directory, you will be fine.
Off topic about 2.:
Consider using ownCloud, because it has .deb repo, you can get updates if you
want to.
ged to do "the right thing", or we
could tell the Tomcat CookieProcessor to set the attribute to "None".
Unfortunately not possible. See above.
Now my question is, is there a trick to do that with "httpd" or a module?
Chec
is meant to provide
> whatever limits it considers appropriate.
>
>
Thanks for clarifying that.
> I wonder if httpd/mod_jk is trying cache the entire request body before
> forwarding. How is the request sent? With chunked-encoding or with a
> content-
20GB, but it did not help.
Any advice is highly welcome. Just not
- Don't use HTTP for uploading large files. It is the mechanism the
application offers
- Don't allow upload of large files. Unfortunately it is a valid use-case.
Thanks in advance
Martin
--
---
On Thu, Feb 27, 2020 at 8:52 AM Martin Grigorov
wrote:
> Hi,
>
> On Thu, Feb 27, 2020 at 3:41 AM Kumar Tadkala
> wrote:
>
>> Hi there
>>
>> Whenever we do load test, our Apache is going down
>>
>> How can we understand, what causing this.
>>
&
Hi,
On Thu, Feb 27, 2020 at 3:41 AM Kumar Tadkala
wrote:
> Hi there
>
> Whenever we do load test, our Apache is going down
>
> How can we understand, what causing this.
>
Did you check the log files ?
Maybe the Java process fails with OutOfMemoryError ?!
>
>
> Thank you
>
> Kumar
>
Ok, thanks for replies!
regards,
Martin
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
.com/doc.pdf URL is
accessed.
While this seems to work fine, then is this the correct/optimal way to
accomplish this?
I'm using Apache version 2.4.38 on Debian 10.
thanks,
Martin
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
e wildcard certificates for *server.on.my.domain; what I
> would like is to have the second server responding to TLS 1.3 only -
> however, it seems that the configuration of the first virtual host prevails!
>
> Is it possible to do what I am looking for? if yes, what am I doing wrong?
>
> Marian Ion
Martin
signature.asc
Description: OpenPGP digital signature
s long
indents are made with space characters.
Problem is, when indentation is done with a tab, the following expression never
matches.
Is this behavior plausible and/or wanted in any way?
Thanks, Martin
signature.asc
Description: OpenPGP digital signature
Hi,
please ignore. There was another component (corosync) that I did not
consider. When all tomcats are down, that ends up in a 503 which confused
the HA software ...
Happy Weekend
Martin
On Fri, Aug 17, 2018 at 12:15 PM Martin Knoblauch
wrote:
> Hi,
>
> we have Apache-2.4.33 as a
/apache2/conf/httpd.conf'
[Fri Aug 17 11:39:27.106795 2018] [mpm_worker:notice] [pid 2312:tid
139990203332352] AH00295: caught SIGTERM, shutting down
Is there anything known along this lines?
Thanks
Martin
--
--
Martin Knoblauch
email: k n o b i
Hi John,
care to share pointers to those comparisons? Curious myself ...
Thanks
Martin
On Mon, Jul 2, 2018 at 7:24 PM, Rose, John B wrote:
> Have been comparing Apache load balancing with some other possibilities
>
> As expected can do just about anything you want wi
riteCond "%{HTTP_COOKIE}" "(.*)"
RewriteRule ^/xxx/facelets/logon.xhtml$ - [E=login_jsid:%1]
Clearly, the logging is now much better than with the "forensic" stuff. Now
to the main task :-)
Cheers
Martin
On Thu, Mar 22, 2018 at 8:28 PM, Rainer Jung <rainer.j
Hi Rainer,
unfortunately mod_log_debug seems to work only on directory scope, not on
virtual host. And I considered the mod_rewrite thingy, but feared it to be
to expensive.
In the meantime I found "mod_log_forensic". Ugly, I do not know the cost,
but it works for my purpose.
Tha
see how it helps me in this
case.
Thanks
Martin
On Thu, Mar 22, 2018 at 5:50 PM, Eric Covener <cove...@gmail.com> wrote:
> On Thu, Mar 22, 2018 at 12:50 PM, Eric Covener <cove...@gmail.com> wrote:
> > have you looked at mod_log_debug?
> >
> >> Se
; xxxlogheader env=login_get
So I would actually expect the content of the Cookie being printed twice
when doing no additional processing. Instead I get:
"GET /xxx/facelets/logon.xhtml '%{HTTP_COOKIE}e' 'JSESSIONID=y;
/xxx_textLocale=en/US'"
Which indicates tha
Hi Stefan,
thanks. I think that will fly very well with my organisation, as OpenSSL
will release their next security update also soon.
Cheers
Martin
PS: dont't spell the word disaster in vain. It might listen :-)
On Thu, Mar 22, 2018 at 11:08 AM, Stefan Eissing <
stefan.eiss...@greenbytes
Hi,
sorry for the non-technical question. Is there already a date for the next
official release post 2.4.29? I see internally version 2.4.33, but that
does not seem to be official/public. I would like to have the information
for plannig purposes (big, paranoid IT organisation :-(
TIA
Martin
Hi Luca,
On Fri, Aug 18, 2017 at 9:01 AM, Luca Toscano <toscano.l...@gmail.com>
wrote:
> Hi Martin,
>
> 2017-08-17 17:40 GMT+02:00 Martin Knoblauch <kn...@knobisoft.de>:
>
>> Hi,
>>
>> this is for httpd-2.4.26 with the mpm_worker_module. I have
configuration and I ever want to increase
MaxRequestWorkers above 400 my understanding is that I need to either
increase ServerLimit or ThreadsPerChild (or adjust both). Which should I
touch first (why :-)?
Thanks a lot in advance
Martin
--
--
Martin
page :-) All good now.
Thanks
Martin
On Mon, Jun 26, 2017 at 11:21 AM, Nick Kew <n...@apache.org> wrote:
> On Mon, 2017-06-26 at 10:55 +0200, Martin Knoblauch wrote:
>
>
> > So my question now is - was the removal of expat from apr-util
> > intentional? I see n
; is needed.
Cheers
Martin
On Fri, Jun 23, 2017 at 7:16 PM, William A Rowe Jr <wr...@rowe-clan.net>
wrote:
> On Fri, Jun 23, 2017 at 11:22 AM, Eric Covener <cove...@gmail.com> wrote:
> > On Fri, Jun 23, 2017 at 10:55 AM, Martin Knoblauch <kn...@knobisoft.de>
> wrote:
build
process.
So my question now is - was the removal of expat from apr-util
intentional? I see no mentioning in the release notes.
Thanks
Martin
On Fri, Jun 23, 2017 at 6:22 PM, Eric Covener <cove...@gmail.com> wrote:
> On Fri, Jun 23, 2017 at 10:55 AM, Martin Knoblauch <kn...@
ound this?
Thanks in advance
Martin
--
------
Martin Knoblauch
email: k n o b i AT knobisoft DOT de
www: http://www.knobisoft.de
Dear all,
I am using Apache/2.4.10 (Debian). Following the Apache documentation, I am
trying to configure my server using DirectoryMatch. I get the expected behavior
concerning the directories I want to handle (only user whose name is the same
as the directory name can access to the
Dear all,
I am using Apache/2.4.10 (Debian). Following the Apache documentation, I am
trying to configure my server using DirectoryMatch. I get the expected behavior
concerning the directories I want to handle (only user whose name is the same
as the directory name can access to the
OK, thanks for the clarification.
Martin
On 15.07.16 14:46, Marat Khalili wrote:
> According to RFC 2616
> <https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html>:
>>Note: This use of a prefix matching rule does not imply that
>>language tags a
as "de, de-DE, de-CH, de-AT" for German? Or is there at way to specify
"match this language with any language subtags"? My naive approach
"de-*" did not work.
Or is it a bug in the HTTP client (in my case: Android WebView) if it
Hallo zusammen,
Was ist mit mod_file_cache/mod_mem_cache etc? Hast du die noch aktiv?
Best regards / Mit freundlichen Grüßen
Martin Allert
--
Martin Allert
Senior Automation Expert
arago Institut für komplexes Datenmanagement AG
Eschersheimer Landstraße 526 - 532
60433 Frankfurt am Main
wunderbar.
Ich hoffe wirklich, dass mir jemand weiterhelfen kann, weil dieses Problem
treibt mich seit Tagen in den Wahnsinn.
Vielen Dank,
Martin
-
To unsubscribe, e-mail: users-de-unsubscr...@httpd.apache.org
For additional commands, e
Hi Apache users, devs,
I have recently switched an infra from straight logging to files to
piped logs (using compresslog to compress the logs before they are
written out -- http://repo.or.cz/w/compresslog.git/ ).
Turns out there is a gotcha.
When logging to files, it is harmless to have
[ Using piped logs with gzip is rather painful. Here is what I came up
with to improve the user experience. Getting the scripts right so
that no data was lost in normal operation is non-trivial, so I thought
I'd share. ]
=compresslog README=
Save a ton of disk IO (or SAN traffic) in your
Just put allow from all to the bottom of configuration. You have order deny,
allow so your config should look same :-)
mh
Sent from my iPhone
On 27.4.2013, at 16:07, Angela Barone ang...@italian-getaways.com wrote:
Hello,
I hope I'm in the right place for this question. I'm trying to
On Sun, Mar 3, 2013 at 2:46 AM, Igor Cicimov icici...@gmail.com wrote:
On 03/03/2013 3:34 PM, James Martin james.s.mar...@gmail.com wrote:
Folks,
I'm attempting to using multiple LimitExcept directives in one
Location. Basically I want to give a the Actor ldap group GET
PUTT access
On Sun, Mar 3, 2013 at 4:08 PM, Igor Cicimov icici...@gmail.com wrote:
On 04/03/2013 3:36 AM, James Martin james.s.mar...@gmail.com wrote:
On Sun, Mar 3, 2013 at 2:46 AM, Igor Cicimov icici...@gmail.com wrote:
On 03/03/2013 3:34 PM, James Martin james.s.mar...@gmail.com wrote:
Folks
Folks,
I'm attempting to using multiple LimitExcept directives in one
Location. Basically I want to give a the Actor ldap group GET
PUTT access, the WeatherMan ldap group only GET access, and the
Actor ldap group PUT access. I'm open to using either apache 2.2 or
2.4, as I see that apache 2.4
://ckcftpa2/cmdbnew/assetdetail.php?srv=$1cust=$2 [R,L]
If you have any L rule preceeding it, then it may be overwriting it.
Can you try putting the rule i gave you above , and see what the rewrite logs
say.
On Sat, Dec 29, 2012 at 10:02 AM, Martin, Stanley G
stanley.mar
I have been banging my head against the wall on this and when I think I finally
have it, it doesn't work. I've been able to get some basic stuff to work like:
Setting DirectoryIndex
And doing a simple redirect.
But, what I really want to do is make the URI cleaner so that the users don't
see
And redirects them to the first one.
Head getting flatter.
Thanks for the quick first response.
___
[cid:image001.gif@01CDE54B.3B6A1BD0]Stanley Martin
System Administrator | IM DCS US Wintel Server Team | Outsourcing Services
} (.+)
RewriteRule ^.*$ - [E=REMOTE_USER:$1]
Tried some variations, but it does not :-(
Could someone help me out with this?
Thanks, Martin
- --
Martin Drescher
GnuPG Key Fingerprint, KeyID '4FBE451A':
'2237 1E95 8E50 E825 9FE8 AEE1 6FF4 1E34 4FBE 451A'
-BEGIN PGP SIGNATURE-
Version: GnuPG
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/11/12 14:35, Mark Montague wrote:
On November 5, 2012 6:32 , Martin Drescher dresc...@snafu.de
wrote:
I would like to set the REMOTE_USER environment to the value of
%{HTTP_SSL_CLIENT_S_DN_CN}. After reading the fine manual e few
time I
mod_rewite:
[...]
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-SSL_CLIENT_S_DN_CN} (.*)
RewriteRule ^.*$ - [E=REMOTE_USER:%1]
[...]
Caution: The backend server trusts the reverse proxy requests fully!
Sanitize your headers carefully there.
Martin
- --
Martin Drescher
GnuPG Key
Hi after first look, configuration of apache looks fine. Please try to view
source code of https://proxyserver.domain2.com/citrix/xenapp. Somewhere
should be link, which is relative (like href=./citrix/...) or absolute
(like href=https://proxyserver.domain2.com/citrix/...;). I expect, it is
.
then we go 4,5,6 exatcly as if we do not have any Apache reverse proxy!
Client goes directly to Citrix gateway using ICA\SSL protocol. This is the
main problem: Why Apache does not proxy ICA\SSL?
07.10.2012, 20:43, Martin Hasicek martin.hasi...@gmail.com:
Hi after first look, configuration
or I can't
see it)
Regards,
Martin
64
MaxConnectionsPerChild 10240
AsyncRequestWorkerFactor 2
Just in case you still have this issue, we've switched to 2.4.3 after
seeing a few bug reports that could be related, and since then I
haven't seen this again.
Regards,
Martin
Hello Sam,
We're having the same exact issue.
Did you found the solution?
Cheers,
Martin
On Sun, Aug 19, 2012 at 8:25 AM, Sam lenn...@chello.at wrote:
I upgraded to Apache 2.4 and use mod_event on a server
having average high load.
My issue is that I am getting pretty much often the error
Flag auf Expired steht.
Mir fallen da gerade noch zwei Varianten ein, aber erst mal genug. :)
Viele Grüße,
--
Martin Allert
arago Institut für komplexes Datenmanagement AG
Eschersheimer Landstraße 526 - 532
60433 Frankfurt am Main
eMail: all...@arago.de - www: http
Hallo Harald, liebe Liste,
Wir haben WÖCHENTLICH externe Security-Audits eines Großkunden
und da heisst es bei dieser Config Massnahmen erforderlich oder
Websites gehen vom Netz
Ok, wird Gründe haben.
Ich fand ja, das meine config ganz gut tut ... aber bei diesem Thema
bin ich leider
ReverseProxies mit
mod_rewrite nicht lösen konnte. Da wird eine einfache URL Umleitung von
bestimmten Bestandteilen kein Problem darstellen.
Viele Grüße,
--
Martin Allert
arago Institut für komplexes Datenmanagement AG
Eschersheimer Landstraße 526 - 532
60433 Frankfurt am
eine Negation, deine Regel sagte also:
- alles was nicht mit foo-corner.de angesprochen wird
- umleiten auf www.myname.de/logos-foo
Wolltest Du das ursprünglich?
Viele Grüße
--
Martin Allert
arago Institut für komplexes Datenmanagement AG
Eschersheimer Landstraße 526 - 532
$ [OR]
RewriteCond %{REQUEST_URI} !^\.css$
RewriteRule ^(.*)$ http://www.WebserverB.com%1 [R,L]
Bei massiven Umleitungslisten empfiehlt sich die Verwendung von RewriteMaps.
Falls Du hier Hilfe brauchst, einfach melden. :)
Viel Erfolg!
--
Martin Allert
arago Institut für komplexes Datenmanagement AG
Hallo,
Satisfy reicht nicht. Betrachte bitte bei der bereits genannten URL auch ein
AllowOverride AuthConfig. Satisfy und AllowOverride spielen hier leider
hässlich miteinander. Ich habe bei sowas schon Stunden verbracht. :)
Viele Grüße,
--
Martin Allert
arago Institut für komplexes
Das ist ja zum Kotzen, die ganzen Zeilenumbrüche bei den RewriteRules sind ja
weg! Also beim Kutte Paste aufpassen!
--
Martin Allert
arago Institut für komplexes Datenmanagement AG
Eschersheimer Landstraße 526 - 532
60433 Frankfurt am Main
eMail: all...@arago.de
Hi,
try to use envvars to set Env ... Not sure, if this is what you want, but
let's start somewhere :-)
mh
On Fri, Apr 6, 2012 at 8:40 PM, congo thomas apa...@thva.dk wrote:
Friends,
Please, if this is obvious and thats why no one responded, please hint me.
I am thinking that
Hi,
maybe you can pipe out the output of log file to some script
CustomLog |bin/doAcctionAfterDirectoryAccess common
of course, you can customized logfile output (check CustomLog directive)
and you can set action only for specific directory (check Directory and
CustomLog directive).
Hope this
Hi,
I think, this part of documentation should be useful
http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
mh
On Tue, Mar 27, 2012 at 1:11 PM, Cristian Senchiu cri_...@yahoo.com wrote:
Hi there,
I hope that someone knows the answer to this.
I'm in a LAN that's behind a squid proxy. Any
Hi,
search for ScoreBoardFile directive in your configuration. When you will
find it, please remove this file from your disk. After removal, apache will
recreate this file again. Also please ensure, that apache runtime user has
full access to this file.
mh
On Wed, Mar 21, 2012 at 4:47 PM,
:
Hi, Martin,
Thanks a lot for the response. But it does not work :-(
T
On Wed, Mar 21, 2012 at 1:01 AM, Martin Hasicek
martin.hasi...@gmail.comwrote:
Hi,
search for ScoreBoardFile directive in your configuration. When you will
find it, please remove this file from your disk. After
Hi,
you can check if you use prelink feature. In such case, LD_LIBRARY_PATH is
overwriten by LD_PRELOAD or prelink.
mh
On Mon, Mar 19, 2012 at 1:55 PM, Lenin lenin@gmail.com wrote:
I tried the directive LoadFile, but with no luck.
Igor Cicimov icici...@gmail.com 於 2012年3月19日上午9:35 ��道:
Hi,
Was sagt denn ein ldd moduldatei?
Viele Grüße,
Martin Allert
(Mobil)
Am 15.03.2012 um 14:30 schrieb Michael Renner michael.ren...@gmx.de:
Moin,
ich habe hier ein Binärmodul das einen Apache mit libmath voraussetzt. Den
Apache will/kann/darf ich nicht neu bauen. Ich frage mich
. SSLRequire %{SSL_CLIENT_S_DN} =~ file(/tmp/listofDN.txt)
Does anyone have any suggestions as to how I might get this file
function to work? Is there a format that file must adhere to?
Thanks,
--
Terrence Martin
System Manager
UCSD CMS T2 Center
tmar...@physics.ucsd.edu
Cell: 619 957 5550
den jetzt einbaut und dem CustomLog dann den
Namen des Logformats übergebt, dann müsste es jetzt funktionieren.
Viele Grüße,
Martin Allert
-Ursprüngliche Nachricht-
Von: Mario Brandt [mailto:jbl...@gmail.com]
Gesendet: Montag, 16. Januar 2012 10:29
An: users-de@httpd.apache.org
Betreff
Browser ja nicht aufrufen :)
Viele Grüße,
Martin Allert
(Mobil)
Am 30.12.2011 um 17:04 schrieb Reindl Harald h.rei...@thelounge.net:
Am 30.12.2011 16:44, schrieb Michael Renner:
Moin,
ich baue gerade einen WebDAV-Server auf. Der Zugriff soll mit WebDAV und
(rein lesend) auch mit dem
$quoted_author = Stormy ;
I just rem'd out all the NameVirtualHost 192.168.0.90:80 and now
the warning has changed to:
paul@nelson:/etc/apache2/sites-available$ sudo /etc/init.d/apache2 restart
* Restarting web server apache2
[Wed Nov 30 15:02:51 2011] [warn] VirtualHost 192.168.0.90:80
Just a follow-up,
upgrading to 2.2.21 has cleared this issue and we are no longer
experiencing zombies.
Thank you!
Jeff
-Original Message-
From: Rainer Jung [mailto:rainer.j...@kippdata.de]
Sent: Saturday, September 10, 2011 3:45 AM
To: users@httpd.apache.org
Cc: Martin, Jeff
Subject
geht ja immer auf den symlink los.
Viele Grüße,
Martin Allert
--
Apache HTTP Server Mailing List users-de
unsubscribe-Anfragen an users-de-unsubscr...@httpd.apache.org
sonstige Anfragen
.
Läuft das ggf. auf NOT hinaus?
Falls - wie biegt man das nun wieder dem Apachen bei?
Habe mal eine Idee für dieses Problem.
Freundliche Grüße,
Martin
--
Apache HTTP Server Mailing List users-de
unsubscribe
Webserver als auch einen RV Proxy
fahren muss und zwei PKG nicht maintainen will. :)
Viele Grüße,
--
Martin Allert
arago Institut für komplexes Datenmanagement AG
Eschersheimer Landstraße 526 - 532
60433 Frankfurt am Main
eMail: all...@arago.de - www: http
ladbare Module kompiliert, d.h.
man kann einen make-Lauf machen und bekommt z.B. ein httpd-Binary und
dazu prefork, worker und event als Modulfiles heraus. Das hilft aber
nicht für 2.2. 2.3 ist im Beta-Status.
Gruß
Rainer
Vielen Dank für die Tipps Viele Grüße,
Martin Allert
Hallo,
Lass mich raten:
Da liegen office Files drin, also xlsx etc...
Viele Grüße,
Martin Allert
(Mobil)
Am 14.09.2011 um 17:52 schrieb Michael Renner michael.ren...@gmx.de:
On Tuesday, September 13, 2011 05:26:50 pm Mario Brandt wrote:
Moin!
Ich hatte damit bisher keine Probleme (ohne
Thank you for your help with this.. We are pursuing an upgrade.
-Original Message-
From: Rainer Jung [mailto:rainer.j...@kippdata.de]
Sent: Saturday, September 10, 2011 3:45 AM
To: users@httpd.apache.org
Cc: Martin, Jeff
Subject: Re: [users@httpd] HELP: apache 2.2.17 creating zombies
Hello,
I have a Solaris 10 server running apache 2.2.17 and on a weekly basis
its creating zombies and increasing the load to the point where we have
to restart it every Thursday night. There are 6 apache instances running
on this box but this is the only one seeing the issue. There have been
no
that are
increasing server load
Hi Jeff,
Martin, Jeff wrote:
16042 csdrd 20M 16M cpu20 500 3:52:05 3.1% httpd/24
16042 csdrd 20M 16M zombie 0- 0:00:00 0.0% httpd/65
16042 csdrd 20M 16M zombie 0- 0:00:00 0.0% httpd/64
16042 csdrd 20M 16M zombie
://issues.apache.org/bugzilla/show_bug.cgi?id=48780
But there isn't examples how to configure the Apache, I'll tell you how to
do this work if I have successful.
Kings Regards
Martin
2011/8/5 Darren Spruell phatbuck...@gmail.com
On Fri, Aug 5, 2011 at 1:56 AM, Martin Sanchez marsa...@gmail.com wrote:
Hello
and that is that I don't want to do.
2011/8/8 Eric Covener cove...@gmail.com
On Mon, Aug 8, 2011 at 5:45 AM, Martin Sanchez marsa...@gmail.com wrote:
Hi,
Thank you for the reply.
Eric, I know that I can use the mod_ssl to store certificates in one
Apache,
but I want have the certificates
Hello,
I've read about this topic in mailing list but I didn't found the solution.
I want validate LDAP users against Apache using the certificates than the
user store in LDAP.
I mean, I create and store the X509 certificates in LDAP. Afterwards I send
to my clients the certificate and they
dieser Liste nichts verloren.
Und - Tschüss.
Martin Ebert
--
Apache HTTP Server Mailing List users-de
unsubscribe-Anfragen an users-de-unsubscr...@httpd.apache.org
sonstige Anfragen an users
Hi Martin,
the reverse proxy (gateway) in my case would be apache1 me thinks. apache2
definitely does not use mod_proxy/ProxyPass. It is just loadbalancing two
tomcat
instances using mod_jk.
My problem is (maybe I was not clear) that apache2 does see the
X-Forwarded-For, X-Forwarded-Host
$quoted_author = Christian Pascher ;
If I would activate
RequestHeader set Front-End-Https On
I need all the SSL config stuff also at the back end servers?
No. That setting just let's Apache know that, even though it is seeing http
connections, the client is seeing https with the SSL being
Hi Ian
$quoted_author = Ian Stradling ;
Here is what I've gleaned from the log I started. FYI, I clicked on a
link within the website that is supposed to go to ../insurance-tips/
Anything related to /insurance-tips, /add-a-tip, /home, and / are supposed
to NOT be HTTPS...yet, whenever I
experience with Czech websites
for the last fourteen years.
Cheers
Martin
--
~~
Supercomputing Center Brno Martin Kuba
Institute of Computer Scienceemail: ma...@ics.muni.cz
Masaryk University http://www.ics.muni.cz
which is not a CSS but some HTML page with embedded video.
Probably you want to replace that with
ProxyPass / ajp://192.168.1.4:8009/
Cheers
Martin
Dne 2.2.2011 11:35, James Godrej napsal(a):
Hi please check this site
http://research.openitup.in/portal
I am referring to this one.
So I have many
://en.wikipedia.org/wiki/Ip_address#IPv4_private_addresses
Cheers
Martin
--
~~
Supercomputing Center Brno Martin Kuba
Institute of Computer Scienceemail: ma...@ics.muni.cz
Masaryk University http://www.ics.muni.cz/~makub
Hi all,
no response so far, but I have figured it myself, the right directive is
RewriteRule .* - [E=AJP_SSL_CLIENT_S_DN:%{SSL:SSL_CLIENT_S_DN}]
Cheers
Martin
Dne 12.1.2011 12:36, Martin Kuba napsal(a):
Hi all,
I am trying to pass an arbitrary environment variable from Apache (2.2
the SSL_* environment variables using the JkEnv directive,
mod_proxy_ajp cannot do this.
I have written my conclusions to
http://opencms-wiki.org/MultiSite_configuration_instructions_%28apache_%2B_mod_jk%29#mod_jk_or_mod_proxy_ajp_.3F
so please read it there.
Cheers
Martin
/ssl_faq.html#vhosts
http://en.wikipedia.org/wiki/Server_Name_Indication
Use IP-based virtual hosts instead.
Cheers
Martin
--
~~
Supercomputing Center Brno Martin Kuba
Institute of Computer Scienceemail: ma...@ics.muni.cz
.
That works for all browsers, but it is some hassle to create a new certificate
for all names each time a new SSL server is added.
Cheers
Martin
Dne 21.1.2011 22:18, wolfgang.mi...@geigerus.com napsal(a):
Hi,
I am not too familiar with Apache, so the following message has stumped me.
[warn] Init
Martin
Dne 21.1.2011 11:24, Tom Evans napsal(a):
Hi all
Apache/2.2.17 (FreeBSD)
I'm trying to use client certificates to authenticate my few users. I
created a self-signed CA, server certificates and user certificates,
and installed them in the appropriate places. I then created a vhost
are looking for is the SSLUserName directive
http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslusername
Cheers
Martin
--
~~
Supercomputing Center Brno Martin Kuba
Institute of Computer Scienceemail: ma...@ics.muni.cz
directives play no role in this, because the error you have got
happened during the SSL handshake, which is sooner than the Allow directives
are applied.
Martin
Dne 18.1.2011 16:16, g f napsal(a):
Hello all,
I have a debian os running Apache 2.2.16(debian) along with tomcat 6.0.29. I
use mod_jk as well
to another server-side script.
The reason is that it is not the certificate alone what is needed to make
an authentication to an SSL server, also the private key is needed.
Cheers
Martin
Dne 18.1.2011 16:36, g f napsal(a):
Hello Martin,
thanks for the reply.
I have those directives already
Dne 18.1.2011 18:12, g f napsal(a):
Hey Martin,
common access cards are smart cards that allow a user to authenticate to a
domain using just the card(inserted into the card reader) and a pin number.
The directive
*/SSLVerifyClient require/*
requires all https access utilize a smart card
1 - 100 of 290 matches
Mail list logo