> -Original Message-
> From: J. Bakshi [mailto:joyd...@infoservices.in]
> Sent: Tuesday, December 01, 2009 8:20 AM
> To: users@httpd.apache.org
> Subject: Re: [us...@httpd] how to get multiple SSL with name
> based vhost ?
>
> ...
>
> Thanks for your nice explanatory response. The serv
Carsten Wiedmann wrote:
> William A. Rowe Jr. schrieb:
>> I agree it should be easier, Rich and I have it down to 3-4 lines of rewrite
>> magic
>> to kick out a 400, but we should probably allow this to be explicit
>> [default?]
>
> That would be nice. And if I'm be able to set the status code i
William A. Rowe Jr. schrieb:
> RewriteRule .* - [R=400]
Hm, ok, I've never realized, that I can set other status codes in
RewriteRule [R], then the well known redirect status codes (Redirection
3xx). A little bit curious?
With [R=400] it's the same as with the Perl script (thanks for this hin
Boyle Owen wrote:
>> -Original Message-
>> From: J. Bakshi [mailto:joyd...@infoservices.in]
>> Sent: Tuesday, December 01, 2009 8:20 AM
>> To: users@httpd.apache.org
>> Subject: Re: [us...@httpd] how to get multiple SSL with name
>> based vhost ?
>>
>> ...
>>
>> Thanks for your nice expla
> -Original Message-
> From: J. Bakshi [mailto:joyd...@infoservices.in]
> Sent: Tuesday, December 01, 2009 10:53 AM
> To: users@httpd.apache.org
> Subject: Re: [us...@httpd] how to get multiple SSL with name
> based vhost ?
>
> ...
>
> Thank for your response. your assumption is correct
Boyle Owen wrote:
>> -Original Message-
>> From: J. Bakshi [mailto:joyd...@infoservices.in]
>> Sent: Tuesday, December 01, 2009 10:53 AM
>> To: users@httpd.apache.org
>> Subject: Re: [us...@httpd] how to get multiple SSL with name
>> based vhost ?
>>
>> ...
>>
>> Thank for your response.
Carsten Wiedmann wrote:
>
> Well, and the error document with [R=400] (or other status codes) is also
> not multi language.
Right; presume for a moment that anyone hitting your server with a bogus dns
reference or by-ip is doing so in a less-than-friendly, spidery or malicious
manner. Are they r
William A. Rowe Jr. schrieb:
>> Well, and the error document with [R=400] (or other status codes) is also
>> not multi language.
>
> Right; presume for a moment that anyone hitting your server with a bogus dns
> reference or by-ip is doing so in a less-than-friendly, spidery or malicious
> manner.
* Boyle Owen [2009-12-01 10:08]:
> Krist explained it very nicely... But maybe you still didn't get it:
> Without SNI, there is NO WAY TO DO THIS. It is a fundamental
> limitation of the HTTPS protocol with no production-grade
> work-around. SNI (server-name indication) was specifically added to
>
Carsten Wiedmann schrieb:
> It's the same as with:
> | RewriteRule ^.*$ - [R=400]
>
> BTW:
> If "httpd-multilang-errordoc.conf" is enabled, all above solutions are also
> not working nice. Because now the error document shows:
Just for the records. This is doing the trick:
| NameVirtualHost *:80
> -Original Message-
> From: Peter Schober [mailto:peter.scho...@univie.ac.at]
> Sent: Tuesday, December 01, 2009 12:40 PM
> To: users@httpd.apache.org
> Subject: Re: [us...@httpd] how to get multiple SSL with name
> based vhost ?
>
> * Boyle Owen [2009-12-01 10:08]:
> > Krist explained
* Boyle Owen [2009-12-01 14:51]:
> However, at least he now has an alternative... Would you mind
> helping him out with it?
http://markmail.org/message/yr52ptnpgbocgvad
cheers,
-peter
-
The official User-To-User support forum o
I just tried to reply to a message on the "how to get multiple SSL
with name based vhost" discussion, but it was marked as spam I
don't think I mentioned anything particularly spam worthy..
Full copy of the raw email (as gmail remembers it) is at
http://pastebin.com/m7aba774b
Cheers
Tom
--
Hi,
I just tried to reply to a message on the "how to get multiple SSL
with name based vhost" discussion, but it was marked as spam I
don't think I mentioned anything particularly spam worthy..
Full copy of the raw email (as gmail remembers it) is at
http://pastebin.com/m7aba774b
I often
On Tue, Dec 1, 2009 at 2:27 PM, Sascha Kersken wrote:
> Hi,
>
>> I just tried to reply to a message on the "how to get multiple SSL
>> with name based vhost" discussion, but it was marked as spam I
>> don't think I mentioned anything particularly spam worthy..
>>
>> Full copy of the raw email
Hi, Haroon
I see that also but I don't know how to use them. I put the statement into my
vhost of Apache reverse proxy and the apache complaining they are wrong
statement, etc.
...
Proxyrequst off
.
X-Forwarded-For
Is above the correct way to use it? I am not much care about the r
You seem to be a bit confused about how to configure name based virtual hosts..
On Tue, Dec 1, 2009 at 10:53 AM, J. Bakshi wrote:
> ` ` ` `
> Listen 443
> NameVirtualHost example1.de:443
>
>
> SSLEngine on
> SSLCipherSuite HIGH:MEDIUM
> SSLProtocol all -SSLv2
> SSLCertificateFile /etc/apache
Hi, William
Can you give me more details:
There is the %{Header-Name}i syntax of the custom log, so you could easily
verify which header is actually in use. X-Forwarded-For is the usual 'public'
method,
I will use Apache as reverse proxy not forward proxy. So the IPs are from
Internet user no
On Today at 10:09am, RJ=>Ruiyuan Jiang wrote:
RJ> Hi, Haroon
RJ>
RJ> I see that also but I don't know how to use them. I put the statement
RJ> into my vhost of Apache reverse proxy and the apache complaining they
RJ> are wrong statement, etc.
RJ>
Hi Ryan,
X-Forwarded-For is not a statement
Hi, William
For your answer to my question 1, current I use BlueCoat reverse proxy which is
passing internet remote client IP to the backend server. We'd like to migrate
the reverse proxy server to Apache server. The rest network setup has not been
changed.
For your answer to my question2, it
* Tom Evans [2009-12-01 15:22]:
> Full copy of the raw email (as gmail remembers it) is at
> http://pastebin.com/m7aba774b
Yes, wildcard certificates are another possibilty, if your CA supports
them (same goes for subjectAltName, of course).
You'll still need one public IP-address per shared DNS-
Hi, Haroon
Thanks for the reply. Do you mean they are automatically activated for reverse
proxy? Unfortunately it does not work for me if they are activated. My backend
server will be Oracle 9iAS or Oracle 10gAS.
Ryan
-Original Message-
From: Haroon Rafique [mailto:haroon.rafi...@utoro
Hi, Haroon
I read http://en.wikipedia.org/wiki/X-Forwarded-For yesterday and I did not see
Apache listed there. I saw squid, bluecoat, etc. listed there so I was thinking
to test squid with the feature. What is your suggestion? Thanks.
Ryan
-Original Message-
From: Haroon Rafique [mail
All,
We are trying to configure apache to accept client certificate when
accessing the page from client side. Here is the configuration,
RewriteEngine on
RewriteOptions inherit
ServerName ***
JkMountFile /apps/local/apache-ssl/conf/jkm_ser
On Today at 10:29am, RJ=>Ruiyuan Jiang wrote:
RJ> Hi, Haroon
RJ>
RJ> Thanks for the reply. Do you mean they are automatically activated for
RJ> reverse proxy?
Yes.
RJ>
RJ> Unfortunately it does not work for me if they are activated.
RJ>
What does not work? The X-Forwarded-For header *is* t
Hi,
Is there for the LDAP search string for require ldap-group to be based on
some variable (like an environment variable)?
I've tried something like the following without success :
require ldap-group CN=%{ENV:HG_GROUP},OU=SAVX,OU=Comptes et groupes de
services,DC=CDDDC01,DC=LOCAL
I was s
Hi, Haroon
Where do you see Apache 2.3? I don't see on the office Apache web site.
Also where should I apply:
<%= request.getHeader("X-Forwarded-For") %>
In my Apache reverse proxy server? Thanks.
Ryan
-Original Message-
From: Haroon Rafique [mailto:haroon.rafi...@utoronto.ca]
Sent: T
ok. i need mod rewrite installed on my apache but i dot know how. i also need
to install some others but this is the main one
On Dec 1, 2009, at 11:30 , Peter Maguire wrote:
ok. i need mod rewrite installed on my apache but i dot know how. i
also need to install some others but this is the main one
Tell us more.
The method of installing a missing module will vary somewhat,
depending on how you installed Apac
i installed from a package from the apache website
From: Rich Bowen
To: users@httpd.apache.org
Sent: Tue, 1 December, 2009 16:35:23
Subject: Re: [us...@httpd] mod_rewite
On Dec 1, 2009, at 11:30 , Peter Maguire wrote:
ok. i need mod rewrite installed on my
On Dec 1, 2009, at 11:38 , Peter Maguire wrote:
i installed from a package from the apache website
Then you should rebuild it, using --enable-rewrite in the arguments
to ./configure this time.
From: Rich Bowen
To: users@httpd.apache.org
Sent: Tue, 1 December, 2009 16:35:23
Subject: R
Rich Bowen wrote:
On Dec 1, 2009, at 11:38 , Peter Maguire wrote:
i installed from a package from the apache website
Then you should rebuild it, using --enable-rewrite in the arguments to
./configure this time.
Simpler just to google apxs.
--
Nick Kew
-
On Tue, Dec 1, 2009 at 4:29 PM, Ruiyuan Jiang wrote:
> Hi, Haroon
>
> Where do you see Apache 2.3? I don't see on the office Apache web site.
> Also where should I apply:
>
> <%= request.getHeader("X-Forwarded-For") %>
>
> In my Apache reverse proxy server? Thanks.
>
> Ryan
>
Apache 2.3 is apache
On Today at 11:29am, RJ=>Ruiyuan Jiang wrote:
RJ> Hi, Haroon
RJ>
RJ> Where do you see Apache 2.3? I don't see on the office Apache web site.
As of yet unreleased. If I remember correctly, 2.3 will be the unstable
branch and 2.4 (when released) will be the stable version.
RJ> Also where shou
Hello!
I build my application vs. libhttpd (Apache) library (for adding HTTP server
abilities), during application running it required to shutting down and then
(after some time) to start this (HTTP) server again.
The procedure I used to initialize/shutting down this server is same as used in
I am a sysadmin, Haroon. Thanks.
-Original Message-
From: Haroon Rafique [mailto:haroon.rafi...@utoronto.ca]
Sent: Tuesday, December 01, 2009 11:55 AM
To: users@httpd.apache.org
Subject: RE: [us...@httpd] Passing remote client IP address to backend server
and session stickness
On Today
Thanks, Tom
I will check with my developers here. By the way, is apache done differently
for X-Forwarded-For than the rest reverse proxy vendors?
Ryan
-Original Message-
From: Tom Evans [mailto:tevans...@googlemail.com]
Sent: Tuesday, December 01, 2009 11:51 AM
To: users@httpd.apache.
On Tue, Dec 1, 2009 at 5:01 PM, Ruiyuan Jiang wrote:
> Thanks, Tom
>
> I will check with my developers here. By the way, is apache done differently
> for X-Forwarded-For than the rest reverse proxy vendors?
>
> Ryan
>
No.
Cheers
Tom
> Krist explained it very nicely... But maybe you still didn't get it:
> Without SNI, there is NO WAY TO DO THIS. It is a fundamental limitation of
> the HTTPS protocol with no production-grade work-around. SNI (server-name
> indication) was specifically added to address this limitation. There is
On Tue, Dec 1, 2009 at 3:48 PM, Sheryl wrote:
>
>> Krist explained it very nicely... But maybe you still didn't get it:
>> Without SNI, there is NO WAY TO DO THIS. It is a fundamental limitation of
>> the HTTPS protocol with no production-grade work-around. SNI (server-name
>> indication) was spec
On Tue, Dec 1, 2009 at 3:48 PM, Sheryl wrote:
> To back up a moment, though -- another way to do this is to define
> multiple IPs on the network card and run multiple instances of apache,
> each with different config files. We run 20 or more on some of our
> production servers.
You could run on
On Tue, Dec 1, 2009 at 4:05 PM, Roger wrote:
> On Tue, Dec 1, 2009 at 3:48 PM, Sheryl wrote:
>
>> To back up a moment, though -- another way to do this is to define
>> multiple IPs on the network card and run multiple instances of apache,
>> each with different config files. We run 20 or more on
Krist van Besien wrote:
> You seem to be a bit confused about how to configure name based virtual
> hosts..
>
>
> On Tue, Dec 1, 2009 at 10:53 AM, J. Bakshi wrote:
>
>
>
>> ` ` ` `
>> Listen 443
>> NameVirtualHost example1.de:443
>>
>>
>> SSLEngine on
>> SSLCipherSuite HIGH:MEDIUM
>> SSLProt
43 matches
Mail list logo
