Search Results

Search found 10299 results on 412 pages for 'apache'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 250/412 | < Previous Page | 246 247 248 249 250 251 252 253 254 255 256 257  | Next Page >

  • Unix Server Partitioning & Filesystem Layout

    - by user1717735
    There's a lot of contradictory information about Unix server partitioning out on the internet, so I need some advice on how to proceed. So far, on the servers I in our test environment I didn't really care about partitioning and I configured a single monolithic / plus a swap partition. This partitioning scheme doesn't seem like a good idea for our production servers. I have found a good starting point here, but it seems very vague on the details. Basically I have a server on which I will be running a basic LAMP stack (Apache, PHP, and MySQL). It will have to handle file uploads (up to 2GB). The system has a 2TB RAID 1 array. I plan to set : / 100GB /var 1000GB (apache files and mysql files will be here), /tmp 800GB (handles the php tmp file) /home 96GB swap 4GB Does this sound sane, or am I over-complicating things?

    Read the article

  • Errors related to python version added to error log when I start apache2

    - by Jean-Nicolas Boulay Desjardins
    When I start apache I am getting those errors: [Tue Jun 14 02:28:58 2011] [error] python_init: Python version mismatch, expected '2.6.5', found '2.6.6'. [Tue Jun 14 02:28:58 2011] [error] python_init: Python executable found '/usr/bin/python'. [Tue Jun 14 02:28:58 2011] [error] python_init: Python path being used '/usr/lib/python2.6/:/usr/lib/python2.6/plat-linux2:/usr/lib/python2.6/lib-tk:/usr/lib/python2.6/lib-old:/usr/lib/python2.6/lib-dynload'. [Tue Jun 14 02:28:58 2011] [notice] mod_python: Creating 8 session mutexes based on 150 max processes and 0 max threads. [Tue Jun 14 02:28:58 2011] [notice] mod_python: using mutex_directory /tmp [Tue Jun 14 02:28:58 2011] [notice] Apache/2.2.16 (Ubuntu) PHP/5.3.3-1ubuntu9.5 with Suhosin-Patch mod_python/3.3.1 Python/2.6.6 configured -- resuming normal operations I am using Ubuntu Server... Thanks in advance for any help.

    Read the article

  • BixData or Zabbix?

    - by Arafat
    Hi all, I've been using Ganglia to monitor my single Mac OSX server which runs Apache and MySQL. I'm ok with it. Now we are upgrading our servers, 6 IBM X3650 M3 and 2 Fujitsu servers. 2 IBM for Apache cluster and 4 IBM for MySQL NDB Cluster. The other two servers are for Load balancers. All servers are going to run Debian Lenny 5 on it. Now I need to decide on which monitoring tool I should go for. I found that BixData and Zabbix does an excellent job than Ganglia, in terms of sensors and reporting. Have anyone tried the above two tools? And which tool would you suggest me? For Debian. As I'm writing this, I'm installing BixData to try.... Thanks in advance.

    Read the article

  • xinet vs iptables for port forwarding performance

    - by jamie.mccrindle
    I have a requirement to run a Java based web server on port 80. The options are: Web proxy (apache, nginx etc.) xinet iptables setuid The baseline would be running the app using setuid but I'd prefer not to for security reasons. Apache is too slow and nginx doesn't support keep-alives so new connections are made for every proxied request. xinet is easy to set up but creates a new process for every request which I've seen cause problems in a high performance environment. The last option is port forwarding with iptables but I have no experience of how fast it is. Of course, the ideal solution would be to do this on a dedicated hardware firewall / load balancer but that's not an option at present.

    Read the article

  • UNIX-Security Advise

    - by Phoibe
    Hello, I want to build a quite secure UNIX-Server. Mechanisms I already implemented: SNORT + fwsnort for banning psad to block network-scanning attempts Portknocking to start+open SSH (key-based login - no password) hourly update of IP-Tables-Rules from a Security-Subscription Fail2Ban ClamAV & Rootkithunter + Logwatch What service-independent security mechanism would you add to this? What mechanism are you using? The server will run Apache&Postfix. For Apache hiding the server-information ofc. and nothing I can think of for Postfix. Thanks

    Read the article

  • Why does my allow_url_include not work?

    - by autthapone
    Server Information: CentOS 5.7 (Final), PHP Version 5.2.6, Apache/2.2.3 I edit in /etc/php.ini change to allow_url_include = On. Then restart apache. I see configuration on phpinfo() file, but allow_url_include not changed. It's Off yet. Help me, please. My Setting. - http://postimage.org/image/aliuyb9a3/ My phpinfo - http://postimage.org/image/tlsu18b1h/ I can't find other php.ini file. upload_max_filesize also not changed :-( but max_execution_time and memory_limit is changed. Everyone, if issue can't solving now, please guide me about repair/re-install PHP on CentOS.

    Read the article

  • Ngingx wont start with fastcgi_split_path_info" error

    - by Ke
    Hi, I heard that nginx is faster and since im on a VPS with low ram i thought id try it out. I got through this tutorial http://www.howtoforge.com/installing-php-5.3-nginx-and-php-fpm-on-ubuntu-debian But I now get the following error: unknown directive "fastcgi_split_path_info" in /etc/nginx/sites-enabled/default:28 Anyone know what might be causing the problem? I cant find any reference to the problem on Google Also I have heard conflicting things about Nginx vs Apache. Some say use one, some say the other. Im using allsorts such as rewrite rules, proxies etc. Am I setting myself up for a fall by using Nginx? If I go for apache, does anyone know of anyway to tweak it so that it performs better on a low ram VPS? Cheers Ke

    Read the article

  • Ngingx wont start with fastcgi_split_path_info" error

    - by Ke
    Hi, I heard that nginx is faster and since im on a VPS with low ram i thought id try it out. I got through this tutorial http://www.howtoforge.com/installing-php-5.3-nginx-and-php-fpm-on-ubuntu-debian But I now get the following error: unknown directive "fastcgi_split_path_info" in /etc/nginx/sites-enabled/default:28 Anyone know what might be causing the problem? I cant find any reference to the problem on Google Also I have heard conflicting things about Nginx vs Apache. Some say use one, some say the other. Im using allsorts such as rewrite rules, proxies etc. Am I setting myself up for a fall by using Nginx? If I go for apache, does anyone know of anyway to tweak it so that it performs better on a low ram VPS? Cheers Ke

    Read the article

  • Problems setting up home web server

    - by putmatrix
    Has anyone been able to get a server working with the router smcwbr14t-g? Although I have been able to get Apache set up correctly and my website works on the internal IP 192.168.2.101, I've been running into a dead end when trying to get it to show up on my external IP. In my router, there is no option for port forwarding, but there are options for a 'virtual server'. Following the manual, I have it set up like this: http://imgur.com/zrcV7.png I also disabled the firewall. I configured Apache to listen to ports 80, 81, and 443, none of which solved the problem. However, the IP's 192.168.2.101:443 and :81 load fine. The problem is that I still cannot load the web site from my external IP, either from my computer or outside.

    Read the article

  • Tomcat with virtual hosts - 404

    - by Thardas
    I have a CentOS 5.2 server set up with Apache 2.2.3 and Tomcat 5.5.27. The server hosts multiple virtual hosts connected to multiple Tomcats. For instance we have one tomcat for development and testing and one tomcat for production. project.demo.us.com points to dev tomcat and project.us.com points to production tomcat. Here's the virtual host's configuration: <VirtualHost *:80> ServerName project.demo.us.com CustomLog logs/project.demo.us.com/access_log combined env=!VLOG ErrorLog logs/project.demo.us.com/error_log DocumentRoot /var/www/vhosts/project.demo.us.com <Directory /var/www/vhosts/project.demo.us.com> Allow from all AllowOverride All Options -Indexes FollowSymLinks </Directory> ########## ########## ########## JkMount /project/* online </VirtualHost> JkMount line defines that we use online worker and our workers.properties contains this: worker.list=..., online, ... worker.online.port=7703 worker.online.host=localhost worker.online.type=ajp13 worker.online.lbfactor=1 And tomcat's conf/server.xml contains: <Connector port="7703" enableLookups="false" redirectPort="8443" protocol="AJP/1.3" URIEncoding="UTF-8" maxThreads="80" minSpareThreads="10" maxSpareThreads="15"/> I'm not sure what redirectPort is but I tried to telnet to that port and there's no one answering, so it shouldn't matter? Tomcat's webapps directory contains project.war and the server automatically deployed it under project directory which contains index.jsp and hello.html. The latter is for static debugging purposes. Now when I try to access http://project.demo.us.com/project/index.jsp, I get Tomcat's HTTP Status 404 - The requested resource () is not available. The same thing happens to hello.html so it's not working with static content either. Apache's access_log contains: 88.112.152.31 - - [10/Aug/2009:12:15:14 +0300] "GET /demo/index.jsp HTTP/1.1" 404 952 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2" I couldn't find any mention of the request in Tomcat's logs. If I shutdown this specific tomcat, I no longer get Tomcat's 404 but Apache's 503 Service Temporarily Unavailable, so I should be configuring the correct Tomcat. Is there something obvious that I'm missing? Is there any place where I could find out what path the Tomcat is using to look for requested files?

    Read the article

  • Ngingx won't start with fastcgi_split_path_info" error

    - by Ke
    I heard that nginx is faster and since I'm on a VPS with low RAM I thought I would try it out. I got through this tutorial http://www.howtoforge.com/installing-php-5.3-nginx-and-php-fpm-on-ubuntu-debian But I now get the following error: unknown directive "fastcgi_split_path_info" in /etc/nginx/sites-enabled/default:28 What might be causing the problem? I can't find any reference to the problem on Google. Also I have heard conflicting things about nginx vs Apache. Some say use one, some say the other. I'm using all sorts of things such as rewrite rules, proxies etc. Am I setting myself up for a fall by using nginx? If I go for Apache: how can I tweak it so that it performs better on a low RAM VPS?

    Read the article

  • Hosting multiple sites on a single webapp in tomcat

    - by satish
    Scenario: I have a website - www.mydomain.com. Registered users will be given the choice of getting a permanent url to their account on mydomain.com as a subdomain like (username.mydomain.com) or they can opt to have their own domain like www.userdomain.com. So the user can access his/her account through the subdomain URL or their own hostname and the request should be forwarded to a specific url on mydomain.com. For example: xyz.mydomain.com or www.xyz.com should give the user account from www.mydomain.com/webapp/account?id=xyz. The user should be completely unaware about where the content is coming from. Setup: My website is running as a webapp in tomcat 5.5.28 with apache as the web server. I am using a VPS which means I have control over all the configuration files (apache, tomcat and dns server). Can you tell me what are the configurations needed to achieve the above scenario??

    Read the article

  • Why is FTP server slowing down the web server?

    - by user1448031
    I am running Apache and Filezilla ftp server in Windows. I've been noticing for the last few months that whenever I start up the ftp server, the websites start to run slow. When I shut off the ftp server, the websites start speeding up again. Sometimes I need to restart Apache server after shutting off the ftp server to speed up the websites. I only start ftp server whenever I need to allow remote file transfers. Other than that it's always off. I'm not sure what's happening and where to look.

    Read the article

  • Best practices for re-IP'ing / migrating servers and applications

    - by warren
    Some of this question would be highly application-specific, but what approaches do you take when looking to migrate applications from one server/platform to another and servers form one network segment to another? For applications that can't be re-IP'd (many exist in this category), the general answer is to nuke and pave (or extend a clusterable application, then remove the segment that needs to be "moved"). For "normal" applications (httpd, mail, directory services, etc), what are the checks ou perform before, during, and after a move to ensure the health of the migrated app/server? An example with Apache: backup httpd conf directory change httpd conf files to use new IP address of server change (or add) IP of server restart Apache verify web server still serves pages reboot server verify environment comes back up healthy

    Read the article

  • Apache2 graceful restart stops proxying requests to passenger

    - by Rob
    Issue with apache mod proxy, it stops proxying requests after a graceful restart but not all the time. It seems to happen only on a Sunday when a graceful restart is triggered by logrotate. [Sun Sep 9 05:25:06 2012] [notice] SIGUSR1 received. Doing graceful restart [Sun Sep 9 05:25:06 2012] [notice] Apache/2.2.22 (Ubuntu) Phusion_Passenger/3.0.11 configured -- resuming normal operations [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(492) failed in child 26153 for worker proxy:reverse [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(486) failed in child 26153 for worker http://api.myservice.org/api [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(487) failed in child 26153 for worker http://api.myservice.org/editor/$1 [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(489) failed in child 26153 for worker http://api.myservice.org/build [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(490) failed in child 26153 for worker http://api.myservice.org/help [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(491) failed in child 26153 for worker http://api.myservice.org/motd.html [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(480) failed in child 26153 for worker http://api.myservice.org/api [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(481) failed in child 26153 for worker http://api.myservice.org/editor/$1 [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(483) failed in child 26153 for worker http://api.myservice.org/build [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(484) failed in child 26153 for worker http://api.myservice.org/help [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(485) failed in child 26153 for worker http://api.myservice.org/motd.html [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(479) failed in child 26153 for worker http://api.myservice.org/motd.html After these lines, the logs are flooded with 404's because the requests are not being proxied. It's worth noting that the destination is just another vhost on the same apache instance, but the vhost (http://api.myservice.org) is serving passenger (mod_rails) I was thinking that maybe there's some startup issues with the passenger workers not being ready during a graceful restart? After a full restart resolves it and everything returns to normal. //Edit Here's the vhost config, thanks :) <VirtualHost *:80> UseCanonicalName Off LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon <Directory /var/www/vhosts> RewriteEngine on AllowOverride All </Directory> RewriteEngine on RewriteCond /var/www/vhosts/%{SERVER_NAME} !-d RewriteCond /var/www/vhosts/%{SERVER_NAME} !-l RewriteRule ^ http://sitenotfound.myservice.org/ [R=302,L] VirtualDocumentRoot /var/www/vhosts/%0/current # Rewrite requests to /assets to map to the /var/file-store/<SERVER_NAME>/ RewriteMap lowercase int:tolower RewriteCond %{REQUEST_URI} ^/assets/ RewriteRule ^/assets/(.*)$ /var/file-store/${lowercase:%{SERVER_NAME}}/$1 # Map /login to /editor.html as it's far friendlier. RewriteCond %{REQUEST_URI} ^/login RewriteRule .* /editor.html [PT] # Forward some requests to the API ProxyPass /api http://api.myservice.org/api ProxyPass /site.json http://api.myservice.org/api/editor/site ProxyPassMatch ^/editor/(.*)$ http://api.myservice.org/editor/$1 ProxyPassMatch ^/api/(.*) http://api.myservice.org/api/$1 ProxyPass /build http://api.myservice.org/build ProxyPass /help http://api.myservice.org/help ProxyPass /motd.html http://api.myservice.org/motd.html <Proxy *> Order allow,deny Allow from all </Proxy> # TODO generate slightly more specific Error Documents for 401/403/500's, # but for now the 404 page is good enough ErrorDocument 401 /404.html ErrorDocument 403 /404.html ErrorDocument 404 /404.html ErrorDocument 500 /404.html </VirtualHost>

    Read the article

  • How do I expose a webapp on :8090, even though firewall allows only :80 and :22

    - by Kaustubh P
    I am a noob in Server related stuff, so bear me. I use amazon webservices (EC2) on which I have a webapp running on jetty, which runs on port 8090. I deploy the webapp through the usual method of java -jar start.jar So then to access the app, I have to add a port in the URL, like this: someIP:8090/app But just typing someIP in the browser takes me to a page that shows It works! This is the default web page for this server. The web server software is running but no content has been added, yet. which I assume is apache. I have apache, tomcat and jetty installed. What can I do so that I dont have to specify the port? Do I have to perform port-forwarding? Thanks a lot.

    Read the article

  • Puppet Directory and File ownership ignored

    - by Phil Sturgeon
    Puppet seems to be lying to me, which is not very nice. I am trying to set some files and directories included in /vagrant/src to be 666 and 777, and set the ownership group to the correct Apache user (using the PuppetLabs Apache module). Output from Puppet says yes. [default] Running provisioner: Vagrant::Provisioners::Puppet... [default] Running Puppet with /tmp/vagrant-puppet/manifests/default.pp... stdin: is not a tty No LSB modules are available. warning: require is a metaparam; this value will inherit to all contained resources warning: notify is a metaparam; this value will inherit to all contained resources notice: /Stage[main]//File[/vagrant/src/addons/]/owner: owner changed 'vagrant' to 'www-data' notice: /Stage[main]//File[/vagrant/src/addons/]/group: group changed 'vagrant' to 'www-data' notice: /Stage[main]//File[/vagrant/src/addons/]/mode: mode changed '0755' to '0777' notice: /Stage[main]//Package[curl]/ensure: ensure changed 'purged' to 'present' notice: /Stage[main]//File[/vagrant/src/system/cms/config/]/owner: owner changed 'vagrant' to 'www-data' notice: /Stage[main]//File[/vagrant/src/system/cms/config/]/group: group changed 'vagrant' to 'www-data' notice: /Stage[main]//File[/vagrant/src/system/cms/config/]/mode: mode changed '0755' to '0777' notice: /Stage[main]//File[/vagrant/src/system/cms/config/config.php]/owner: owner changed 'vagrant' to 'www-data' notice: /Stage[main]//File[/vagrant/src/system/cms/config/config.php]/group: group changed 'vagrant' to 'www-data' notice: /Stage[main]//File[/vagrant/src/system/cms/cache/]/owner: owner changed 'vagrant' to 'www-data' notice: /Stage[main]//File[/vagrant/src/system/cms/cache/]/group: group changed 'vagrant' to 'www-data' notice: /Stage[main]//File[/vagrant/src/system/cms/cache/]/mode: mode changed '0755' to '0777' notice: /Stage[main]//File[/vagrant/src/uploads/]/owner: owner changed 'vagrant' to 'www-data' notice: /Stage[main]//File[/vagrant/src/uploads/]/group: group changed 'vagrant' to 'www-data' notice: /Stage[main]//File[/vagrant/src/uploads/]/mode: mode changed '0755' to '0777' notice: /Stage[main]/Apache/Service[httpd]/ensure: ensure changed 'stopped' to 'running' notice: /Stage[main]//File[/vagrant/src/assets/cache/]/owner: owner changed 'vagrant' to 'www-data' notice: /Stage[main]//File[/vagrant/src/assets/cache/]/group: group changed 'vagrant' to 'www-data' notice: /Stage[main]//File[/vagrant/src/assets/cache/]/mode: mode changed '0755' to '0777' notice: Finished catalog run in 2.29 seconds Output from ls -lah says no: $ ls -lah /vagrant/src/ total 36K drwxr-xr-x 1 vagrant vagrant 510 2012-07-03 00:11 . drwxr-xr-x 1 vagrant vagrant 340 2012-07-03 08:08 .. drwxr-xr-x 1 vagrant vagrant 136 2012-07-03 00:11 addons drwxr-xr-x 1 vagrant vagrant 102 2012-07-03 00:11 assets drwxr-xr-x 1 vagrant vagrant 510 2012-07-03 07:45 .git -rw-r--r-- 1 vagrant vagrant 1.3K 2012-07-03 00:11 .gitignore -rwxr-xr-x 1 vagrant vagrant 1.4K 2012-07-03 00:11 .htaccess -rwxr-xr-x 1 vagrant vagrant 8.8K 2012-07-03 00:11 index.php drwxr-xr-x 1 vagrant vagrant 442 2012-07-03 00:11 installer -rwxr-xr-x 1 vagrant vagrant 2.8K 2012-07-03 00:11 LICENSE -rw-r--r-- 1 vagrant vagrant 1.1K 2012-07-03 00:11 phpdoc.dist.xml -rw-r--r-- 1 vagrant vagrant 3.3K 2012-07-03 00:11 README.md drwxr-xr-x 1 vagrant vagrant 204 2012-07-03 00:11 system -rw-r--r-- 1 vagrant vagrant 42 2012-07-03 00:11 .travis.yml drwxr-xr-x 1 vagrant vagrant 102 2012-07-03 00:11 uploads Whats up with that? My entire config can be found here.

    Read the article

  • Run Rails 3 app on a Rails 2 server/machine?

    - by chucknelson
    I'm trying to run a Rail 3 (3.0.10) app on a shared joyent smartmachine server (I don't have root access) which has Rails 2 (2.3.11) installed , and I'm not sure what to do after I freeze my Rails 3 app with bundle install --deployment. It seems like with the Rails 3 and bundler gems not being installed on the server locally, my app isn't even recognizing the local version of Rails I have frozen with my app. Has anyone gotten this to work, or have any advice? The server runs Apache, and I think I can get lighttpd installed too - but I'd rather stay with Apache if I can. Also, if it matters, Passenger is not an installed gem either...and I'm not sure I can freeze that with my app. Update 11/30/2011 12:30 PM EST Bundler is not installed on this server, either. Not sure if having that would enable the new Rails 3 "freeze" (bundle --deployment) to work or not...

    Read the article

  • Need advise on choosing aws EC2

    - by Mayank
    I'm planning to host a website where in the first phase I would target 30,000 users. It is in php and runs on Apache server. I'm assuming 8,000 users can be online in worst case scenario and 1000 of them will be uploading photographs. A photograph will be resized to around 1MB at client side and one HTTP request is uploading only one photograph. My plan: 2 Small EC2 instances to run Apache httpd 2 Small EC2 instances to DB (Postgresql). I to write data and other its read replica. EBS volumes for DBs Last, Amazon S3 for uploaded photographs. My question here Is Small EC2 instance more than what I require. I mean should I go for micro Is 8000 simultaneous user a right no. (to decide what EC2 instance to choose) for a new website Or should I go for Small instance so to make it capable of spikes

    Read the article

  • Snow Leopard Permissions in Shared Folders reset on saving file

    - by jan
    I have several users who access their accounts on OSX through their windows machines over samba. As soon as they update/save a file, it sets the permissions to -rwxr----- which means no other users can read the files. This affects apache user, for example, so changes to their files under their Sites directory means Apache can no longer serve the pages. I've looked into /etc/smb.conf, /var/db/smb.conf, and /var/db/samba/smb.shares but I can't figure out how to force it to use the parent folders permissions. Thanks in advance.

    Read the article

  • Redirecting subsite on same domain to other IIS using HTTPS

    - by Alberto
    I've seen many similar questions (and answers) on this subject, but none seem to be on exactly the same situation I am facing. Which is weird since I don't think it is that special, so forgive me if I haven't searched enough. Anyway. I have two websites which are on two IIS7, one facing WAN and one in the LAN. The WAN facing is already HTTPS-only. I want to add the second website, but on the same HTTPS domain and SSL certificate, so that it becomes a subsite like: https://www.domain.com/subsite How can I do a redirect or rewrite on the first IIS to the second one to make this work? I don't think there is a standard IIS feature that can do this. ISA server is not an option currently. But maybe another extension to IIS exists? Done this numerous times on Apache, and am about to ditch IIS for Apache.

    Read the article

  • Does openssl errno 104 mean that SSLv2 is disabled?

    - by David
    I want to check if my server has SSLv2 disabled. I am doing this by attempting to connect remotely with openssl with the following shell command. openssl s_client -connect HOSTNAME:443 -ssl2 Most literature I could find on the Internet says if I see something similar to the following error then SSLv2 is properly disabled. 29638:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:428: I do get the above error when connecting to my Ubuntu server with SSLv2 disabled in Apache Apache but when I connect to my Windows Server 2008 R2 server with SSLv2 disabled in the registry I get the following output and error. CONNECTED(00000003) write:errno=104 I can't find any literature explaining this output and error. If anybody could explain to me if and why this output and error means that SSLv2 is properly disabled, I would appreciate it. Thanks!

    Read the article

  • Unable to find valid certification path to requested target while CAS authentication

    - by Dmitriy Sukharev
    I'm trying to configure CAS authentication. It requires both CAS and client application to use HTTPS protocol. Unfortunately we should use self-signed certificate (with CN that doesn't have anything in common with our server). Also the server is behind firewall and we have only two ports (ssh and https) visible. As far as there're several application that should be visible externally, we use Apache for ajp reverse proxying requests to these applications. Secure connections are managed by Apache, and all Tomcat are not configured to work with SSL. But I obtained exception while authentication, therefore desided to set keystore in CATALINA_OPTS: export CATALINA_OPTS="-Djavax.net.ssl.keyStore=/path/to/tomcat/ssl/cert.pfx -Djavax.net.ssl.keyStoreType=PKCS12 -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.keyAlias=alias -Djavax.net.debug=ssl" cert.pfx was obtained from certificate and key that are used by Apache HTTP Server: $ openssl pkcs12 -export -out /path/to/tomcat/ssl/cert.pfx -inkey /path/to/apache2/ssl/server-key.pem -in /path/to/apache2/ssl/server-cert.pem When I try to authenticate a user I obtain the following exception: Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174) ~[na:1.6.0_32] at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) ~[na:1.6.0_32] at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318) ~[na:1.6.0_32] Meanwhile I can see in catalina.out that Tomcat see certificate in cert.pfx and it's the same as the one that is used while authentication: 09:11:38.886 [http-bio-8080-exec-2] DEBUG o.j.c.c.v.Cas20ProxyTicketValidator - Constructing validation url: https://external-ip/cas/proxyValidate?pgtUrl=https%3A%2F%2Fexternal-ip%2Fclient%2Fj_spring_cas_security_proxyreceptor&ticket=ST-17-PN26WtdsZqNmpUBS59RC-cas&service=https%3A%2F%2Fexternal-ip%2Fclient%2Fj_spring_cas_security_check 09:11:38.886 [http-bio-8080-exec-2] DEBUG o.j.c.c.v.Cas20ProxyTicketValidator - Retrieving response from server. keyStore is : /path/to/tomcat/ssl/cert.pfx keyStore type is : PKCS12 keyStore provider is : init keystore init keymanager of type SunX509 *** found key for : 1 chain [0] = [ [ Version: V1 Subject: CN=wrong.domain.name, O=Our organization, L=Location, ST=State, C=Country Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 1024 bits modulus: 13??a lot of digits here??19 public exponent: ????7 Validity: [From: Tue Apr 24 16:32:18 CEST 2012, To: Wed Apr 24 16:32:18 CEST 2013] Issuer: CN=wrong.domain.name, O=Our organization, L=Location, ST=State, C=Country SerialNumber: [ d??????? ????????] ] Algorithm: [SHA1withRSA] Signature: 0000: 65 Signature is here 0070: 96 . ] *** trustStore is: /jdk-home-folder/jre/lib/security/cacerts Here is a lot of trusted CAs. Here is nothing related to our certicate or our (not trusted) CA. ... 09:11:39.731 [http-bio-8080-exec-4] DEBUG o.j.c.c.v.Cas20ProxyTicketValidator - Retrieving response from server. Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false %% No cached client session *** ClientHello, TLSv1 RandomCookie: GMT: 1347433643 bytes = { 63, 239, 180, 32, 103, 140, 83, 7, 109, 149, 177, 80, 223, 79, 243, 244, 60, 191, 124, 139, 108, 5, 122, 238, 146, 1, 54, 218 } Session ID: {} Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } *** http-bio-8080-exec-4, WRITE: TLSv1 Handshake, length = 75 http-bio-8080-exec-4, WRITE: SSLv2 client hello message, length = 101 http-bio-8080-exec-4, READ: TLSv1 Handshake, length = 81 *** ServerHello, TLSv1 RandomCookie: GMT: 1347433643 bytes = { 145, 237, 232, 63, 240, 104, 234, 201, 148, 235, 12, 222, 60, 75, 174, 0, 103, 38, 196, 181, 27, 226, 243, 61, 34, 7, 107, 72 } Session ID: {79, 202, 117, 79, 130, 216, 168, 38, 68, 29, 182, 82, 16, 25, 251, 66, 93, 108, 49, 133, 92, 108, 198, 23, 120, 120, 135, 151, 15, 13, 199, 87} Cipher Suite: SSL_RSA_WITH_RC4_128_SHA Compression Method: 0 Extension renegotiation_info, renegotiated_connection: <empty> *** %% Created: [Session-2, SSL_RSA_WITH_RC4_128_SHA] ** SSL_RSA_WITH_RC4_128_SHA http-bio-8080-exec-4, READ: TLSv1 Handshake, length = 609 *** Certificate chain chain [0] = [ [ Version: V1 Subject: CN=wrong.domain.name, O=Our organization, L=Location, ST=State, C=Country Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 1024 bits modulus: 13??a lot of digits here??19 public exponent: ????7 Validity: [From: Tue Apr 24 16:32:18 CEST 2012, To: Wed Apr 24 16:32:18 CEST 2013] Issuer: CN=wrong.domain.name, O=Our organization, L=Location, ST=State, C=Country SerialNumber: [ d??????? ????????] ] Algorithm: [SHA1withRSA] Signature: 0000: 65 Signature is here 0070: 96 . ] *** http-bio-8080-exec-4, SEND TLSv1 ALERT: fatal, description = certificate_unknown http-bio-8080-exec-4, WRITE: TLSv1 Alert, length = 2 http-bio-8080-exec-4, called closeSocket() http-bio-8080-exec-4, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target I tried to convert our pem certificate to der format and imported it to trustedKeyStore (cacerts) (without private key), but it didn't change anything. But I'm not confident that I did it rigth. Also I must inform you that I don't know passphrase for our servier-key.pem file, and probably it differs from password for keystore created by me. OS: CentOS 6.2 Architecture: x64 Tomcat version: 7 Apache HTTP Server version: 2.4 Is there any way to make Tomcat accepts our certificate?

    Read the article

  • Redirect an Apache2 SSL VirtualHost with mod_alias

    - by Jeff
    I want to make sure there aren't any odd behaviors that I don't know about when redirecting a SSL VirtualHost with mod_alias Redirect as outlined by Apache here. My code seems to work, but since SSL virtual hosts are restricted to just one IP address, I want to make sure there aren't any problems eluding me. Explicitly not using TLS. I'm stuck with Apache 2.2 for now. <VirtualHost *:443> ServerName example.com SSLEngine On Redirect 301 / https://www.example.com/ </VirtualHost> <VirtualHost *:443> ServerName www.example.com SSLEngine On # Do stuff # </VirtualHost> So I guess my question is, should SSL VirtualHost redirection with mod_alias Redirect work the same as non-SSL redirection?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 246 247 248 249 250 251 252 253 254 255 256 257  | Next Page >