Apache :: 2.4.3 Not Validating Ssl Trust Chain Properly?
Feb 21, 2013
I am in the process of upgrading from apache 2.2.21 to apache 2.4.3. I'm using apache lounge's compiled 2.4.3 by the way. I'm working on a windows 7 SP1 64 bit workstation.
My old 2.2.21 was configured to use ssl with client pki authentication. When I configure 2.4.3 with the ssl options and move the CAs, private key and server certificate from my old 2.2.21 instance I get the following error.
View 3 Replies
ADVERTISEMENT
Oct 31, 2014
I have a website on domain x like https://example.com. One of our customers want to use their own domain name in the address bar and redirect to our web application. In the control panel of the customers website, we can forward the site to our domain without issues (stealth forwarding). After that, we are able to see the site and navigate to some options. But there are some issues/limitations. I cannot open some links, or click on tabs. The login feature works for chrome but not for internet explorer. Is this due the jump of http to https within an iframe? Or is it related to CORS? I have a Windows 2008 R2 server with Apache, which is the frond-end for the tomcat instances. "Tomcat Apache" serves our Java-based web application (mod_jk binded) ...
View 2 Replies
View Related
Apr 6, 2008
2008-04-06 08:52:32.597ERRORApache Binary Path must be set properly in order replace Apache, fall back to 'Reload on configuration file change'.
2008-04-06 08:52:32.602WARN[configerver:listener] No listener is available for normal virtual host!
2008-04-06 08:52:32.604ERROR[config:template:centralConfigLog] Listener [Default] does not exist
2008-04-06 08:52:32.605ERROR[config:templateHP_SuEXEC] Listener [Default] does not exist
2008-04-06 08:52:32.605ERROR[config:template:EasyRailsWithSuEXEC] Listener [Default] does not exist
2008-04-06 08:52:32.617WARNStandard Edition only support up to 5 Apache vhosts.
I did everything on the litespeed setup I was soppose to found at their wiki site. But still I recieve these errors, LiteSpeed works on my server because httpd is disabled and LiteSpeed is responding to request now.
View 8 Replies
View Related
Jun 19, 2008
I've been running CentOS 5.1 for some time on a new box and while this question isn't really a problem per se it is rather annoying.
I've configured my iptables to reject everything except the ports I need yet for some reason, either cPanel or CentOS adds a chain with a redirect as rule number one called acctboth.
The chain opens up everything from what I can tell. Any ideas how to disable this?
View 7 Replies
View Related
Jun 7, 2007
I found myself writing some filters to monitor spider activity across various sites. Unfortunately it appears that an increasing number of time wasters are setting their User Agent to Googlebot and likes.
Googlebot is pretty easy to filter out as given some research it appears that any legit googlebot IP has a valid .googlebot.com PTR that resolves back to the original IP. It does not appear to be as straight forward with other spiders with msnbot topping the hilarity chart with IPs resolving to meaningless .phx.gbl names.
Is anyone aware of any recommendations or trustworthy references that can be used as guidelines to reliably identify legitimate spider request from fakes?
View 4 Replies
View Related
Jun 6, 2007
Hello,
I have two similar VPS plans with identical software setups.
I installed APF Firewall on VPS A, modified the conf.apf file to
change the interfaces to venet0 and set monokern to 1 and
then opened all the ingress ports required. Started the firewall
with 'service apf start' and everything went fine, and everything
is working fine with no errors.
I did the same on VPS B but when I start apf I get the following
error that reoccurs during the startup sequence:
iptables: No chain/target/match by that name
While the firewall does seem to be running (by checking iptables -L)
I am unable to download files on the VPS, via wget or yum ...
View 4 Replies
View Related
May 30, 2014
I bought yesterday a SSL certificate from Comodo (PositiveSsl).
I have three files to install : the certificate itself, the Root certificate and the intermediate certificate.
Where can I add the intermediate certificate file ? Currently, a SSL report shows that the chains is broken (which is actually right).
View 1 Replies
View Related
Jan 21, 2014
My current configuration is: Ubtuntu Server 10.04, Plesk 11.5 and Roundcube 0.9.5 (installed via Plesk as the default webmail application) on Apache.
I played around with an SSL checker (https://www.ssllabs.com/ssltest/) to test my certificates and I found out that Roundcube delivered a broken certificate chain. It didn't deliver the intermediate certificate correctly. I searched through the configuration file of roundcube (/etc/apache2/plesk.conf.d/roundcube.conf) and discovered that there was only an entry for SSLCertificateFile.
To fix this I added the intermediate certificate via SSLCACertificateFile to the configuration file:
Code:
SSLCertificateFile "/opt/psa/var/certificates/cert-1sCtWB"
SSLCACertificateFile "/opt/psa/var/certificates/cert-FGLFqQ"
The only problem is that this configuration file is generated automatically:
Code:
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
View 13 Replies
View Related
Mar 6, 2014
When I attempt to go to Tools & Settings > External Services > View Services I am redirected to [URL] .... where the page attempts to load for around 2-3 minutes at which point I receive the error :
"Error: Error validating license."
I have checked the logs and event viewer but see no warnings or errors related to the issue. As far as I can tell it is a problem on Plesks side as it seems that the handoff from my panel is already done.
View 3 Replies
View Related
Sep 18, 2008
Just wanted to stop people to become they target of scamming and reported this right now while my server is with them and they dident answer me when it get down about 2 days ago until now...
People, DONT EVER TRUST THEM!
They prices are cheap but they are totally Untrustworthy!
You could pay more than that to have a real server not 15 days a month server!
In case of knowing my issue:
I have bought one of they september offer server, its a core2due 2.13Ghz and 2GB RAM and 2 x 160GB HDD about 14 days ago and my server is now down like 48 hours or more and I have placed 4 - 5 tickets now with every language I know either respectful or swearing, and no answer at all!
they simply ignored my tickets, they live chat is mostly offline (maybe online only 2 - 3 hours a day)
and I have no choice of having control on my server, even the reboot port is a ticket placer as emergency priority and actually no one answer you or even read you ticket!
Guys, you better dont fall in they scamming program by seeing they cheap prices and being tempted.
View 14 Replies
View Related
Jul 1, 2007
RBLs are a key part of blocking spam, what RBLs do you trust now? Spamhaus? Spamcop? Obviously, with hosting companies themselves being the victim of renegade RBLs who list people inappropriately you know which you trust or not..which are they?
My numbers show nearly 80% of mail (read: mail, not spam) is blocked by a simple RBL entry of Spamhaus.
I tend to trust Spamhaus, with enough precautions in place, which others?
View 2 Replies
View Related
Mar 9, 2015
I'm not sure if it's a technical or a license issue. When I try to retrieve external services, such as purchase an ssl certificate or buy an application; I see the the following error: "Error: Error validating license."
For example: If I click on 'Tools and Settings' > 'External Services' > 'View Services' , the browser redirects to [URL] .... (as it should) and then gives me the license error. I have re-retrieved my license key, and even downloaded and reinstalled it from the Parallels Partner Channel and the problem persists. When I check the license key status from the Panel it says, "Key Update Status: License key PLSK.02557481.0016 is up-to-date." Everything else is working fine.
I am running Plesk version 12.0.18 Update #37 on Centos 6.6
View 8 Replies
View Related
Aug 10, 2007
If you upload your website(s) to any given host provider, what security do you have? None, they are in control of your website, if you're:
1. Late on payments.
2. Publish content they don't like.
3. Exceed your limits in any other way.
They can cut you out, close you down.
The only excellent (!) way, to be in total control, is to host your own website, on a dedicated server, in your own home, with a dedicated line, right or not?
View 15 Replies
View Related
Apr 10, 2007
Here's what I asked a sales rep:
Quote:
It would be a slam-dunk to go with HE if the limit was 2.5 AMPS- so I have to ask one more time: is is 2.5 or 2 AMPS that I am limited to? Reason I ask is that in a 4/6 email you said:
> >>
> >>> Hello,
> >>>
> >>> Thanks checking it out. I think Dell can only spec it out configured
> >>> fully loaded. 600Watts So it looks like your server will not be fully
> >>> loaded. Like you said, you can get, check it your self or just go with
> >>> our $200 7u special, rack and read the kill-a-watt meter we provide. If
> >>> its around 2.5A, it should be no problem, if its higher, we can
> >>> immediately upgrade you to the full 15A cabinet and 1Mbps for $600.
> >>
But everything else you have said and I have read says 2 AMPS."
And here's the response:
Quote:
> > Keep in mind its not the start up power usage its the operating power
> > which is much less than start up. If you are at 2.5 Amps you will not be
> > asked to upgrade. 3 Amps yes but not 2.5..
> >
> > Let me know if you would like go forward with the services. My quote is
> > good for 30 days even if the marketing dept decided to eliminate the
> > special pricing.
To which I replied:
Quote:
Thanks,
Then I’m ready to sign-up, if we can amend the contract to state the
following (changes in bold):
“7U customers are provided with one metered outlet with a limit of 2 amps.
If customer exceeds 2.5 amps, customer will be allocated a full cabinet,
asked to move their equipment to the cabinet, and the full cabinet rate of
$600/month will be added to the monthly bill for the remainder of the term."
Let me know if that’s acceptable and I’ll amend the copy I have, sign it and fax it back to you.
To which I receive the response:
Quote:
> Hello,
>
> Unfortunately I cannot amend the terms. I can only assure you by email
> that 2.5 Amps should not be an issue. As an example, we had one customer
> with 2.8 Amps and didn't ask him to upgrade until he hit 3.4 Amps.
>
> I would say to consider getting started with the one server now and when
> you add your second one, we can look at the power usage then. We will
> work with you and are reasonably flexible.
>
> I look forward to your reply.
Would YOU sign this contract? I've only heard good things about Hurricane Electric on this board, but I hate having to trust someone who probably works on commission.
View 10 Replies
View Related
Feb 27, 2007
Should I trust my host with providing correct BW stats? Is there any way I can confirm those stats? (I don't have any tracking software or log analyzer installed because it uses too much resources.) The log file is tiny. Probably no more than 12-24 hours logged.
View 7 Replies
View Related
Jun 4, 2008
I am starting a online sotre. Someone told me to keep third party seals for good response.
Please recommend me which seals to be used
Hacker Safe, TRUSTe, BBB, and Trust Guard
I think Trust Guard seal give a multi package for all security,privacy and business verification. Shall people know it? Is it worth money?
View 0 Replies
View Related
Jun 28, 2009
I need to block a specific IP:
93.6.224.242
It adds fine when I do:
iptables -A INPUT -s 93.6.224.242 -j DROP
However, the IP is still accessing files and pages on the site according to Apache:
When I ban other IP's they are blocked from accessing anything on the server (e.g. it wouldn't even reach Apache level because of firewall), but this IP just isn't banning properly.
View 11 Replies
View Related
Mar 21, 2006
I am using SSL on my site but am having trouble in getting it to work correctly. I want to make it mandatory that the sections in <webaddress>/members and <webaddress>/admin are protected by SSL. I currently have the following in the httpd.conf file:
SSLEngine on
SSLCertificateFile /usr/local/home/pm42/finalcert.pem
SSLCertificateKeyFile /usr/local/home/pm42/privkey.pem
SSLCertificateChainFile /usr/local/home/pm42/finalcert.pem
but I dont know what to do next.
View 0 Replies
View Related
Feb 2, 2009
I installed VNC on my VPS using a guide I found here. I installed KDE. It all works but when I view the VPS through VNC on my windows PC the text on the screen appears to be squares as if its a non supported language.
[url]
I've uploaded a screenshot to better help you understand what I mean.
View 11 Replies
View Related
Jan 15, 2008
I set up my own SMTP server on IIS.
Most of the time it sends and recieves the email OK.
From time to time, the mails bounce. For example if I send to someone at Hanmail (major korean provider) then it always bounces. Similarly, sometimes people say they sent an email to the server and it bounced back to them.
I guess something is not set up right, maybe MX record or some other mysterious thing. How can I troubleshoot/solve this?
I MUST fix this so I will be back to check on this thread often,
View 0 Replies
View Related
Nov 7, 2008
As title suggests I'm looking to make sure my hosting is set up to respond with valid PTR information so my server generated emails aren't flagged as spam.
I have full SSH access to the machine at root level.
Running a CentOS machine but there are also other virtual hosts using a shared ip.
View 6 Replies
View Related
Jun 9, 2007
I have a slight problem with a cron job I have setup.
I wanted to save a copy of iptables every hour to a folder, so I created a script... here it is:
Code:
varDate=`date +%y%m%d`
varTime=`date +%H%M`
filename="IPtablesBackup-$varDate-$varTime"
iptables-save -c > /etc/IPtablesBackup/$filename
and called is Backup-Script.sh
Now if I just execute the script will in root ./Backup-Script.sh I get a new file with the correct filename and iptables info is saved ! Great ! So then I thought, how can I setup this automatically every hour.
Which leads me on to my problem. I inputted "crontab -e" added this line
Code:
59 * * * * /etc/IPtablesBackup/Backup-Script.sh
The problem is the script is run, I know because it creates a new file with the correct time and date, however the file is empty?
I have set Backup-Script.sh to 777 and owner and group are both root?
View 4 Replies
View Related
Jun 22, 2007
A client recently moved one of their domains to one&one (night mare I know) he then asked us to repoint the domain name to our servers using out name servers.
We have done this and it is not resolving to our server.
The problem is that the site is no longer showing and their emails are down.
I used a domain dossier and the DNS record looks like it should be changed but I'd like some confirmation on this.
View 1 Replies
View Related
Mar 25, 2008
I desperately need someone to help with a tomcat installation on a dedicated server. I have tomcat working properly but the app is not connecting properly to the database.
View 1 Replies
View Related
Mar 18, 2015
I renewed an SSL cert for one of my servers. After several hours, then days I noticed that the date had not updated to show the new expiration date.
When I do an ssl check through [URL] it shows the following when scanning https://webhost1.teksavvy.com:8443:
Valid from: 2014-Apr-11 00:00:00 GMT
Valid to: 2015-Apr-11 23:59:59 GMT
When scanning https://webhost1.teksavvy.com it shows:
[Code]....
View 6 Replies
View Related
Jun 27, 2015
I get this error message when I try to add a new domain from within Plesk 12 for Windows..Error: ProtDir_IIS::update() failed: Add Protected Directory failed: columns siteId, path are not unique (Error code 1)
I have added .co.uk - .com and others no issues at all.
View 1 Replies
View Related
Feb 29, 2008
how I can verify that my mail server is configured properly?
This is the problem:
I can send out mail without a problem, but I cannot receive mail from external domains (eg: google or hotmail).
Some of the message have weird bounce backs like:
PERM_FAILURE: SMTP Error (state 13): 550 No Such User Here
But the user does exist... I am logged into it right now.
View 3 Replies
View Related
Jan 11, 2008
I use Incremental backup feature of Cpanel but seems it does not work properly.
Yesterday when i restored my customer account, it brought back the files and database of 2 months ago. I set it backup everday so why this happen?
My server run Centos 4.5 and Cpanel Stable
View 2 Replies
View Related