Upgrade as in Apache upgrade or Solaris 5.10 patch upgrad? :)
Apache is all new of course 2.4.12 with the latest add on sources (apr, pcre,
etc)The bad news is the OS is not at all up to date. And for reasons I have no
control over, I cannot patch.So if this is an OS issue then ..
I seem to b
On Tue, Jun 16, 2015 at 8:23 PM, Mark Jacquet
wrote:
> So do you think this hang is related to the native LDAP lib code?
It is possible but IMO not very likely. It has to corrutp memory just
enough to put a looping structure in apr_rmm. What's your upgrade
history like?
--
Eric Covener
cove...
I just did a test and killed off 4 of the 6 processes with multiple threads
stuck in the same place.After each kill the "W's" went away (grocs gone from
the scoreboard) and the load went down. The good news is that the server stayed
up, and seems to be running fine.
So do you think this hang is
On Jun 16, 2015 18:26, "Mark Jacquet"
wrote:
>
> I am seeing something very odd on our Apache 2.4.12 server (SunOS
myhostname 5.10 Generic_118833-36 sun4v sparc SUNW,Sun-Fire-T200)
> We are using MPM Worker.
>
> I have been watching the scoreboard all day monitoring system load and
running proces
Maybe mod_gnutls or libressl (working with patched mod_ssl, available
in trunk but not yet backported) can do better here, I don't know
enough about them to tell.
Regards,
Yann.
On Wed, Jun 17, 2015 at 12:37 AM, karl karloff wrote:
> So that does not actually help in the case of SSLv3 because SN
So that does not actually help in the case of SSLv3 because SNI is an extension
to TLS. It seems like this is not possible in Apache given the usage of
OpenSSL as the SSL/TLS library.
Does that sum it up?
Thanks,
Karl
> Date: Tue, 16 Jun 2015 23:54:39
I am seeing something very odd on our Apache 2.4.12 server (SunOS myhostname
5.10 Generic_118833-36 sun4v sparc SUNW,Sun-Fire-T200)
We are using MPM Worker.
I have been watching the scoreboard all day monitoring system load and running
processes/threads.Around 10AM the load jumped to from a norm
On Tue, Jun 16, 2015 at 10:48 PM, karl karloff wrote:
> I am attempting to set up more than one subdomain on :443 in this example.
>
> so something like
> sslv3.example.com:443 responds with SSLv3 only
> tlsv1.example.com:443 responds with TLSv1.0 only
> ...
>
> I wasn't aware that could be achiev
I am attempting to set up more than one subdomain on :443 in this example.
so something like
sslv3.example.com:443 responds with SSLv3 only
tlsv1.example.com:443 responds with TLSv1.0 only
...
I wasn't aware that could be achieved using the ServerName directive.
The underlying IP/interface shoul
On Tue, Jun 16, 2015 at 1:57 PM, karl karloff wrote:
>
AIUI This VH style is not used much and could be contributing. If you
don't care what underlying interface/IP is used, use *:443 and
ServerName inside. Otherwise, use the local interface address/IP and
ServerName inside.
--
Eric Covener
Hi,
In my lab's :
serv:
...
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
SSLProtocol -All +SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2 ###( I added
TLSv1.2 to test)
...
client:
#curl https://w1 --insecure --tls
I must have mistyped my config.
Assuming a config such as the following
SSLProtocol -All +SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2
...
If I restart apache, and then try to test that (the --insecure is for a
self-signed cert):
$ curl https://sslv3.example.com --insecure --tlsv1.0
It works!
Shouldn't
Hello Yann,
Thanks for your reply.
I'll review this link. It's really possible that it's related
I'll post my findings later.
Thanks.
Juan Cruz Villanueva
-Original Message-
From: Yann Ylavic [mailto:ylavic@gmail.com]
Sent: martes, 16 de junio de 2015 9:09
To: users@httpd.apache.
Hi Nick,
Thanks for the answer.
Mod_ xml2enc is loaded in the httpd.conf:
LoadModule xml2enc_module modules/mod_xml2enc.so
Besides that, what do you mean with a "broken backend"?
Atte.
Juan Cruz Villanueva
-Original Message-
From: Nick Kew [mailto:n...@webthing.com]
Sent: martes, 16
Hi,
Have you tested with the "+"?
from docs :
Syntax:SSLProtocol [+|-]protocol ...
ex :
SSLProtocol +TLSv1.2
...
SSLProtocol+SSLv3
...
On Tue, Jun 16, 2015 at 12:37 AM, karl karloff wrote:
> Is there a way in the current Apache (2.4.x or 2.2.x) to specify an
> SSLProtocol and SSLC
On Tue, 2015-06-16 at 06:58 +, Cruz Villanueva, Juan wrote:
> No one has seen this issue (or similar one) before?
It appears you need mod_xml2enc in there. It deals with
precisely that problem.
You might also have an issue with a broken backend,
though I can't tell that from what you posted.
On Tue, Jun 16, 2015 at 8:58 AM, Cruz Villanueva, Juan
wrote:
>
> No one has seen this issue (or similar one) before?
Maybe https://bz.apache.org/bugzilla/show_bug.cgi?id=56287 ?
Regards,
Yann.
-
To unsubscribe, e-mail: users-u
No one has seen this issue (or similar one) before?
Best regards.
Juan Cruz Villanueva
From: Cruz Villanueva, Juan
Sent: viernes, 12 de junio de 2015 16:43
To: users@httpd.apache.org
Subject: [users@httpd] Apache Reverse Proxy deletes from code
Hello to everyone,
this is my first post here.
18 matches
Mail list logo
