Configure Apache To Send SSL Client Certificate To Backend Server
Dec 31, 2013
i want to configure Apache so that it receives a client certificate, an passes it to another server.I'm using:
- apache 2.0.65 on windows
- the backend server is an apache-based solution (IBM HTTP Server)
I tried this config:
<VirtualHost *:443>ServerName apacheserver.domain.comSSLEngine onSSLProxyEngine onSSLCertificateFile "e:/Apache/Apache2/conf/server.cer"SSLCertificateKeyFile "e:/Apache/Apache2/conf/server.key"SSLCACertificateFile "e:/Apache/Apache2/conf/certca.cer"SSLVerifyClient requireSSLVerifyDepth 2ProxyPreserveHost onProxyRequests off<Proxy *>AddDefaultCharset
[code]....
View 1 Replies
ADVERTISEMENT
Sep 19, 2014
I've got a quite difficult problem which I don't know hoe to solve. We use a self created ISAPI module which is a "business server" running behind an Apache.
From time to time a client app crashes the server (the circumstances are not quite clear) - and because there is only one server process, all other clients crash as well. Here is an exemplary log of a crash:
Faulting application name: httpd.exe, version: 2.2.22.0, time stamp: 0x4f242d7a
Faulting module name: ABCServer.dll, version: 1.0.0.1, time stamp: 0x53cfffa5
Exception code: 0xc00000fd
Fault offset: 0x00004cf6
Faulting process id: 0x94c
Faulting application start time: 0x01cfc5cc18c67d57
Faulting application path: C:Program Files (x86)Apache Software FoundationApache2.2inhttpd.exe
Faulting module path: C:datawwwabcremoteABCServer.dll
Report Id: d27d5891-31da-11e4-93ff-0003ff4356f9
Faulting package full name:
Faulting package-relative application ID:
Exception code: 0xc00000fd means stack overflow as I learnt. Therefore we configured mpm_winnt_module to use a 8M ThreadStackSize but this didn't work.
A solution might be that Apache starts for every client its own server process with the module ABCServer.dll. Because it is quite small and there are not thousands of customers this sounds like the perfect solution. No other clients/customers would be affected by a crash.
Unfortunately mpm_winnt_module supports only 1 process AFAIK. Worker and Prefork MPM are not available in Apache's Windows version what I read.
How can we configure Apache to start a new module process per client?
View 3 Replies
View Related
Oct 1, 2014
Is it possible to verify client certificate based on username?If possible, How can we implement it in our httpd-ssl.conf file.
View 1 Replies
View Related
Sep 5, 2014
We are getting 403 for bidden error when accessing from web clients.
Here are my config files:
httpd.conf & httpd-ssl.conf files:
1) [URL] ....
2) [URL] ....
Any changes we have to make in our configuration files.
View 1 Replies
View Related
Jul 16, 2014
I am using apache as a reverse proxy, I have several site with http and everything is working fine. For the first time I have tried to configure with https port 443 with certificate, the problem is that it doesn't return to the browser the certificate that I have indicate in the "virtual host" but rather the default certificate of the site.
Here is my virtual host :
<VirtualHost *:443>
ServerName hygie.sante-idf.fr
SSLEngine on
SSLProtocol all
SSLCertificateFile "/root/apacherp/cert/hygiesslcertificate.cert"
SSLCACertificateFile "/root/apacherp/cert/hygieCAcertificate.cert"
SSLCertificateKeyFile "/root/apacherp/cert/hygieprivate.cert"
ProxyPass / http://XXXXXX/
ProxyPassReverse / http://XXXXXX/
</VirtualHost>
Everything is fine when I start stop, I m sure the entry is used I have added : NameVirtualHost *:443
But the Certificate information arent the one that I have enterred , but the default values I think....
httpd -v
Server version: Apache/2.2.3
Server built: Mar 4 2010 09:57:54
View 7 Replies
View Related
Jul 14, 2008
I have a client who's Apache on a CPanel based VPS keep's restarting.
In the error log we recieve two of these lines
"client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFin "
Then the Apache will restart.
I have looked around and found some threads about this problem, but none explaining how to fix this.
View 4 Replies
View Related
Aug 21, 2008
Iam using cpanel linux hosting. How do i set up a mail client in outlook express?. what is difference between pop3 and imap mail?
View 1 Replies
View Related
Jun 16, 2014
I inherited an Apache HTTP instance from a colleague. That's why I'm not deep into that stuff. My current scenario is the following: We are running several backend instances which are published to the internet via Apache HTTP Server which is configured as Reverse Proxy (RP). In the past there was only one port and one protocol to handle by the Apache HTTP (RP).
Now I have the following need. There has to be published a Web Service from one instance using two Ports with two protocols (HTTP and HTTPs). I'm not sure how to solve that need.
A solution I tried already was to change and add the variable DEF_BACKEND_PORT to DEF_BACKEND_PORT_1 and DEF_BACKEND_PORT_2 but it didn't worked.
View 2 Replies
View Related
Dec 21, 2012
Currently i am trying to install an Apache 2.4.3 as a caching reverse proxy. I would like to use memcached as my cache backend. I figured out there is a mod_socache_memcache, which from my understanding, should do exactly that(in combination with mod_cache_socache). So i compiled mod_cache_socache from trunk, loaded mod_cache, mod_cache_socache and mod_socache_memcache, but now i am stuck with the configuration. Here is what i tried:
LoadModule socache_memcache_module modules/mod_cache.so
LoadModule mod_cache_socache modules/mod_cache_socache.so
LoadModule socache_memcache_module modules/mod_socache_memcache.so
[code]....
where do i configure the path to my memcached instance? The reason for memcached as chaching backend, is that the machine is a windows machine, and from my understanding mod_cache_disk is not as efficient on a NTFS filesystem as it is on EXT3/4.
Another reason is, that later on there should be a possibility to put a second Reverse Proxy machine which shares the cache with the first one by using the same memcached instance (is that possible at all?).
View 2 Replies
View Related
Jun 18, 2013
I have a magento based ecommerce website. In have to integrate a payment method which requires a certificated delivered from a specific certification authority not recognized by browsers. Then I have to use 2 diffrent certificates, one for the payment and the other for the remaining secure operations. Is it configurable in apache?
View 6 Replies
View Related
Jul 13, 2009
From my previous experience I know that unless I purchase a domain-only validated
SSL cert, I will need to send to the registrar documentation of the company owner of
the domain the SSL will be attached to. I remember that from the times when Verisign
was the monopoly.
I am in Peru and the official language is spanish, so I was wondering if in case documents are required to be sent, do they need to be officialy translated?
View 2 Replies
View Related
Apr 28, 2015
I have a class project that we are working on where we have to configure and implement an Apache server with ssl using ldap for authentication. I have documentation of literally everything I have done in the configuration. Everything seems to be fine with the config that I can tell. The client gets a prompt for username and password when they access the server ip address. However, once the correct username and password are entered, then the client receives a 500 internal server error message instead of the webpage: "Internal Server Error...The server encountered an internal error or misconfiguration and was unable to complete your request.
View 1 Replies
View Related
Aug 29, 2013
I'm trying to configure a host to use vhosts but the server keeps breaking when I uncomment the Include vhosts file line. The apache process starts but none of the hostnames work. When the line is commented out, only the main hostname (defined in httpd.conf) works.
View 1 Replies
View Related
Apr 5, 2007
I've got a one month stable setup running a cpanel + apache 1.3.x and suddenly starting yesterday i get these errors from time to time in the log from various IPs:
(104) Connection reset by peer: client stopped connection before send mmap completed
(32) Broken pipe: client stopped connection before send mmap completed
send mmap timed out
Googling shows people guessing at everything from mysql errors to the visitor clicking a link on a partially showing page before it's completed.
Anyone with more clear insight? Mysql shows no apparent errors.
Site is a heavily loaded wordpress setup with mod_gzip the only major addition to apache. Also running a firewall for a week now. Errors did not show up until yesterday.
View 1 Replies
View Related
May 2, 2014
I'm facing problem with latest Apache 2.4.9. Previously we used Apache 2.4.7 ​version which supports DER SSL certificates. But Latest Apache(2.4.9) is not working with DER SSL certificates. I have to convert DER certificate to PEM format to start the Apache server. Am i missing anything ? Is DER certificate not supported in Apache 2.4.9 ?
View 6 Replies
View Related
Oct 17, 2013
I know that port 80 is reserved for HTTP communication to clients on the apache server,and that the client can receive the HTTP response to any port on the client machine, I think there might be more details to it than this. I am required to describe how client and server sockets are used for the client/server communication between an Apache Web server and Web client processes.
View 1 Replies
View Related
Jul 30, 2013
I am trying a webpage siremis whenever i try to login i am getting below error in error log of apache [client 192.168.137.7:4758] AH01630: client denied by server configuration: /opt/siremis-4.0.0/siremis/.htaccess
in httpd.conf following is the rule
Alias /siremis "/opt/siremis-4.0.0/siremis"
<Directory "/opt/siremis-4.0.0/siremis">
Options Indexes FollowSymLinks MultiViews
[code]....
i am using apache 2 and php 5.5.1 and mysql 5.6.12.
View 3 Replies
View Related
May 11, 2015
I have been using Plesk for a while on my server, but this is the first time that I need to set up large files uploading for a client who requires to upload via a form files that are larger than 128MB (but less than 400).The issue I've been seeing is that whenever the user tries to upload a file greater than 128MB I see an error on the proxy_error_log that says:
2015/05/10 21:46:18 [error] 31224#0: *9 client intended to send too large body: 175420278 bytes, client: XX.XX.XX.XX, server: myserver.com , request: "POST /admin/products/1 HTTP/1.1", host: "myserver.com", referrer: "referrer"
I've been googling this issue and everything points to the nginx configuration (PHP parameters have already been set up). I proceeded to change the configuration of /etc/nginx/nginx.conf to include
http {
...
client_max_body_size 400M;
...
}
HOWEVER (and this is where I'm stuck) after restarting the nginx service, the fille /etc/nginx/plesk.conf.d/vhosts/myserver.com.conf continues to hold the value:
server {
...
client_max_body_size 128m;
...
}
Modifying this file to change the 128m to 400m does not make a difference.
View 6 Replies
View Related
Jun 5, 2014
I've a Wordpress Blog on a Ubuntu 13.10 server with Apache 2.4.2.
For only one page on this site I've this error and can't find a solution.
View 15 Replies
View Related
May 31, 2009
Where can I find how to configure apache for web hosting correctly?
View 7 Replies
View Related
Apr 26, 2008
I use linux server with Cpanel control panel.
default default apache logs folder is in /usr/local/apache/logs/error_log
I want to monitor errors . How can I have an error log file for each individual domain?
View 3 Replies
View Related
Aug 7, 2014
(I am using apache 2.2.25).I have this "HTML5 and CSS all in one for dummies" Book. And it tells me I have to configure the .conf file to make apache work with PHP.
At this point I have only edited the Document root folder. The book tells me to find a Loadmodule with an # with a mention of PHP (I'll put the text of the book at the end) and to add an "addtype" statement. If have found neither and when I add the manually the server doesnt work.how can I make PHP work? Also, I have noticed that the Apache commands in CMD don't work. I am running windows 8.1. URL....
View 1 Replies
View Related
Oct 11, 2013
I'm working on a script to automatically install apache. Now, after the apache configure/make/make install I need to test for a successful completion. I checked the configure options but there is no flag for an unsuccessful finish.I would like to know if there is any other way than to test the command output for a successful or unsuccessful ending? I'm saving the output on a file and then grepping for an expected line. For example "creating test/ Makefile" for the configure.
View 2 Replies
View Related
Oct 28, 2007
What are the ./configure parameters commonly used for Apache (2.2) and PHP (5.2) installations on web hosting servers?
View 5 Replies
View Related
May 2, 2013
I wanted to configure 2 clusters on Apache 2.4. Here are my sample configurations
Cluster 1 config:
----------------
<VirtualHost *:80>
ServerName mywebsite1.com
<IfModule mod_proxy_balancer.c>
<Proxy balancer://sgcluster>
BalancerMember http://IPaddress1:80/ loadfactor=1
BalancerMember http://IPaddress2:80/ loadfactor=2
ProxySet lbmethod=byrequests
[Code] ....
I've included both configuration file in httpd.conf. I'm getting the errors, when I tried to start up the apache.
[Thu May 02 11:01:34.243583 2013] [slotmem_shm:debug] [pid 9240606:tid 1] mod_slotmem_shm.c(448): AH02301: attach looking for /opt/apache2/logs/slo
tmem-shm-mod_heartmonitor.shm
[Thu May 02 11:01:34.243667 2013] [lbmethod_heartbeat:notice] [pid 9240606:tid 1] AH02282: No slotmem from mod_heartmonitor
[Code] .....
View 2 Replies
View Related
May 23, 2015
how to benchmark and configure FCGI.
View 4 Replies
View Related