Apache :: What Do Values From SSL CLIENT VERIFY Mean
Dec 18, 2012
If you enable ssl in apache, you can verify a client certificate. If so apache will create a environment variable for you with the name 'SSL_CLIENT_VERIFY' with values 'NONE, SUCCESS, GENEROUS or FAILED:reason'. URL....What is the meaning of this different values?
View 1 Replies
ADVERTISEMENT
Oct 1, 2014
Is it possible to verify client certificate based on username?If possible, How can we implement it in our httpd-ssl.conf file.
View 1 Replies
View Related
Sep 25, 2013
The last packet successfully received from the server was 60.410.682 milliseconds ago. The last packet sent successfully to the server was 60.410.687 milliseconds ago. is longer than the server configured value of 'wait_timeout'. You should consider either expiring and/or testing connection validity before use in your application, increasing the server configured values for client timeouts, or using the Connector/J connection property 'auto Reconnect= true' to avoid this problem.
View 2 Replies
View Related
May 1, 2014
On a webserver (apache, mysql, php), which values comes to your mind can have bigges impact on a website load time?
we talking about webserver which host like 100 websites, mostly a classic wordpress blog.
I have keep alive turned on. Now i want to do some test playing with various values of apache, php...
View 8 Replies
View Related
Jun 17, 2015
We are facing an issue i.e "Can't verify server identity",When we hit the platform 'teampark.sogeti.com' from android mobile application.Whenever we hit teampark.sogeti.com from Mobile Application ( IBM connections android App), our initial request will hit our Reverse Proxy and Validates the user certificate and forward it to the next level.We are using Apache 2.2.9 as our Reverse Proxy.
View 10 Replies
View Related
Jul 16, 2008
My .htaccess file redirects (rewrites) all .html to .php... I need to add Google's file in order to verify my account (Webmaster Tools) but it can't find the file because of my .htaccess.
Code :
Options +FollowSymlinks
RewriteEngine on
rewritecond %{http_host} ^mydomain.com [nc]
rewriterule ^(.*)$ http://www.mydomain.com/$1 [r=301,nc]
rewritecond %{http_host} ^/index.html [nc]
rewriterule ^(.*)$ http://www.mydomain.com/$1 [r=301,nc]
RewriteRule ^(.*).html$ $1.php [NC]
View 8 Replies
View Related
Feb 19, 2007
how can i find out that my current Apache maxclient or maxperchild settings must be rised and that i have outgrown current settings?
Example httpd status output 56 requests currently being processed, 41 idle servers
View 7 Replies
View Related
Apr 14, 2014
I have been trying to set ssl client authentication with Apache.I basically have a server certificate issued by a recognized CA. For the normal ssl authentication I use the following configuration (and it works fine):
View 1 Replies
View Related
Nov 1, 2013
Pretty new to Apache and recently enabled teh Apache Server Status module.
A column is confusing me, after CONN/CHILD/SLOT is CLIENT, most of the addresses in this column are my own local addresses but I have a few which I don't recognise and show up on whois.net as follows;
203.188.201.201 = Yahoo Mail
199.87.232.177 = No Result
141.44.51.95 = Query terms are ambiguous
58.218.204.102 = CHINANET-JS
Why would these show on my status?
View 4 Replies
View Related
Jul 27, 2008
[Sun Jul 27 15:06:12 2008] [error] [client ] % Total % Received % X
[Sun Jul 27 15:06:12 2008] [error] [client ] ferd Average Speed Time Time Time Current
[Sun Jul 27 15:06:12 2008] [error] [client ] Dload Upload Total Spent Left Speed
[Sun Jul 27 15:06:12 2008] [error] [client ]
0 0 0 0 0 0 0 0 --:--:-- --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- 0
Have you ever seen error like this?
View 4 Replies
View Related
Apr 24, 2013
I need to accomplish the following:
1. User hits my new 2.4 reverse proxy at [URL] ....
2. I proxy the request through to my "real" app server at [URL] ....
3. I also use a re-write rule to add a querystring to the URL: ?Parameter=Foo
4. So, client's request arrives at the my app server as [URL] .....
5. When my app server responds, it is including the Parameter=Foo key/value combination. I don't want this.
6. I want my reverse proxy (somebox.com) to strip "Parameter=Foo" from the string which gets returned to the client.
I have steps 1 & 2 working nicely, but it looks like I can't handle the last bit with with mod_rewrite. I found mod_filter and mod_substitute, but it appears that this stuff is used for re-writing strings IN the document. Can these libs be used to maybe modify (I'm guessing here) the headers so that the "?Parameter=Foo" string can't be seen on the client if they're running something like fiddler?
View 3 Replies
View Related
Oct 17, 2013
I know that port 80 is reserved for HTTP communication to clients on the apache server,and that the client can receive the HTTP response to any port on the client machine, I think there might be more details to it than this. I am required to describe how client and server sockets are used for the client/server communication between an Apache Web server and Web client processes.
View 1 Replies
View Related
Jul 30, 2013
I am trying a webpage siremis whenever i try to login i am getting below error in error log of apache [client 192.168.137.7:4758] AH01630: client denied by server configuration: /opt/siremis-4.0.0/siremis/.htaccess
in httpd.conf following is the rule
Alias /siremis "/opt/siremis-4.0.0/siremis"
<Directory "/opt/siremis-4.0.0/siremis">
Options Indexes FollowSymLinks MultiViews
[code]....
i am using apache 2 and php 5.5.1 and mysql 5.6.12.
View 3 Replies
View Related
Sep 19, 2014
I've got a quite difficult problem which I don't know hoe to solve. We use a self created ISAPI module which is a "business server" running behind an Apache.
From time to time a client app crashes the server (the circumstances are not quite clear) - and because there is only one server process, all other clients crash as well. Here is an exemplary log of a crash:
Faulting application name: httpd.exe, version: 2.2.22.0, time stamp: 0x4f242d7a
Faulting module name: ABCServer.dll, version: 1.0.0.1, time stamp: 0x53cfffa5
Exception code: 0xc00000fd
Fault offset: 0x00004cf6
Faulting process id: 0x94c
Faulting application start time: 0x01cfc5cc18c67d57
Faulting application path: C:Program Files (x86)Apache Software FoundationApache2.2�inhttpd.exe
Faulting module path: C:datawwwabcremoteABCServer.dll
Report Id: d27d5891-31da-11e4-93ff-0003ff4356f9
Faulting package full name:
Faulting package-relative application ID:
Exception code: 0xc00000fd means stack overflow as I learnt. Therefore we configured mpm_winnt_module to use a 8M ThreadStackSize but this didn't work.
A solution might be that Apache starts for every client its own server process with the module ABCServer.dll. Because it is quite small and there are not thousands of customers this sounds like the perfect solution. No other clients/customers would be affected by a crash.
Unfortunately mpm_winnt_module supports only 1 process AFAIK. Worker and Prefork MPM are not available in Apache's Windows version what I read.
How can we configure Apache to start a new module process per client?
View 3 Replies
View Related
Oct 29, 2014
I am setting up apache 2.4 as a service locally through localhost on a windows 2008 R2 standard server. I have set up SSL listening on port 443 and works correctly, however I am having trouble figuring out how to get apache to authenticate my CAC card.
I have downloaded the DOD certs and put them into various types of files including pem, base 64, der etc and I have yet to figure out a way to get the client certificates validated.
I have left out the information about the SSLCertificateChainFile, SSLCACertificateFile and SSLCARevocationPath as I am sure this must be where my problem is.
Is it possible to get this done through localhost. Here is the error I am getting in the error log.
[Wed Oct 29 11:37:05.675491 2014] [ssl:error] [pid xxxx:tid xxx] [client 127.0.0.1:59282] AH02039: Certificate Verification: Error (20): unable to get local issuer certificate
I am using a self created self signed server ceritficate. Here are some details from my httpd-ssl.conf file:
Code:
<VirtualHost _default_:443>
DocumentRoot "${SRVROOT}/htdocs"
ServerName localhost:443
ServerAdmin admin@example.com
ErrorLog "${SRVROOT}/logs/jtdi.log"
TransferLog "${SRVROOT}/logs/jtdi-Transfer.log"
[Code] ....
View 1 Replies
View Related
Mar 15, 2013
I am having a problem getting Apache to allow access to IE 6/7/8/9 users with client certificates installed to access restricted resources. I have several servers (Windows and Linux) running various versions of Apache from 2.0 through 2.4, all behave the same way. I am simply unable to get client certificates to authenticate IE users. how I built the CAchain, CRLs, etc.
Note that using the same client certs from Firefox works just fine, users can successfully authenticate to the resource and get content.
##### ssl.conf
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM
[Code]....
View 1 Replies
View Related
Jul 14, 2008
I have a client who's Apache on a CPanel based VPS keep's restarting.
In the error log we recieve two of these lines
"client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFin "
Then the Apache will restart.
I have looked around and found some threads about this problem, but none explaining how to fix this.
View 4 Replies
View Related
Jun 5, 2014
I've a Wordpress Blog on a Ubuntu 13.10 server with Apache 2.4.2.
For only one page on this site I've this error and can't find a solution.
View 15 Replies
View Related
Feb 20, 2013
I just setup an intranet wiki running apache2.2 on ubuntu 12.04. The server currently requires two-way certificate authentication (i.e. a server cert AND client certs).In <VirtualHost *:80>, Redirect permanent / https://<intranetSite>
Everything works dandy, except now that I'd like to find a way to bypass the client cert check for localhost so that I can run some maintenance scripts via cron on the server. Or perhaps it's possible to bypass SSL entirely, just for localhost?
View 2 Replies
View Related
Sep 5, 2014
We are getting 403 for bidden error when accessing from web clients.
Here are my config files:
httpd.conf & httpd-ssl.conf files:
1) [URL] ....
2) [URL] ....
Any changes we have to make in our configuration files.
View 1 Replies
View Related
Dec 31, 2013
i want to configure Apache so that it receives a client certificate, an passes it to another server.I'm using:
- apache 2.0.65 on windows
- the backend server is an apache-based solution (IBM HTTP Server)
I tried this config:
<VirtualHost *:443>ServerName apacheserver.domain.comSSLEngine onSSLProxyEngine onSSLCertificateFile "e:/Apache/Apache2/conf/server.cer"SSLCertificateKeyFile "e:/Apache/Apache2/conf/server.key"SSLCACertificateFile "e:/Apache/Apache2/conf/certca.cer"SSLVerifyClient requireSSLVerifyDepth 2ProxyPreserveHost onProxyRequests off<Proxy *>AddDefaultCharset
[code]....
View 1 Replies
View Related
Jun 15, 2009
Why are there many people setting their TTL to higher values rather than lower ones? By setting it lower, won't it propagate faster?
View 5 Replies
View Related
Apr 25, 2008
I would like to know what are the kernel values for an RPM kernel.. I mean, I have the latest 2.6.x kernel running on a RHE 4 system, my question.. Is there any way to know the actual kernel values (drivers, options, etc)?
Same as when we write a phpinfo file (that shows libraries, etc) to know php values..
View 5 Replies
View Related
Aug 29, 2007
Is there any where that I can check my MinSpareServers, MaxSpareServers values are good enough? Or they're too small, or too big?
View 1 Replies
View Related
Aug 27, 2007
I have a linux vps with 384mb dedicated and 1GB burst RAM. I am using it to host phproxy web proxy sites. Can you please recommend good values for the following Apache/1.3.37 httpd.conf settings?
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 2
MinSpareServers 32
MaxSpareServers 64
StartServers 8
MaxClients 256
MaxRequestsPerChild 500
View 1 Replies
View Related
Sep 8, 2009
Whats the upper dangerous limit of ampere at ground connections for servers?
IBM and HP servers has ground connection of electricity.
So ground connection never stands in 0 value it has some + ampere and i would like to know whats the dangerous or maximum limit of ampere in ground connection.
View 2 Replies
View Related
Jan 22, 2008
Any live expirience for good values of this courier settings for cPanel server:
Maximum Imap Connections (Total)
Maximum Imap Connections Per Ip
Maximum TLS/SSL Imap Connections Per Ip
Maximum Pop3 Connections (Total)
Maximum Pop3 Connections Per Ip
Maximum TLS/SSL Pop3 Connections Per Ip
Number of Authentication Daemons
?
The current values are the original ones which cPanel set:
Maximum Imap Connections (Total) 50
Maximum Imap Connections Per Ip 30
Maximum TLS/SSL Imap Connections Per Ip 30
Maximum Pop3 Connections (Total) 50
Maximum Pop3 Connections Per Ip 4
Maximum TLS/SSL Pop3 Connections Per Ip 30
Number of Authentication Daemons 5
Thanks,
View 1 Replies
View Related
Jan 12, 2015
is there a way to set global php values settings for all Domains in Plesk 12. In the older version of Plesk I can do it by linux in /etc/php.ini and restart the apache and all Domains will be load this configuration. But from Plesk 11 the settings are not loading from /etc/php.ini, only by the own php.ini file.How can I do it for all domains?
View 1 Replies
View Related
