1st off sorry this is so long... I didn't see any way to attach files
when creating the discussion.
I am trying to get my puppetmaster (0.25.0) working with passenger
(2.2.5) on Solaris (It works fine using webrick). At this point I
think it "should" work, but get a 400 error (Located below) when
running puppetd on the client.
The server doesn't have anything in the error log indicating a
problem, but the access log shows the server returning a 400 error.
Any ideas about what the problem could be or how to enable additional
logging on the server side (I tried uncommenting << "--debug" in my
config.ru, but don't get anything additional).
I have also included my config.ru, puppet.conf, and ssl.conf below the
errors. Note: The install paths are bit odd, but I am trying to do
this so that I can share a main "opt" puppet package with all zones
and then have a puppetmd package that uses the same install as puppet
itself.
*** client error output ***
bash-3.00# /opt/dhw/sbin/puppetd --server
dhwsol105prod1z3.dhw.state.id.us --test --debug --environment=prod
debug: Failed to load library 'shadow' for feature 'libshadow'
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/
dscl does not exist
debug: Failed to load library 'ldap' for feature 'ldap'
debug: Puppet::Type::User::ProviderLdap: feature ldap is missing
debug: /File[/etc/puppet/ssl/crl.pem]: Autorequiring File[/etc/puppet/
ssl]
debug: /File[/etc/puppet/ssl/certs/
dhwsol105prod1.dhw.state.id.us.pem]: Autorequiring File[/etc/puppet/
ssl/certs]
debug: /File[/etc/puppet/ssl/certs]: Autorequiring File[/etc/puppet/
ssl]
debug: /File[/etc/puppet/ssl/private]: Autorequiring File[/etc/puppet/
ssl]
debug: /File[/var/puppet/client_yaml]: Autorequiring File[/var/puppet]
debug: /File[/var/puppet/state]: Autorequiring File[/var/puppet]
debug: /File[/var/puppet/facts]: Autorequiring File[/var/puppet]
debug: /File[/etc/puppet/ssl/private_keys/
dhwsol105prod1.dhw.state.id.us.pem]: Autorequiring File[/etc/puppet/
ssl/private_keys]
debug: /File[/var/puppet/state/state.yaml]: Autorequiring File[/var/
puppet/state]
debug: /File[/etc/puppet/ssl/public_keys/
dhwsol105prod1.dhw.state.id.us.pem]: Autorequiring File[/etc/puppet/
ssl/public_keys]
debug: /File[/etc/puppet/ssl/certificate_requests]: Autorequiring File
[/etc/puppet/ssl]
debug: /File[/etc/puppet/ssl]: Autorequiring File[/etc/puppet]
debug: /File[/var/puppet/log]: Autorequiring File[/var/puppet]
debug: /File[/var/puppet/run]: Autorequiring File[/var/puppet]
debug: /File[/var/puppet/state/graphs]: Autorequiring File[/var/puppet/
state]
debug: /File[/var/puppet/state/classes.txt]: Autorequiring File[/var/
puppet/state]
debug: /File[/var/puppet/lib]: Autorequiring File[/var/puppet]
debug: /File[/etc/puppet/ssl/private_keys]: Autorequiring File[/etc/
puppet/ssl]
debug: /File[/var/puppet/clientbucket]: Autorequiring File[/var/
puppet]
debug: /File[/etc/puppet/ssl/certs/ca.pem]: Autorequiring File[/etc/
puppet/ssl/certs]
debug: /File[/etc/puppet/ssl/public_keys]: Autorequiring File[/etc/
puppet/ssl]
debug: Finishing transaction 9414216 with 0 changes
debug: Using cached certificate for ca
debug: Using cached certificate for dhwsol105prod1.dhw.state.id.us
debug: Loaded state in 0.03 seconds
debug: Using cached certificate for ca
debug: Using cached certificate for dhwsol105prod1.dhw.state.id.us
debug: Using cached certificate_revocation_list for ca
debug: Puppet::Network::Format[json]: false value when expecting true
debug: Format s not supported for Puppet::Resource::Catalog; has not
implemented method 'from_s'
err: Could not retrieve catalog from remote server: Error 400 on
SERVER: Bad Request
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
*** Server error output ***
10.10.1.51 - - [20/Oct/2009:13:44:30 -0600] "GET /prod/catalog/
dhwsol105prod1.dhw.state.id.us?facts_format=yaml&facts=---%2B%2521ruby
%252Fobject%253APuppet%253A%253ANode%253A%253AFacts%2B%250Aexpiration
%253A%2B2009-10-20%2B14%253A14%253A29.927609%2B-06%253A00%250Aname%253A
%2Bdhwsol105prod1.dhw.state.id.us%250Avalues%253A%2B%250A%2B%2Bkernel
%253A%2BSunOS%250A%2B%2Bipaddress_vnet0_3%253A%2B10.10.1.57%250A%2B
%2Bnetwork_vnet0_2%253A%2B10.10.1.0%250A%2B%2Bnetmask%253A
%2B255.255.255.0%250A%2B%2Bnetmask_lo0%253A%2B255.0.0.0%250A%2B
%2Buniqueid%253A%2B84f9e03a%250A%2B%2Bfqdn%253A
%2Bdhwsol105prod1.dhw.state.id.us%250A%2B%2Bnetwork_vnet0_3%253A
%2B10.10.1.0%250A%2B%2Boperatingsystemrelease%253A%2B
%25225.10%2522%250A%2B%2Bclientversion%253A%2B0.25.0%250A%2B
%2Bipaddress%253A%2B10.10.1.51%250A%2B%2Bvirtual%253A%2Bphysical%250A
%2B%2Bnetmask_lo0_1%253A%2B255.0.0.0%250A%2B%2Bis_virtual%253A%2B
%2522false%2522%250A%2B%2Bps%253A%2Bps%2B-ef%250A%2B
%2Bipaddress_vnet0%253A%2B10.10.1.51%250A%2B%2Brubysitedir%253A%2B
%252Fopt%252Fdhw%252Flib%252Fruby%252Fsite_ruby%252F1.8%250A%2B
%2Bnetmask_lo0_2%253A%2B255.0.0.0%250A%2B%2Bhardwaremodel%253A%2Bsun4v
%250A%2B%2Bkernelrelease%253A%2B%25225.10%2522%250A%2B
%2Bnetwork_vnet0%253A%2B10.10.1.0%250A%2B%2Bnetmask_lo0_3%253A
%2B255.0.0.0%250A%2B%2Bdomain%253A%2Bdhw.state.id.us%250A%2B%2Btimezone
%253A%2BMDT%250A%2B%2Bid%253A%2Broot%250A%2B%2Bnetwork_lo0%253A
%2B127.0.0.0%250A%2B%2Bipaddress_lo0_1%253A%2B127.0.0.1%250A%2B
%2Bhardwareisa%253A%2Bsparc%250A%2B%2Bmacaddress_vnet0%253A
%2B0%253A14%253A4f%253Afb%253Ad9%253Acc%250A%2B%2Binterfaces%253A
%2Blo0%252Clo0_1%252Clo0_2%252Clo0_3%252Cvnet0%252Cvnet0_1%252Cvnet0_2%252Cvnet0_3%250A
%2B%2Bipaddress_lo0_2%253A%2B127.0.0.1%250A%2B%2Bpath%253A%2B%252Fusr
%252Fsbin%253A%252Fusr%252Fbin%253A%252Fusr%252Fccs%252Fbin%253A
%252Fopt%252FSUNWldm%252Fbin%253A%252Fopt%252Fsmuser%252Fwebagent
%252Fbin%253A%252Fsbin%250A%2B%2Bnetwork_lo0_1%253A%2B127.0.0.0%250A%2B
%2Bnetmask_vnet0_1%253A%2B255.255.255.0%250A%2B%2Bkernelversion%253A
%2BGeneric_141414-07%250A%2B%2Bipaddress_lo0%253A%2B127.0.0.1%250A%2B
%2Benvironment%253A%2Bprod%250A%2B%2B%253F%2B%2521ruby%252Fsym
%2B_timestamp%250A%2B%2B%253A%2BTue%2BOct
%2B20%2B13%253A44%253A29%2B-0600%2B2009%250A%250A%2B
%2Bnetmask_vnet0_2%253A%2B255.255.255.0%250A%2B%2Bpuppetversion%253A
%2B0.25.0%250A%2B%2Buptime%253A%2B8%2Bday%250A%2B%2Bnetwork_lo0_2%253A
%2B127.0.0.0%250A%2B%2Bipaddress_lo0_3%253A%2B127.0.0.1%250A%2B
%2Bhostname%253A%2Bdhwsol105prod1%250A%2B%2Boperatingsystem%253A
%2BSolaris%250A%2B%2Bipaddress_vnet0_1%253A%2B10.10.1.52%250A%2B
%2Bfacterversion%253A%2B1.5.7%250A%2B%2Bmacaddress%253A
%2B0%253A14%253A4f%253Afb%253Ad9%253Acc%250A%2B%2Bnetmask_vnet0_3%253A
%2B255.255.255.0%250A%2B%2Bnetwork_lo0_3%253A%2B127.0.0.0%250A%2B
%2Bsshrsakey%253A
%2BAAAAB3NzaC1yc2EAAAABIwAAAIEAxKVNsY3Tk78LgNboqdrTr9omRW7%252BTjD7PvyaD37NDW
%252FQiaWHOxIjgQ257gO765AaekFmP%252FlI9IWA8ss2feEVOYhwms0JrOln
%252BZzixI6NiUnEkW00DLR75NH5bIMmNsKDsxbwDGQuJkD2jav8WIgfMG
%252BO9RYQxNNZOMu5rUDsimc%253D%250A%2B%2Bkernelmajversion%253A
%2BGeneric_141414-07%250A%2B%2Bnetwork_vnet0_1%253A%2B10.10.1.0%250A%2B
%2Bipaddress_vnet0_2%253A%2B10.10.1.53%250A%2B%2Brubyversion%253A
%2B1.8.7%250A%2B%2Bsshdsakey%253A
%2BAAAAB3NzaC1kc3MAAACBAK0sGCS6m349DPJ0ENTNBnRlrJuF9wzBqv6v91%252BYUyiTCug54DG38LhXsB5a8wzP7vFDHm91w8H6X8lHSjZAkAZj0CXuoy
%252BKMypouxa4aPSIq79DHDM%252FEKUk4uoLoD1SfK9CUq%252FRpy1tJiXvp%252BHA
%252B5upqd4GzJUlxyQ5XoDw81u5AAAAFQDAzYUpzs%252FGN9T9sXSgdscaw%252B
%252BoRQAAAIBIjPBFixi6vEaQmRBXE1wGI7vYQ1vSD%252FY8kjPTiH1JV
%252BiX4ba80qBAN4ZfOi0aItt6dil6naY%252BoagfQkETMp58dSd
%252BqkwyfDtJfT6LigLJ9cA6trMEHvjDJP5nAykUWcFBiviOtvLioWJgCDzSKqsQs816imAgvEu3%252Bspub6A6iQAAAIBknje4ZSbAlB
%252Bn9evhpdwYFHMq7biResm9m6SZvpOoHzgAu6qZPer91qrGvVERFNi20%252F8SgLr6%252FOlddfyr
%252BfHxu7%252FesYuh
%252BuKpVq9T5jhNi3cIwgTkkeAszP1MJnX32moRJ211F6oWlKW6S8tjfD1VGU5In8WzZ2s2xdM86I5e4w
%253D%253D%250A%2B%2Bnetmask_vnet0%253A%2B255.255.255.0%250A HTTP/1.1"
400 38
*** config.ru file ***
# a config.ru, for use with every rack-compatible webserver.
# SSL needs to be handled outside this, though.
# if puppet is not in your RUBYLIB:
# $:.unshift('/opt/dhw/lib')
$0 = "puppetmasterd"
require 'puppet'
# if you want debugging:
ARGV << "--debug"
# Add configuration directory as argument
ARGV << "--confdir=/etc/opt/dhw/puppetmd"
ARGV << "--rack"
require 'puppet/application/puppetmasterd'
# we're usually running inside a Rack::Builder.new {} block,
# therefore we need to call run *here*.
run Puppet::Application[:puppetmasterd].run
*** puppet.conf ***
[main]
# Set the environments available to puppet
environments = trng,prod,qual,intg,dev,qualf
# Set to sync custom facts to the clients
pluginsync = true
[puppetmasterd]
# Added for support with Apache and passenger
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
# User and group to start puppetmasterd as
user = puppetmd
group = puppetmd
# The port to run the puppet master on
masterport = 8140
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $confdir/ssl
# Single global manifest directory
manifest = $confdir/manifests/site.pp
# The location of the configuration for the fileserver
fsconfig = $confdir/fileserver.conf
# Where Puppet stores dynamic and growing data.
# The default value is '/var/puppet'.
vardir = /var/opt/dhw/puppetmd
# Set factpath so facter can load custom facts from the server
# factpath = $vardir/lib/facter
[prod]
# The module paths to check
modulepath = /etc/opt/dhw/puppetmd/prod/modules
[trng]
# The module paths to check
modulepath = /etc/opt/dhw/puppetmd/trng/modules
[qual]
# The module paths to check
modulepath = /etc/opt/dhw/puppetmd/qual/modules
[intg]
# The module paths to check
modulepath = /etc/opt/dhw/puppetmd/intg/modules
[dev]
# The module paths to check
modulepath = /etc/opt/dhw/puppetmd/dev/modules
[qualf]
# The module paths to check
modulepath = /etc/opt/dhw/puppetmd/qualf/modules
*** ssl.conf ***
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
#<IfDefine SSL>
#
# When we also provide SSL we have to listen to the
# standard HTTP port (see above) and to the HTTPS port
#
# Note: Configurations that use IPv6 but not IPv4-mapped addresses
need two
# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
#
#Listen 443
Listen 8140
##
## SSL Global Context
##
## All SSL configuration in this context applies both to
## the main server and all SSL-enabled virtual hosts.
##
#
# Some MIME-types for downloading Certificates and CRLs
#
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin' is a internal
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog builtin
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
#SSLSessionCache none
#SSLSessionCache shmht:/opt/apache/logs/ssl_scache(512000)
#SSLSessionCache shmcb:/opt/apache/logs/ssl_scache(512000)
SSLSessionCache dbm:/opt/apache/logs/ssl_scache
SSLSessionCacheTimeout 300
# Semaphore:
# Configure the path to the mutual exclusion semaphore the
# SSL engine uses internally for inter-process synchronization.
SSLMutex file:/opt/apache/logs/ssl_mutex
# Required Passenger settings
LoadModule passenger_module /etc/opt/dhw/puppetmd/lib/passenger-2.2.5/
ext/apache2/mod_passenger.so
PassengerRoot /etc/opt/dhw/puppetmd/lib/passenger-2.2.5
PassengerRuby /opt/dhw/bin/ruby
# you probably want to tune these settings
PassengerHighPerformance on
PassengerMaxPoolSize 12
PassengerPoolIdleTime 1500
# PassengerMaxRequests 1000
PassengerStatThrottleRate 120
RackAutoDetect Off
RailsAutoDetect Off
##
## SSL Virtual Host Context
##
#<VirtualHost _default_:443>
<VirtualHost dhwsol105prod1z3.dhw.state.id.us:8140>
ServerAdmin r...@dhwsol105prod1z3
SSLProtocol -ALL +SSLv3 +TLSv1
SSLOptions +StdEnvVars
# General setup for the virtual host
#DocumentRoot "/opt/apache/htdocs"
DocumentRoot /etc/opt/dhw/puppetmd/rack/puppetmasterd/public
RackBaseURI /
<Directory /etc/opt/dhw/puppetmd/rack/puppetmasterd/>
Options None
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog /opt/apache/logs/error_log
TransferLog /opt/apache/logs/access_log
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
#SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:
+SSLv2:+EXP:+eNULL
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. Keep
# in mind that if you have both an RSA and a DSA certificate you
# can configure both in parallel (to also allow the use of DSA
# ciphers, etc.)
#SSLCertificateFile /opt/apache/conf/ssl.crt/server.crt
#SSLCertificateFile /opt/apache/conf/ssl.crt/server-dsa.crt
SSLCertificateFile /etc/opt/dhw/puppetmd/ssl/certs/
dhwsol105prod1z3.dhw.state.id.us.pem
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
#SSLCertificateKeyFile /opt/apache/conf/ssl.key/server.key
#SSLCertificateKeyFile /opt/apache/conf/ssl.key/server-dsa.key
SSLCertificateKeyFile /etc/opt/dhw/puppetmd/ssl/private_keys/
dhwsol105prod1z3.dhw.state.id.us.pem
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
#SSLCertificateChainFile /opt/apache/conf/ssl.crt/ca.crt
SSLCertificateChainFile /etc/opt/dhw/puppetmd/ssl/ca/ca_crt.pem
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
# Note: Inside SSLCACertificatePath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCACertificatePath /opt/apache/conf/ssl.crt
#SSLCACertificateFile /opt/apache/conf/ssl.crt/ca-bundle.crt
SSLCACertificateFile /etc/opt/dhw/puppetmd/ssl/ca/ca_crt.pem
# Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
# authentication or alternatively one huge file containing all
# of them (file must be PEM encoded)
# Note: Inside SSLCARevocationPath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCARevocationPath /opt/apache/conf/ssl.crl
#SSLCARevocationFile /opt/apache/conf/ssl.crl/ca-bundle.crl
# If Apache complains about invalid signatures on CRL, you can try
disabling
# CRL checking by commenting the next line, but this is not
recommended.
SSLCARevocationFile /etc/opt/dhw/puppetmd/ssl/ca/ca_crl.pem
# Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a
# number which specifies how deeply to verify the certificate
# issuer chain before deciding the certificate is not valid.
#SSLVerifyClient require
#SSLVerifyDepth 10
SSLVerifyClient optional
SSLVerifyDepth 1
# Access Control:
# With SSLRequire you can do per-directory access control based
# on arbitrary complex boolean expressions containing server
# variable checks and other lookup directives. The syntax is a
# mixture between C and Perl. See the mod_ssl documentation
# for more details.
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
# SSL Engine Options:
# Set various options for the SSL engine.
# o FakeBasicAuth:
# Translate the client X.509 into a Basic Authorisation. This
means that
# the standard Auth/DBMAuth methods can be used for access
control. The
# user name is the `one line' version of the client's X.509
certificate.
# Note that no password is obtained from the user. Every entry in
the user
# file needs this password: `xxj31ZMTZzkVA'.
# o ExportCertData:
# This exports two additional environment variables:
SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of
the
# server (always existing) and the client (only existing when
client
# authentication is used). This can be used to import the
certificates
# into CGI scripts.
# o StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment
variables.
# Per default this exportation is switched off for performance
reasons,
# because the extraction step is an expensive operation and is
usually
# useless for serving static content. So one usually enables the
# exportation for CGI and SSI requests only.
# o CompatEnvVars:
# This exports obsolete environment variables for backward
compatibility
# to Apache-SSL 1.x, mod_ssl 2.0.x, Sioux 1.0 and Stronghold 2.x.
Use this
# to provide compatibility to existing CGI scripts.
# o StrictRequire:
# This denies access when "SSLRequireSSL" or "SSLRequire" applied
even
# under a "Satisfy any" situation, i.e. when it applies access is
denied
# and no other module can change it.
# o OptRenegotiate:
# This enables optimized SSL connection renegotiation handling
when SSL
# directives are used in per-directory context.
#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars
+StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/opt/apache/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
# SSL Protocol Adjustments:
# The safe and default but still SSL/TLS standard compliant shutdown
# approach is that mod_ssl sends the close notify alert but doesn't
wait for
# the close notify alert from client. When you need a different
shutdown
# approach you can use one of the following variables:
# o ssl-unclean-shutdown:
# This forces an unclean shutdown when the connection is closed,
i.e. no
# SSL close notify alert is send or allowed to received. This
violates
# the SSL/TLS standard but is needed for some brain-dead browsers.
Use
# this when you receive I/O errors because of the standard
approach where
# mod_ssl sends the close notify alert.
# o ssl-accurate-shutdown:
# This forces an accurate shutdown when the connection is closed,
i.e. a
# SSL close notify alert is send and mod_ssl waits for the close
notify
# alert of the client. This is 100% SSL/TLS standard compliant,
but in
# practice often causes hanging connections with brain-dead
browsers. Use
# this only for browsers where you know that their SSL
implementation
# works correctly.
# Notice: Most problems of broken clients are also related to the
HTTP
# keep-alive facility, so you usually additionally want to disable
# keep-alive for those clients, too. Use variable "nokeepalive" for
this.
# Similarly, one has to force some clients to use HTTP/1.0 to
workaround
# their broken HTTP/1.1 implementation. Use variables
"downgrade-1.0" and
# "force-response-1.0" for this.
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog /opt/apache/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
