-Original Message-
From: J. Bakshi [mailto:joyd...@infoservices.in]
Sent: Tuesday, December 01, 2009 8:20 AM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] how to get multiple SSL with name
based vhost ?
...
Thanks for your nice explanatory response. The server where
Carsten Wiedmann wrote:
William A. Rowe Jr. schrieb:
I agree it should be easier, Rich and I have it down to 3-4 lines of rewrite
magic
to kick out a 400, but we should probably allow this to be explicit
[default?]
That would be nice. And if I'm be able to set the status code in a
William A. Rowe Jr. schrieb:
RewriteRule .* - [R=400]
Hm, ok, I've never realized, that I can set other status codes in
RewriteRule [R], then the well known redirect status codes (Redirection
3xx). A little bit curious?
With [R=400] it's the same as with the Perl script (thanks for this
Boyle Owen wrote:
-Original Message-
From: J. Bakshi [mailto:joyd...@infoservices.in]
Sent: Tuesday, December 01, 2009 8:20 AM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] how to get multiple SSL with name
based vhost ?
...
Thanks for your nice explanatory response.
-Original Message-
From: J. Bakshi [mailto:joyd...@infoservices.in]
Sent: Tuesday, December 01, 2009 10:53 AM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] how to get multiple SSL with name
based vhost ?
...
Thank for your response. your assumption is correct. I am
Boyle Owen wrote:
-Original Message-
From: J. Bakshi [mailto:joyd...@infoservices.in]
Sent: Tuesday, December 01, 2009 10:53 AM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] how to get multiple SSL with name
based vhost ?
...
Thank for your response. your assumption is
Carsten Wiedmann wrote:
Well, and the error document with [R=400] (or other status codes) is also
not multi language.
Right; presume for a moment that anyone hitting your server with a bogus dns
reference or by-ip is doing so in a less-than-friendly, spidery or malicious
manner. Are they
William A. Rowe Jr. schrieb:
Well, and the error document with [R=400] (or other status codes) is also
not multi language.
Right; presume for a moment that anyone hitting your server with a bogus dns
reference or by-ip is doing so in a less-than-friendly, spidery or malicious
manner. Are
* Boyle Owen owen.bo...@six-group.com [2009-12-01 10:08]:
Krist explained it very nicely... But maybe you still didn't get it:
Without SNI, there is NO WAY TO DO THIS. It is a fundamental
limitation of the HTTPS protocol with no production-grade
work-around. SNI (server-name indication) was
Carsten Wiedmann schrieb:
It's the same as with:
| RewriteRule ^.*$ - [R=400]
BTW:
If httpd-multilang-errordoc.conf is enabled, all above solutions are also
not working nice. Because now the error document shows:
Just for the records. This is doing the trick:
| NameVirtualHost *:80
|
|
-Original Message-
From: Peter Schober [mailto:peter.scho...@univie.ac.at]
Sent: Tuesday, December 01, 2009 12:40 PM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] how to get multiple SSL with name
based vhost ?
* Boyle Owen owen.bo...@six-group.com [2009-12-01 10:08]:
* Boyle Owen owen.bo...@six-group.com [2009-12-01 14:51]:
However, at least he now has an alternative... Would you mind
helping him out with it?
http://markmail.org/message/yr52ptnpgbocgvad
cheers,
-peter
-
The official
I just tried to reply to a message on the how to get multiple SSL
with name based vhost discussion, but it was marked as spam I
don't think I mentioned anything particularly spam worthy..
Full copy of the raw email (as gmail remembers it) is at
http://pastebin.com/m7aba774b
Cheers
Tom
Hi,
I just tried to reply to a message on the how to get multiple SSL
with name based vhost discussion, but it was marked as spam I
don't think I mentioned anything particularly spam worthy..
Full copy of the raw email (as gmail remembers it) is at
http://pastebin.com/m7aba774b
I often
On Tue, Dec 1, 2009 at 2:27 PM, Sascha Kersken s...@lingoworld.de wrote:
Hi,
I just tried to reply to a message on the how to get multiple SSL
with name based vhost discussion, but it was marked as spam I
don't think I mentioned anything particularly spam worthy..
Full copy of the raw
Hi, Haroon
I see that also but I don't know how to use them. I put the statement into my
vhost of Apache reverse proxy and the apache complaining they are wrong
statement, etc.
virtualhost
...
Proxyrequst off
.
X-Forwarded-For
/virtualhost
Is above the correct way to use it? I am
You seem to be a bit confused about how to configure name based virtual hosts..
On Tue, Dec 1, 2009 at 10:53 AM, J. Bakshi joyd...@infoservices.in wrote:
` ` ` `
Listen 443
NameVirtualHost example1.de:443
VirtualHost example1:443
SSLEngine on
SSLCipherSuite HIGH:MEDIUM
SSLProtocol
Hi, William
Can you give me more details:
There is the %{Header-Name}i syntax of the custom log, so you could easily
verify which header is actually in use. X-Forwarded-For is the usual 'public'
method,
I will use Apache as reverse proxy not forward proxy. So the IPs are from
Internet user
On Today at 10:09am, RJ=Ruiyuan Jiang ruiyuan_ji...@liz.com wrote:
RJ Hi, Haroon
RJ
RJ I see that also but I don't know how to use them. I put the statement
RJ into my vhost of Apache reverse proxy and the apache complaining they
RJ are wrong statement, etc.
RJ
Hi Ryan,
X-Forwarded-For is
Hi, William
For your answer to my question 1, current I use BlueCoat reverse proxy which is
passing internet remote client IP to the backend server. We'd like to migrate
the reverse proxy server to Apache server. The rest network setup has not been
changed.
For your answer to my question2,
* Tom Evans tevans...@googlemail.com [2009-12-01 15:22]:
Full copy of the raw email (as gmail remembers it) is at
http://pastebin.com/m7aba774b
Yes, wildcard certificates are another possibilty, if your CA supports
them (same goes for subjectAltName, of course).
You'll still need one public
Hi, Haroon
Thanks for the reply. Do you mean they are automatically activated for reverse
proxy? Unfortunately it does not work for me if they are activated. My backend
server will be Oracle 9iAS or Oracle 10gAS.
Ryan
-Original Message-
From: Haroon Rafique
Hi, Haroon
I read http://en.wikipedia.org/wiki/X-Forwarded-For yesterday and I did not see
Apache listed there. I saw squid, bluecoat, etc. listed there so I was thinking
to test squid with the feature. What is your suggestion? Thanks.
Ryan
-Original Message-
From: Haroon Rafique
All,
We are trying to configure apache to accept client certificate when
accessing the page from client side. Here is the configuration,
VirtualHost :4406
RewriteEngine on
RewriteOptions inherit
ServerName ***
JkMountFile
On Today at 10:29am, RJ=Ruiyuan Jiang ruiyuan_ji...@liz.com wrote:
RJ Hi, Haroon
RJ
RJ Thanks for the reply. Do you mean they are automatically activated for
RJ reverse proxy?
Yes.
RJ
RJ Unfortunately it does not work for me if they are activated.
RJ
What does not work? The X-Forwarded-For
Hi,
Is there for the LDAP search string for require ldap-group to be based on
some variable (like an environment variable)?
I've tried something like the following without success :
LocationMatch /hg/[\^]+
require ldap-group CN=%{ENV:HG_GROUP},OU=SAVX,OU=Comptes et groupes de
Hi, Haroon
Where do you see Apache 2.3? I don't see on the office Apache web site.
Also where should I apply:
%= request.getHeader(X-Forwarded-For) %
In my Apache reverse proxy server? Thanks.
Ryan
-Original Message-
From: Haroon Rafique [mailto:haroon.rafi...@utoronto.ca]
Sent:
ok. i need mod rewrite installed on my apache but i dot know how. i also need
to install some others but this is the main one
On Dec 1, 2009, at 11:30 , Peter Maguire wrote:
ok. i need mod rewrite installed on my apache but i dot know how. i
also need to install some others but this is the main one
Tell us more.
The method of installing a missing module will vary somewhat,
depending on how you installed
i installed from a package from the apache website
From: Rich Bowen rbo...@rcbowen.com
To: users@httpd.apache.org
Sent: Tue, 1 December, 2009 16:35:23
Subject: Re: [us...@httpd] mod_rewite
On Dec 1, 2009, at 11:30 , Peter Maguire wrote:
ok. i need mod
On Dec 1, 2009, at 11:38 , Peter Maguire wrote:
i installed from a package from the apache website
Then you should rebuild it, using --enable-rewrite in the arguments
to ./configure this time.
From: Rich Bowen rbo...@rcbowen.com
To: users@httpd.apache.org
Sent: Tue, 1 December, 2009
Rich Bowen wrote:
On Dec 1, 2009, at 11:38 , Peter Maguire wrote:
i installed from a package from the apache website
Then you should rebuild it, using --enable-rewrite in the arguments to
./configure this time.
Simpler just to google apxs.
--
Nick Kew
On Tue, Dec 1, 2009 at 4:29 PM, Ruiyuan Jiang ruiyuan_ji...@liz.com wrote:
Hi, Haroon
Where do you see Apache 2.3? I don't see on the office Apache web site.
Also where should I apply:
%= request.getHeader(X-Forwarded-For) %
In my Apache reverse proxy server? Thanks.
Ryan
Apache 2.3 is
On Today at 11:29am, RJ=Ruiyuan Jiang ruiyuan_ji...@liz.com wrote:
RJ Hi, Haroon
RJ
RJ Where do you see Apache 2.3? I don't see on the office Apache web site.
As of yet unreleased. If I remember correctly, 2.3 will be the unstable
branch and 2.4 (when released) will be the stable version.
Hello!
I build my application vs. libhttpd (Apache) library (for adding HTTP server
abilities), during application running it required to shutting down and then
(after some time) to start this (HTTP) server again.
The procedure I used to initialize/shutting down this server is same as used in
I am a sysadmin, Haroon. Thanks.
-Original Message-
From: Haroon Rafique [mailto:haroon.rafi...@utoronto.ca]
Sent: Tuesday, December 01, 2009 11:55 AM
To: users@httpd.apache.org
Subject: RE: [us...@httpd] Passing remote client IP address to backend server
and session stickness
On
Thanks, Tom
I will check with my developers here. By the way, is apache done differently
for X-Forwarded-For than the rest reverse proxy vendors?
Ryan
-Original Message-
From: Tom Evans [mailto:tevans...@googlemail.com]
Sent: Tuesday, December 01, 2009 11:51 AM
To:
On Tue, Dec 1, 2009 at 5:01 PM, Ruiyuan Jiang ruiyuan_ji...@liz.com wrote:
Thanks, Tom
I will check with my developers here. By the way, is apache done differently
for X-Forwarded-For than the rest reverse proxy vendors?
Ryan
No.
Cheers
Tom
Krist explained it very nicely... But maybe you still didn't get it:
Without SNI, there is NO WAY TO DO THIS. It is a fundamental limitation of
the HTTPS protocol with no production-grade work-around. SNI (server-name
indication) was specifically added to address this limitation. There is
On Tue, Dec 1, 2009 at 3:48 PM, Sheryl gubyd...@his.com wrote:
Krist explained it very nicely... But maybe you still didn't get it:
Without SNI, there is NO WAY TO DO THIS. It is a fundamental limitation of
the HTTPS protocol with no production-grade work-around. SNI (server-name
indication)
On Tue, Dec 1, 2009 at 3:48 PM, Sheryl gubyd...@his.com wrote:
To back up a moment, though -- another way to do this is to define
multiple IPs on the network card and run multiple instances of apache,
each with different config files. We run 20 or more on some of our
production servers.
You
On Tue, Dec 1, 2009 at 4:05 PM, Roger rno...@gmail.com wrote:
On Tue, Dec 1, 2009 at 3:48 PM, Sheryl gubyd...@his.com wrote:
To back up a moment, though -- another way to do this is to define
multiple IPs on the network card and run multiple instances of apache,
each with different config
Krist van Besien wrote:
You seem to be a bit confused about how to configure name based virtual
hosts..
On Tue, Dec 1, 2009 at 10:53 AM, J. Bakshi joyd...@infoservices.in wrote:
` ` ` `
Listen 443
NameVirtualHost example1.de:443
VirtualHost example1:443
SSLEngine on
43 matches
Mail list logo