*16-November-2013 Changes with Apache 2.2.26 (legacy)*
ASF changes:
*) mod_ssl: enable support for ECC keys and ECDH ciphers. Tested against
OpenSSL 1.0.0b3. [Vipul Gupta, Sander Temme, Stefan Fritsch]
So you need something at least 2.2.26 (the ECDH changes were
backported from 2.4)
We
On Fri, Apr 18, 2014 at 2:27 AM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
>
> I'm running httpd 2.2.23 on Amazon Linux. I read in the comments for
> mos_ssl that httpd 2.2.24 is required for "TLSv1.2" to be specified
> directly. Is that accurate? I can see in my Qualys test that
On 18/04/2014 2:30 AM, "Hanno Böck" wrote:
>
> On Thu, 17 Apr 2014 12:27:37 -0400
> Christopher Schultz wrote:
>
> > I'm trying to enable (and prefer!) ECDHE ciphers for clients that can
> > support them. I've done the obvious:
> [...]
> > I'm running httpd 2.2.23
>
> That's your problem. Get rid
On 18/04/2014 10:43 AM, "Igor Cicimov" wrote:
>
>
> On 18/04/2014 8:25 AM, "Marc Aymerich" wrote:
> >
> > On Thu, Apr 17, 2014 at 11:18 PM, Marc Aymerich
wrote:
> > > On Wed, Apr 16, 2014 at 11:17 PM, Marc Aymerich
wrote:
> > >> Hi,
> > >> I have a PHP-FPM web application that I want it to be a
On 18/04/2014 8:25 AM, "Marc Aymerich" wrote:
>
> On Thu, Apr 17, 2014 at 11:18 PM, Marc Aymerich
wrote:
> > On Wed, Apr 16, 2014 at 11:17 PM, Marc Aymerich
wrote:
> >> Hi,
> >> I have a PHP-FPM web application that I want it to be accessed under
> >> "/alias/" path. I'm trying to configure Prox
I just upgraded my Apache from 2.4.7 to 2.4.9 and now my clients' cert
give me a "server certificate does NOT include an ID which matches the
server name" error and it serves the system cert instead which fails
because it doesn't match the domain. Here is an example (sanitized)
entry in my httpd.c
On 4/17/2014 3:46 PM, Yehuda Katz wrote:
On Thu, Apr 17, 2014 at 3:12 PM, Mark London mailto:m...@psfc.mit.edu>>wrote:
So I've been trying to find a configuration that redirects
HTTPS://XXX.COMto HTTPS://WWW.XXX.COM. Unfortunately,
every configuration that I've tried, doesn't work. Al
On Thu, Apr 17, 2014 at 11:18 PM, Marc Aymerich wrote:
> On Wed, Apr 16, 2014 at 11:17 PM, Marc Aymerich wrote:
>> Hi,
>> I have a PHP-FPM web application that I want it to be accessed under
>> "/alias/" path. I'm trying to configure ProxyPassMatch with Unix
>> sockets but it doesn't work because
I've come up with the below config using mod_ext_filter which isn't
desirable, but it's the only thing I've been able to come up with so far.
It's not working exactly yet. Any suggestions?
SetEnvIf HTTP_COOKIE "USER_TYPE=test" FILTER=$1
*Inside VirtualHost:*
ExtFilterDefine doug mode=output
Hanno,
On 4/17/14, 12:29 PM, Hanno Böck wrote:
> On Thu, 17 Apr 2014 12:27:37 -0400
> Christopher Schultz wrote:
>
>> I'm trying to enable (and prefer!) ECDHE ciphers for clients that can
>> support them. I've done the obvious:
> [...]
>> I'm running httpd 2.2.23
>
> That's your problem. Get ri
On Wed, Apr 16, 2014 at 11:17 PM, Marc Aymerich wrote:
> Hi,
> I have a PHP-FPM web application that I want it to be accessed under
> "/alias/" path. I'm trying to configure ProxyPassMatch with Unix
> sockets but it doesn't work because it passes "/alias/" to the web
> app, but this path doesn't e
Do the users actually connect to "https://xxx.com"; ? Or do they go just to
"xxx.com" in their browser and then a load-balancer/SSL-accellerator
somewhere along the way bumps them to https?
If something was bumping them to https then it would be easiest to just
change that 'bumping' to go from "h
On Thu, Apr 17, 2014 at 3:12 PM, Mark London wrote:
> So I've been trying to find a configuration that redirects HTTPS://XXX.COMto
> HTTPS://WWW.XXX.COM. Unfortunately, every configuration that I've tried,
> doesn't work. All of the rewrite and redirect rules, are applied after the
> browser ch
Hi - I inherited a web server from another site. I requested a
wildcard certificate for that server. What I failed to realize, was
that a wildcard certificate only covers *.XXX.COM. It won't cover plain
XXX.COM. And unfortunately, people mainly connect to the site, using
XXX.COM Thus,
On Thu, 17 Apr 2014 12:27:37 -0400
Christopher Schultz wrote:
> I'm trying to enable (and prefer!) ECDHE ciphers for clients that can
> support them. I've done the obvious:
[...]
> I'm running httpd 2.2.23
That's your problem. Get rid of that old cruft. You'll need apache 2.4
(for that and for m
All,
I'm trying to enable (and prefer!) ECDHE ciphers for clients that can
support them. I've done the obvious:
SSLHonorCipherOrder Yes
SSLProtocol ALL -SSLv2
SSLCipherSuite ECDHE:ECDH:..[other stuff]
I have confirmed that, when running "openssl ciphers [stuff above]" that
I get ECDHE ciphers li
HiHi!
1. The requests are not available at log because I have blocked the .ru
domains at firewall level. Let me disable the firewall to generate the logs
for you
109.188.125.110 - - [17/Apr/2014:07:27:03 +0200] "GET /Uizz9n HTTP/1.1" 301
- "http://www.tv-house.ru/detail/200/5347"; "Mozilla/5.0
17 matches
Mail list logo
