I am a new apache2 user and have started mining my access logs (with
Perl progs) for certain info. I have had great success using the
Parse::AccessLogEntry module from cpan.org, but I have had a few
instances where it bombed on the default extended common format.
In those cases I found that a use
On Wed, Jul 20, 2011 at 14:25, Christopher Johnson wrote:
...
> website. This functionality does work in windows but not linux. Is there
> a issue porting the certs, keys and CA's from windows? Is there a
> compatibility issue? Is there somethings I should be checking? Any
> assistance would
I am trying to use a MySQL database for Digest password management on
my remote server. I have my httpd.conf file settings here:
# mod_dbd configuration
DBDriver mysql
# MySQL params:
# host, port, user, pass, dbname, sock, flags, fldsz, group, reconnect
DBDParams "dbname=passwords user= pa
On Wed, Jul 27, 2011 at 10:13, Tom Evans wrote:
> On Wed, Jul 27, 2011 at 4:05 PM, Tom Browder wrote:
>> I am trying to use a MySQL database for Digest password management on
>> my remote server. I have my httpd.conf file settings here:
...
>> # MySQL params:
>>
On Wed, Jul 27, 2011 at 11:24, Nick Kew wrote:
>
> On 27 Jul 2011, at 16:05, Tom Browder wrote:
>
>> At the moment it doesn't work. After start I get these errors:
>>
>> [Wed Jul 27 09:08:56 2011] [error] (20014)Internal error: DBD: Can't
>> connect to
On Wed, Jul 27, 2011 at 12:09, Tom Browder wrote:
> On Wed, Jul 27, 2011 at 11:24, Nick Kew wrote:
>>
>> On 27 Jul 2011, at 16:05, Tom Browder wrote:
>>
>>> At the moment it doesn't work. After start I get these errors:
>>>
>>> [Wed Jul
On Wed, Jul 27, 2011 at 10:05, Tom Browder wrote:
> I am trying to use a MySQL database for Digest password management on
> my remote server. I have my httpd.conf file settings here:
Does anyone have a working solution for Apache Digest password
management using MySQL (all on Ubuntu 10.
On Wed, Jul 27, 2011 at 12:09, Tom Browder wrote:
> On Wed, Jul 27, 2011 at 11:24, Nick Kew wrote:
>>
>> On 27 Jul 2011, at 16:05, Tom Browder wrote:
>>
>>> At the moment it doesn't work. After start I get these errors:
>>>
>>> [Wed Jul
The Apache2 docs has an SSL FAQ here:
http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html
It has a list of Certifying Authorities (CAs) but is missing one
important one for personal or small-scale server operators StartSSL:
http://www.startssl.com/
They can provide an inexpensive wild-card ce
I am getting known warnings in my error logs from the use of wild card
certificates (see my earlier message on the source of the wild card
certificate):
[Sun Jul 31 18:31:42 2011] [warn] RSA server certificate wildcard
CommonName (CN) `*.usafa-1965.org' does NOT match server name!?
[Sun Jul 31 18:
I've asked earlier about this (but using MySQL):
Does anyone have a working solution for Apache Digest password
management using PostgreSQL (and mod_dbd)?
If so, would you be willing to share setup details?
Best regards,
-Tom
USAFA, CS-24, Class of 1965
Niceville, Florida, USA
---
On Sun, Aug 7, 2011 at 05:08, wrote:
> Hello,
>
> I find it a bit strange that it is so difficult to find information about
> how to do this.
Niklas, I agree, I have found the same situation and I will keep the
list informed if I get a good solution.
But note that I have given up on MySQL becau
On Sun, Aug 7, 2011 at 07:21, Nick Kew wrote:
...
> On 7 Aug 2011, at 11:08, nik...@iandapp.com wrote:
...
>> I find it a bit strange that it is so difficult to find information about
>> how to do this.
...
>> I want to configure my Apache2 to use mod_dbd when authenticating users.
>> But I cannot
On Sun, Aug 7, 2011 at 17:44, Nick Kew wrote:
> On Sun, 7 Aug 2011 13:30:48 -0500
> Tom Browder wrote:
>
>> That is a very important link that I had not found, although from my
>> look at htdigest I was assuming most of the information. (And that
>> link sho
On Mon, Aug 8, 2011 at 02:10, Niklas Johansson wrote:
> I will have a look at it once it pops up.
For the Apache 2.2 docs section on password formats, the Apache
digest-authentication method, here is an example for Perl that I am
using in my password generator script:
use Digest::MD5 qw(md5_hex)
On Tue, Aug 9, 2011 at 05:07, Tom Evans wrote:
> On Tue, Aug 9, 2011 at 4:42 AM, Rajeev Prasad wrote:
...
>> currently i have mod auth_mysql configured and running as plaintext
>> password:
...
>> 2. how can i get a user log out once the browser tab is closed. seems i
>> have to close the brows
I have a working site on a single server with multiple virtual hosts
and a commercial SSL certificate that serves them all okay.
When setting up my site originally I was following examples from
several places and now I wonder if I might simplify my configuration
without compromising current securi
I want to have NO http traffic on my site. Is this the correct way to
ensure I serve everything on my site via https:
ServerName tb.com
ServerAlias *.tb.com
Redirect permanent / https://tb.com/
...
Thanks so much.
Best regards,
-Tom
On Thu, Jul 12, 2012 at 6:37 AM, Nick Kew wrote:
>
> On 12 Jul 2012, at 12:02, Tom Browder wrote:
>
>> I want to have NO http traffic on my site. Is this the correct way to
>
> No.
Thanks for the reply, Nick. I have a stack of Apache security books
(as well as your mo
On Thu, Jul 12, 2012 at 9:08 AM, Mark Montague wrote:
> On July 12, 2012 8:02 , Tom Browder wrote:
>> On Thu, Jul 12, 2012 at 6:37 AM, Nick Kew wrote:
>>> On 12 Jul 2012, at 12:02, Tom Browder wrote:
>>>
>>>> I want to have NO http traffic on my site. Is
On Thu, Jul 12, 2012 at 11:20 AM, Nick Kew wrote:
> On Thu, 12 Jul 2012 11:32:01 -0400
> Mark Montague wrote:
...
>> HTTPS makes it harder to do man-in-the-middle (MITM) attacks, but MITM
>> attacks are still possible against HTTPS.
...
> Up to a point, Lord Copper.
...
>> If I were in your situa
I have a single server with a multiple vhost SSL certificate from a
recognized CA. All vhosts are using SSL/TLS successfully and
exclusively with HSTS enforcement.
I would now like to add SSL client certificates for individual vhost
private directory access and plan to do so using a self-generate
On Thu, Jul 19, 2012 at 7:34 PM, Daniel Ruggeri wrote:
> On 7/19/2012 10:11 AM, Tom Browder wrote:
>> I have a single server with a multiple vhost SSL certificate from a
>> recognized CA. All vhosts are using SSL/TLS successfully and
>> exclusively with HSTS enforcement.
&
On Sun, Jul 29, 2012 at 10:16 AM, Eric Covener wrote:
>> Yet the link I cited says if I have mod_so it should be there??
...
> If someone else packaged your apache build, consult the doc specific
> to that packaging.
At the command line try "locate apxs" and that should be a start.
Note that som
I have a completely https site and would like to make it more
efficient for non-private static pages.
This document by Ivan Ristic:
https://www.ssllabs.com/downloads/SSL_TLS_Deployment_Best_Practices_1.0.pdf
recommends (in para 3.4) "enabling caching of public resources...by
attaching the Cach
I have a good instance of apache2 running as an Ubuntu package on
Ubuntu 10.04 LTS (64-bit), but it's version 2.2.14.
I would like to use the latest Apache version and build it from
source. Has anyone tried setting up a locally-built version of Apache
so as to be able to switch easily between the
On Thu, Aug 2, 2012 at 4:53 PM, Tom Browder wrote:
> I have a good instance of apache2 running as an Ubuntu package on
> Ubuntu 10.04 LTS (64-bit), but it's version 2.2.14.
...
I should have noted that the locally-installed Apache2 will be built
with the configure option "PRE
On Thu, Aug 2, 2012 at 5:35 PM, Mauricio Tavares wrote:
> On Thu, Aug 2, 2012 at 5:53 PM, Tom Browder wrote:
...
>> The "Debian" option should make the situation somewhat easier, BUT,
>> will it overwrite existing configuration files? It's not supposed to,
>
On Fri, Aug 3, 2012 at 10:05 AM, John wrote:
> One gotcha you may run into, some .conf parameters have changed.
>
> You can't just copy the old 2.2.x .conf file over to 2.4.x without checking.
> Since some of the changes occurred in various levels of 2.2 they aren't all
> referenced in the migrati
I see lots of examples of denying access to files in a directory with
a certain suffix, but I want to deny access to ALL files EXCEPT those
with one suffix (.html).
I have tried this (Apache 2.2.14):
SSLOptions +StdEnvVars +StrictRequire +OptRenegotiate
SSLVerifyClient require
SS
On Sun, Aug 5, 2012 at 4:43 PM, Daniel Gruno wrote:
> On 08/05/2012 11:31 PM, Tom Browder wrote:
>> I see lots of examples of denying access to files in a directory with
>> a certain suffix, but I want to deny access to ALL files EXCEPT those
>> with one suffix (.html).
...
&
I have been checking my Apache 2.2.14 server with this link:
https://www.ssllabs.com/ssltest/index.html
I am trying to improve my SSL Labs security score but can't beat 85.
I am running Apache 2.2.14 (from Ubuntu's package).
I get the following scores:
Certificate 100
Protoco
On Tue, Aug 7, 2012 at 7:46 AM, Eric Covener wrote:
> On Tue, Aug 7, 2012 at 8:14 AM, Tom Browder wrote:
>> I have been checking my Apache 2.2.14 server with this link:
>>
>> https://www.ssllabs.com/ssltest/index.html
...
>> Cipher Suites (sorted by strengt
On Tue, Jul 31, 2012 at 9:15 AM, Tom Browder wrote:
> I have a completely https site and would like to make it more
> efficient for non-private static pages.
Ping, anyone?
-Tom
-
To unsubscribe, e-mail: users-un
On Fri, Aug 10, 2012 at 2:13 AM, Igor Cicimov wrote:
> On Thu, Aug 9, 2012 at 12:05 AM, Tom Browder wrote:
>>
>> On Tue, Jul 31, 2012 at 9:15 AM, Tom Browder
>> wrote:
>> > I have a completely https site and would like to make it more
>> > efficient for no
I'm trying to clean up my conf files after getting an all-SSL server
with several virtual hosts working.
At the moment, for each server block, I have this:
SSLEngine on
SSLCACertificateFile/path/to/ca.pem
SSLCertificateFile /path/to/server.crt
SSLCertificateKeyFile /path/
On Wed, Sep 5, 2012 at 4:32 PM, Mark Montague wrote:
...
> As you can see, the CN is not a hostname and does not get validated by
> httpd. You need to rely on the certificate authorities you trust in order to
> not sign certificates for "improper" CNs -- for example, the CN of a host
> that does n
On Sun, Sep 9, 2012 at 8:59 AM, Pete Houston wrote:
> On Sun, Sep 09, 2012 at 08:36:30AM -0500, Tom Browder wrote:
>> So the client cert. does contain the private key? Then its password
>> is all that is protecting it?
>
> No, the key is normally (but not always) kept
On Mon, Sep 10, 2012 at 10:00 PM, Igor Cicimov wrote:
> On Sun, Sep 9, 2012 at 10:57 PM, Tom Browder wrote:
>>
>> I'm trying to clean up my conf files after getting an all-SSL server
>> with several virtual hosts working.
...
>> Can I hoist the common SSL cert. s
Does anyone have a pointer to help on restricting a directory to
access only with valid SSL Client Certificates and how to work CGI
scripts to respect that restriction?
I have been successful restricting direct access, but it seems that
certain cgi programs can access the directory with impunity.
On Sun, Sep 30, 2012 at 7:44 PM, Mark Montague wrote:
> On September 30, 2012 19:45 , Tom Browder wrote:
>>
>> Does anyone have a pointer to help on restricting a directory to
>> access only with valid SSL Client Certificates and how to work CGI
>> scripts to respect
On Mon, Oct 1, 2012 at 7:54 AM, Mark Montague wrote:
>> On Sun, Sep 30, 2012 at 7:44 PM, Mark Montague wrote:
>>> On September 30, 2012 19:45 , Tom Browder wrote:
>>>>
>>>> Does anyone have a pointer to help on restricting a directory to
>>>>
On Mon, Oct 1, 2012 at 10:53 AM, Mark Montague wrote:
> On October 1, 2012 9:17 , Tom Browder wrote:
>>
>> Inside the restricted area I have:
>>
>>SSLVerifyClient require
>>
>> I have found that the configuration doesn't restrict CGI program
On Mon, Oct 1, 2012 at 2:28 PM, Mark Montague wrote:
> On October 1, 2012 14:58 , Tom Browder wrote:
>> On Mon, Oct 1, 2012 at 10:53 AM, Mark Montague wrote:
>>> On October 1, 2012 9:17 , Tom Browder wrote:
...
>>>> I have found that the configuration doesn't
I have successfully generated SSL client certs (generated with openssl
1.0.1c) used by Safari, Firefox, and Chrome on Linux and Windows plus
IE 9 on Windows, but I cannot get successful access with either Safari
or Firefox on Mac OS X.
When I try on Mac/Safari I get the error:
The server did no
On Mon, Oct 15, 2012 at 8:59 AM, Mark Montague wrote:
> On October 12, 2012 10:41 , Tom Browder wrote:
>>
>> I have successfully generated SSL client certs (generated with openssl
>> 1.0.1c) used by Safari, Firefox, and Chrome on Linux and Windows plus
>> IE 9 o
Is it possible to use Apache with the NSS libraries instead of OpenSSL?
If not, has that ever been considered as an option?
Based on my struggle with OpenSSL documentation to generate my own CA
and client SSL certificates, the NSS documentation for that same task
looks like a breeze in comparison
On Wed, Oct 24, 2012 at 5:24 PM, Tom Browder wrote:
> Is it possible to use Apache with the NSS libraries instead of OpenSSL?
Oops, I just found mod_nss.
But I would appreciate any comments about the use of mod_ssl versus mod_nss.
Best,
-
On Wed, Oct 24, 2012 at 5:43 PM, Mark Montague wrote:
> On October 24, 2012 18:24 , Tom Browder wrote:
...
>> Is it possible to use Apache with the NSS libraries instead of OpenSSL?
> If your problems are just with generating / signing certificates, you don't
> need to use th
I had some CGI scripts running on Apache 2.2 which tested for
"$ENV{DOCUMENT_ROOT}" and worked fine.
Now I am attempting to use the same scripts on Apache 2.4 and, so far,
I can't seem to find that variable defined.
Has there been some change or need I look elsewhere for the problem?
I'm pretty
On Aug 20, 2015 5:03 PM, "Tom Browder" wrote:
> I had some CGI scripts running on Apache 2.2 which tested for
> "$ENV{DOCUMENT_ROOT}" and worked fine.
>
> Now I am attempting to use the same scripts on Apache 2.4 and, so far,
> I can't seem to find that v
On Sat, Aug 22, 2015 at 10:02 AM, Kurtis Rader wrote:
> On Sat, Aug 22, 2015 at 3:41 AM, Tom Browder wrote:
>>
>> On Aug 20, 2015 5:03 PM, "Tom Browder" wrote:
>> > I had some CGI scripts running on Apache 2.2 which tested for
>> > "$ENV{DOC
On Sat, Aug 22, 2015 at 10:37 AM, Eric Covener wrote:
> On Sat, Aug 22, 2015 at 11:19 AM, Tom Browder wrote:
...
>> So that's my confusion: it [DOCUMENT_ROOT] is not listed in the RFC and the
>> Apache docs
>> do not mention it that I can find, but Apache 2.4 does pa
On Sat, Aug 22, 2015 at 11:03 AM, Eric Covener wrote:
> On Sat, Aug 22, 2015 at 12:01 PM, Tom Browder wrote:
>> Mine, too.
>
> I'm confused, is this where the thread started or did you have to
> change something in your scripts for 2.4?
The thread began with my query
On Sat, Aug 22, 2015 at 2:12 PM, Kurtis Rader wrote:
...
> I was confused as well since your original message made it sound like you
> saw DOCUMENT_ROOT in the 2.2 CGI environment and not in the 2.4 CGI
> environment. Which I simply assumed meant someone had updated the code to
> more strictly co
On Aug 22, 2015 8:57 PM, "Kurtis Rader" wrote:
> On Sat, Aug 22, 2015 at 1:15 PM, Tom Browder
wrote:
>> Sorry for the confusion, Kurt, but I appreciate your look and
>> analysis. Shall I file the bug, or would it be better coming from
>> you.
...
> You sho
Anyone have an opinion of the best way to indicate an SSI file to be scanned?
Best,
-Tom
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
I am using Apache 2.4.16 and trying to get my CGI programs to work
after transferring to a new remote host.
After much debugging I am finally getting to the point where my script
is trying to insert a new or updated record in my SQLite db and I get
this error:
===>
Error
Sorry, the following
On Tue, Aug 25, 2015 at 5:30 AM, Tom Browder wrote:
> I am using Apache 2.4.16 and trying to get my CGI programs to work
...
Please, disregard for now.
I realized my httpd.conf User name was wrong (I changed it during the
transfer and didn't follow up completely), so the error has chang
I am trying to use directive ScriptLog to debug CGI code but, so far
haven't been able to see any output.
My httpd server user name is 'apache' in group 'apache'. I have
created a directory in my $HOME name 'cgi-log' and made its owner and
group to be apache.
$ ls -ld cgi-log
drwxr-xr-x 2 apache
On Aug 25, 2015 5:10 AM, "Tom Browder" wrote:
> Anyone have an opinion of the best way to indicate an SSI file to be
> scanned?
Ping, anyone?
-Tom
On Sun, Aug 30, 2015 at 1:03 PM, Eric Covener wrote:
> On Sun, Aug 30, 2015 at 1:52 PM, Tom Browder wrote:
>> But I have yet to see any output there. What, specifically, in my CGI
>> programs, do I need to do to get output?
>
>
> mod_cgid doesn't seem to actually
On Sat, Aug 22, 2015 at 8:57 PM, Kurtis Rader wrote:
> On Sat, Aug 22, 2015 at 1:15 PM, Tom Browder wrote:
>>
>> Sorry for the confusion, Kurt, but I appreciate your look and
>> analysis. Shall I file the bug, or would it be better coming from
>> you.
>
>
&g
I am using an SSI virtual script (only in index.html) which records
page access time in a database. My definition of page access time is
one hour, that is, the client gets credit for only one access per
hour. Unfortunately, my default setup is such that I'm currently not
specifying any caching for
On Fri, Sep 4, 2015 at 8:36 AM, Eric Covener wrote:
> On Fri, Sep 4, 2015 at 8:33 AM, Tom Browder wrote:
>> Problem: The documentation for mod_expires is pretty clear, but it
>> doesn't look like I can specify a separate expiration time for
>> "index.html" v
First, Happy New Year, all!
My site currently successfully uses client TLS certs. for access to
its private area. I would like to add the capability of a one-time
password sent to the user's e-mail to authenticate the user and then
allow that user access to the private area for a limited time.
I
Anyone?
On Tuesday, January 5, 2016, Tom Browder wrote:
> First, Happy New Year, all!
>
> My site currently successfully uses client TLS certs. for access to
> its private area. I would like to add the capability of a one-time
> password sent to the user's e-mail to authe
On Mon, Jan 11, 2016 at 6:37 AM, Daniel Gruno wrote:
> In short, see
> https://serverfault.com/questions/577835/apache-ssl-certificate-and-basic-auth-combination-password-if-no-certificate
> (longer email is pending moderation, I believe)
Thanks, Daniel. My bad, I forgot to check there. It se
Does anyone here use mod_psgi? I hear it discussed a bit in the Perl
community in the context of Catalyst, Dancer2, etc., but the repo on
github doesn't look active.
I have just sent a message to the repo owner (j...@cpan.org), but I
wanted to check here also.
Thanks.
Best regards,
-Tom
-
I have a working system of client certs (which were signed using
SHA1) allowing access to a private area on a website. As we all know, soon
such certs will be a thing of the past since SHA2 will be required.
I have started generating the certs with SHA2, but want to know if can I
use both systems
On Thu, Feb 25, 2016 at 9:24 AM, Eric Covener wrote:
> On Thu, Feb 25, 2016 at 6:58 AM, Tom Browder wrote:
>> I have started generating the certs with SHA2, but want to know if can I use
>> both systems on the same site while I get my users to transition to their
>> new c
On Thu, Feb 25, 2016 at 10:24 AM, Eric Covener wrote:
> On Thu, Feb 25, 2016 at 11:20 AM, Tom Browder wrote:
>> But, for future reference, how would using two CA's for the same
>> protected directory work? Would the two SSLCACertificateFile files
>> have to be conc
I am running Apache 2.4.18 and have one site (https://usafa-1965.org)
that requires a client certificate to access a restricted directory
("Classmates
Only"). How can I return a friendlier message than, e.g., Chrome
emits when a user without a valid certificate attempts to access the
restricted di
On Wed, May 11, 2016 at 7:19 AM, Tom Browder wrote:
> I am running Apache 2.4.18 and have one site (https://usafa-1965.org)
> that requires a client certificate to access a restricted directory
> ("Classmates
> Only"). How can I return a friendlier message than, e.g., Chro
On Wednesday, May 11, 2016, Marat Khalili wrote:
> There's no code at all. HTTP connection is not even established. I don't
> think it can be easily solved. You have to ALLOW connections from clients
> without valid certificate in order to send them your custom message, and
> resulting reductio
On Wed, May 11, 2016 at 8:50 AM, Marat Khalili wrote:
> On 11/05/16 16:35, Tom Browder wrote:
>>
>> Is there any way via CGI to check for a valid client cert? If so, I
>> could interject another script to do that at the Enter button.
>
> Client verification state
I would like my server to update a database every time a new user
accesses a specific page. Currently I do that by embedding a call to
a cgi script via an SSI execution line in each file I want to log
access to. That method doesn't seem to work reliably and I think it
may be due to caching of the
I want to have *.shtml files parsed more frequently than other files.
Using "mod_expire" seems easy enough but it uses file mime types and
but I can't find any mime type for "text/shtml" only.
So I guess my only option is to use "mod_cache" which is not very
straight-forward to use, but it, too, d
On Tuesday, November 15, 2016, Eric Covener wrote:
> On Tue, Nov 15, 2016 at 1:29 PM, Tom Browder > wrote:
Thanks, Eric. I think I have the solution for my needs after I read about
SSI some more. I have been using the xbit hack forever, but I think there
is a solution specifically
On Tue, Nov 15, 2016 at 3:19 PM, Tom Browder wrote:
> On Tuesday, November 15, 2016, Eric Covener wrote:
>> On Tue, Nov 15, 2016 at 1:29 PM, Tom Browder
>> wrote:
> Thanks, Eric. I think I have the solution for my needs after I read about
> SSI some more. I have bee
I need to programatically determine whether httpd is running or not,
whether I'm root or not. The only reliable way I have found is to use the
system command 'ps -C httpd' and grep the results.
Is there a better way?
Thanks.
Best regards,
-Tom
On Tue, Feb 21, 2017 at 07:58 Mike Schlottman wrote:
> If you have httpd running as a service in Centos, you can run service
> httpd status.
>
Thanks, Mike. But I'm running Debian and, for httpd, the old init.d thing.
I would love to get a systemd working for it, but I need a real cookbook
solut
On Tue, Feb 21, 2017 at 8:15 AM, Yehuda Katz wrote:
> That grep would not work on Debian-style packages because they show apache2
> as the executable but it might be the best way on other systems.
Good point, Yehuda. I guess I should find out
But I just looked at my ps output and it shows the c
Host: httpd version 2.4.25, Debian 8, 64-bit
I am so close but getting the following error:
[dbd:error] [pid 14137:tid 14051275572] (20014)Internal error:
AH00632: failed to prepare SQL statements: near "authn_query": syntax
error
[dbd:error] [pid 14137:tid 14051275572] (20014)Internal er
On Tue, Apr 25, 2017 at 12:03 PM, Tom Browder wrote:
> Host: httpd version 2.4.25, Debian 8, 64-bit
>
> I am so close but getting the following error:
...
I think I just discovered I what the problem is: I'm using harp.js to
build my site and the is compiling incorrectly.
I exp
On Tue, Apr 25, 2017 at 14:47 Tom Browder wrote:
>
> On Tue, Apr 25, 2017 at 12:03 PM, Tom Browder wrote:
> > Host: httpd version 2.4.25, Debian 8, 64-bit
> >
> > I am so close but getting the following error:
> ...
>
> I think I just discovered I what the
On Wed, Apr 26, 2017 at 04:04 Luca Toscano wrote:
> > I think I just discovered I what the problem is: I'm using harp.js to
>> > build my site and the is compiling incorrectly.
>>
>> Well, that wasn't the problem.
>>
>> The error is still:
>>
>> [dbd:error] [pid 18921:tid 140512673658624] (20014
On Wed, Apr 26, 2017 at 05:06 Tom Browder wrote:
> On Wed, Apr 26, 2017 at 04:04 Luca Toscano wrote:
>
>> > I think I just discovered I what the problem is: I'm using harp.js to
>>> > build my site and the is compiling incorrectly.
>>>
>>> W
Is there any way to cause an auth_form session to expire automatically?
Thanks.
Best regards,
-Tom
I installed 2.4.27, along with the latest openssl. no config was changed,
but my server isn't serving.
I show no errors in the error log.
I will try to go back to previous versions to see if I can recover, but
wonder if anyone can guess what has happened.
Thanks.
-Tom
On Wed, Jul 19, 2017 at 02:20 Luca Toscano wrote:
> Hi Tom,
>
> 2017-07-19 3:33 GMT+02:00 Tom Browder :
>
>> I installed 2.4.27, along with the latest openssl. no config was changed,
>> but my server isn't serving.
>>
>
Thanks, I know that I didn't give
I built and installed OpenSSL 1.0.1f in the FIPS mode.
I configured httpd-2.4.7 successfully to use mod_ssl:
...
--with-ssl=/usr/local/ssl/fips-2.0
and, during the build, it stops here:
/usr/local/src/httpd-2.4.7/support/ab.c:509: undefined reference to
`FIPS_rand_seed'
/usr/local/src/httpd
I am using httpd 2.4.7 built from source. OpenSSL is a Debian package
with version 1.0.1e.
The pertinent part of my httpd.conf is:
SSLCertificateKeyFile /path/to/key.file
SSLPassPhraseDialog |/path/to/passphrase.sh
$ cat passphrase.sh
#!/bin/bas
echo averylongand randompassord
But
On Thu, Feb 27, 2014 at 2:41 PM, Dan Bryan wrote:
> What if you change ":#!/bin/bas" to "#!/bin/bash" in passphrase.sh ?
Duh, e-mail typo! Good catch, Dan, but the real script has its first line as:
#!/bin/bash
But, in the process of checking that file on the server, I discovered
it was not ma
On Thu, Feb 27, 2014 at 2:58 PM, Tom Browder wrote:
> On Thu, Feb 27, 2014 at 2:41 PM, Dan Bryan wrote:
>> What if you change ":#!/bin/bas" to "#!/bin/bash" in passphrase.sh ?
...
> But, in the process of checking that file on the server, I discovered
> it w
On Thu, Feb 27, 2014 at 4:20 PM, Tom Browder wrote:
>
> Still looking for ideas from someone who has used the pipe method.
I'm still looking for how the pipe method works.
But I used the exec method and it works fine!
FYI, I used a script a little pickier than a simple ret
Is anyone successfully using mog_gnutls with httpd 2.4.7?
Any recommendations on using mod_gnutls versus mod_ssl?
Thanks.
Best regards,
-Tom
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands,
On Tue, Mar 4, 2014 at 2:03 PM, Daniel Ruggeri wrote:
> All;
>I would like to draw attention to a tutorial session[1] that I am
> offering during ApacheCon Friday morning. The tutorial is called "Let's
> do something with httpd: The tutorial designed by YOU"
My suggestions:
+ Working example
If I have two virtual hosts using, say:
DocumentRoot /web-sites/domain1.com/public
DocumentRoot /web-sites/domain2.com/public
and one vhost is non-TLS and the other is TLS-only, can I allow them
to share common resources (such as css) by doing something like this
in the server section:
I was surprised to see this message (see below) to the dev list.
Note the last line of the cropped message below:
> The certificates etc. in the three blocks are three different ones.
I thought a server can only have one certificate. Is this a new feature?
Thanks.
Best regards,
-Tom
On Tue,
1 - 100 of 212 matches
Mail list logo
