httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rafi Sheikh <Rafi.She...@Ingenix.com>
Subject [users@httpd] RE: Apache via console window
Date Fri, 05 Mar 2004 19:38:09 GMT
Hello all.

BASICS: apache 1.3.29, php 4.4.4, MySQL 1.3 on WIN2K-PRO

Question: When I start apache in windows console, it starts great (I also
did the test), however: the cursor in console window is non responsive, I
cannot type any commands on cmd. line.  Cursor keeps blinking, I have to do
Ctrl+C to stop the server, and to start I use it from START-PROGRAMS-Apache
menu.

Is this valid?

TIA,

Rafi

-----Original Message-----
From: users-digest-help@httpd.apache.org
[mailto:users-digest-help@httpd.apache.org]
Sent: Friday, February 27, 2004 2:30 PM
To: users@httpd.apache.org
Subject: users Digest 27 Feb 2004 20:29:39 -0000 Issue 1428


users Digest 27 Feb 2004 20:29:39 -0000 Issue 1428

Topics (messages 38572 through 38593):

Newbie mode running question
	38572 by: Angel Gordo Crespo
	38573 by: Jonas Eckerman

Re: Redirect DirectoryIndex
	38574 by: Jonas Eckerman

HTTPS and virtual hosts
	38575 by: Dean A. Hoover
	38576 by: Boyle Owen
	38577 by: Cerion Armour-Brown
	38578 by: Dean A. Hoover
	38580 by: Cerion Armour-Brown
	38581 by: Dean A. Hoover
	38582 by: Dean A. Hoover
	38583 by: Cerion Armour-Brown

Directive explanations
	38579 by: patrick.odowd.co-operativebank.co.uk
	38584 by: Joshua Slive

Re: Help with SSL and CGI Env var export - can't get SSL_CLIENT_CERT_CHAINn
values
	38585 by: Ian Huynh
	38590 by: Joe Orton

Problem With The Alias and ScriptAlias
	38586 by: Kaplan, Andrew H.

Re: 2.0.48 configuration errors -- Was:  /bin/sh: -f: not found
	38587 by: Jonathan Mangin
	38588 by: dan osullivan
	38593 by: Jonathan Mangin

Re: Mod Rewrite URL Redirection
	38589 by: Darryl Cook

Re: RE : [users@httpd] Forwarding client Certficates from mod_ssl to a
distant mod_jk through HTTPHeaders.
	38591 by: Joe Orton

Apache administration application
	38592 by: Breheny, Paul

Administrivia:

To subscribe to the digest, e-mail:
	users-digest-subscribe@httpd.apache.org

To unsubscribe from the digest, e-mail:
	users-digest-unsubscribe@httpd.apache.org

To post to the list, e-mail:
	users@httpd.apache.org


----------------------------------------------------------------------
Date: Fri, 27 Feb 2004 10:22:45 +0100
To: <users@httpd.apache.org>
From: "Angel Gordo Crespo" <angel@expansis.com>
Subject: Newbie mode running question
Message-ID: <000801c3fd13$42af3350$4d01a8c0@NABOO>

------=_NextPart_000_0009_01C3FD1B.A4739B50
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit

Hello,
 
I have a Apache (2.0.46) running pon a server with two processor
(2.4Ghz) and memory 4Gb.
 
I number of users is of 200 who usually concentrate themselves in a
margin of two hours.
 
At the moment this running in prefork, but I have seen other ways (to
worker, perchild... etc).  As it would be better?.
 
 
Thx
AGC

------=_NextPart_000_0009_01C3FD1B.A4739B50
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<TITLE>Mensaje</TITLE>

<META content=3D"MSHTML 6.00.2800.1226" name=3DGENERATOR></HEAD>
<BODY>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D966521209-27022004>Hello,</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D966521209-27022004></SPAN></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2><SPAN =
class=3D966521209-27022004>I&nbsp;have=20
a&nbsp;Apache (2.0.46)&nbsp;running pon a server with two processor =
(2.4Ghz) and=20
memory 4Gb.</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D966521209-27022004></SPAN></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D966521209-27022004>I =
number of users is=20
of 200 who usually concentrate themselves in a margin of two=20
hours.</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D966521209-27022004></SPAN></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D966521209-27022004>At the =
moment this=20
running in prefork, but I have seen other ways (to worker, perchild...=20
etc).&nbsp; As it would be better?.</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D966521209-27022004></SPAN></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D966521209-27022004></SPAN></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D966521209-27022004>Thx</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D966521209-27022004>AGC</SPAN></FONT></DIV></BODY></HTML>

------=_NextPart_000_0009_01C3FD1B.A4739B50--

------------------------------

Date: Fri, 27 Feb 2004 12:33:01 +0100
To: <users@httpd.apache.org>
From: Jonas Eckerman <jonas_lists@frukt.org>
Subject: Re: [users@httpd] Newbie mode running question
Message-ID: <200422712331.660780@ubbe>

On Fri, 27 Feb 2004 10:22:45 +0100, Angel Gordo Crespo wrote:

>  At the moment this running in prefork, but I have seen other ways
>  (to worker, perchild... etc).  As it would be better?.

Note: The answer below is taken from memory, and it was a while since I
read=
 up on worker an prefork, so if anyone thinks I'm mistaken please correct=
 me.

Wich way is best (when considering use of resources) depends a lot on your=
 OS and libraries.

If the OS isn't very good at distributing threads between the two CPUs,=
 prefork is is probably better as it still should be able to distribute=
 processes between them. If the system libraries (or other libraries httpd=
 is using) have stability problems with threads, prefork can be a lot=
 better. Prefork also put's in more isolation between the children, so the=
 risk that bugs in the code (either Apache itself or thrid party=
 libraries/modules) effects the http server in general should be less with=
 prefork than with worker.

If the OS is good at distributing threads and it's libraries are thread=
 safe, worker result in a more resource efficient system.

perchild is rather different. AFAIK it's still experimental (please correct=
 me anyone if I'm wrong) in Apache 2. It's also not meant for all servers,=
 as most servers won't need the extra options perchild gives.

More info about this can be found at:
http://httpd.apache.org/docs-2.0/mpm.html

Regards
/Jonas

-- 
Jonas Eckerman, jonas_lists@frukt.org
http://www.fsdb.org/

------------------------------

Date: Fri, 27 Feb 2004 12:52:31 +0100
To: <users@httpd.apache.org>
From: Jonas Eckerman <jonas_lists@frukt.org>
Subject: Re: [users@httpd] Redirect DirectoryIndex
Message-ID: <2004227125231.699834@ubbe>

On Sun, 22 Feb 2004 15:10:56 +0900, Batara Kesuma wrote:

> How do I redirect DirectoryIndex to another machine. I use mod_proxy and
> mod_rewrite, here is my conf:

Two notes to start with:

* Your rule does not redirect the directoryindex at all, but they do=
 redirect *all* requests ending in ".pl".

* Normally, the client never requests the directory index as such. The=
 client just requests the directory, and Apache send a directoryindex (if=
 told to) according to it's settings.

>  DirectoryIndex home.pl
>  RewriteEngine On
>  RewriteRule ^/(.*\.pl)$ http://domain.com:8080/$1 [P]

>  But access to http://domain.com/ is not redirected to port 8080.

AFAIK the rewriterule works on the request. The request
"http://domain.com/"=
 does not end in ".pl" so it doesn't match your rewriterule.

Also, the [P] doesn't redirect, it proxies wich is a completely different=
 thing.

>  How do I fix this? Thank you.

> DirectoryIndex home.pl

Of the top of my head and completely untested:

This ought to redirect all requests for directories to the same directory
on=
 the other server:
RewriteRule ^(.*/)$ http://domain.com:8080$1 [R]

This ought to redirect the requests for directories to home.pl for that=
 directory on the other server
RewriteRule ^(.*/)$ http://domain.com:8080$1home.pl [R]

Regards
/Jonas

-- 
Jonas Eckerman, jonas_lists@frukt.org
http://www.fsdb.org/

------------------------------

Date: Fri, 27 Feb 2004 09:01:22 -0500
To: users@httpd.apache.org
From: "Dean A. Hoover" <dhoover@rochester.rr.com>
Subject: HTTPS and virtual hosts
Message-ID: <403F4DB2.6010006@rochester.rr.com>

I am a newbie at apache httpd and ssl. I've been reading various books
and online stuff on the subject, trying to figure out how to enable
HTTPS on my webserver for virtual hosts. I talked to people I know that
have also done it, and I am still not able to get this working. I am using
RH9 and apache httpd-2.0.40-21.9. Here is
what I did in /home/tomcat/mywebsite.com/conf/ssl:

# openssl req -new -x509 -days 3650 -nodes -out www.mywebsite.com.pem
-keyout 
www.mywebsite.com.pem
Generating a 1024 bit RSA private key
.........++++++
..++++++
writing new private key to 'www.mywebsite.com.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:New York
Locality Name (eg, city) [Newbury]:Rochester
Organization Name (eg, company) [My Company Ltd]:My Web Site, Inc.
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:www.mywebsite.com
Email Address []:webmaster@mywebsite.com
[root@mywebsite ssl]# /etc/init.d/httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]

The relevant part of httpd.conf is as follows:

<VirtualHost *:443>
  ServerAdmin webmaster@mywebsite.com
  ServerName www.mywebsite.com
  ServerAlias mywebsite.com
  DocumentRoot /home/tomcat/mywebsite.com/webapps
  ErrorLog /home/tomcat/mywebsite.com/logs/error_log
  CustomLog /home/tomcat/mywebsite.com/logs/access_log common

  <IfModule mod_ssl.c>
    SSLEngine on
    SSLCertificateFile
/home/tomcat/mywebsite.com/conf/ssl/www.mywebsite.com.pem
  </IfModule>
</VirtualHost>

When I hit https://www.mywebsite.com from IE6, it complains with a
dialog box, stating:

Security Alert
Information you exchange with this site cannot be exchanged or
viewed by others. However, there is a problem with the site's
security certificate.

- The security certificate was by a company you have not chosen
to trust. View the certificate to determine whether you want to
trust the certifying authority.

...

- The name on the security certificate is invalid or does not
match the name of the site.

 >>> when I view the certificate, I see:
  blah, blah, blah
  Issued to: localhost.localdomain
  Issued by: localhost.localdomain
  Valid from 4/6/2003 to 4/5/2004

On the main dialog, I click the "Yes" button to proceed and get into the
site.

 >>>> When I try to hit it from Mozilla 1.2.1, I get and Alert box showing
www.mywebsite.com received a message with incorrect message
Authentication Code. If the error occurs frequently, contact the website
administrator.

How do I fix this???

Thanks.
Dean Hoover

------------------------------

Date: Fri, 27 Feb 2004 15:28:57 +0100
To: <users@httpd.apache.org>
From: "Boyle Owen" <Owen.Boyle@swx.com>
Subject: RE: [users@httpd] HTTPS and virtual hosts
Message-ID:
<FAB6A3A2CC5BDB448DADFA1C8C0752965F7459@SOMEXEVS001.ex.ordersx.org>

> -----Original Message----
> From: Dean A. Hoover [mailto:dhoover@rochester.rr.com]
>=20
> I am a newbie at apache httpd and ssl. I've been reading various books
> and online stuff on the subject, trying to figure out how to enable
> HTTPS on my webserver for virtual hosts. I talked to people I=20
> know that
> have also done it, and I am still not able to get this=20
> working. I am using
> RH9 and apache httpd-2.0.40-21.9. Here is
> what I did in /home/tomcat/mywebsite.com/conf/ssl:

After reading below, there's nothing wrong with the apache or mod_ssl
side at all. I guess by "fix" you mean "just click on the site and
browse straight in". If so, your problem comes from the certificate and
your understanding and expectations of HTTPS.=20

HTTPS consists of two mechanisms - encryption and authentication.
Encrytion is easy to understand - the browser and server agree on a
session key and encrypt all traffic between them. But there's no point
in establishing a secure channel with a site unless you're sure of its
identity. What the browsers are warning you about is that they can't
confirm the authenticity of your site (If you went to a site that looked
like amazon, but the browser warned you that it could not trust the
site, would you type in your credit card number?)

For the browser to trust the site, the certificate that the site
presents must authenticate itself by referring to a root certificate
that the browser has in its cache (ie, the site cert has to be signed).
Since you made a self-signed cert (actually, you didn't mention anything
about self-signing it), the browser can't authenticate it - hence the
warnings.

I don't know anything about Mozilla, BTW, so no idea what its problem
is.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored.=20
>=20
> # openssl req -new -x509 -days 3650 -nodes -out=20
> www.mywebsite.com.pem -keyout=20
> www.mywebsite.com.pem
> Generating a 1024 bit RSA private key
> .........++++++
> ..++++++
> writing new private key to 'www.mywebsite.com.pem'
> -----
> You are about to be asked to enter information that will be=20
> incorporated
> into your certificate request.
> What you are about to enter is what is called a Distinguished=20
> Name or a DN.
> There are quite a few fields but you can leave some blank
> For some fields there will be a default value,
> If you enter '.', the field will be left blank.
> -----
> Country Name (2 letter code) [GB]:US
> State or Province Name (full name) [Berkshire]:New York
> Locality Name (eg, city) [Newbury]:Rochester
> Organization Name (eg, company) [My Company Ltd]:My Web Site, Inc.
> Organizational Unit Name (eg, section) []:
> Common Name (eg, your name or your server's hostname)=20
> []:www.mywebsite.com
> Email Address []:webmaster@mywebsite.com
> [root@mywebsite ssl]# /etc/init.d/httpd restart
> Stopping httpd:                                            [  OK  ]
> Starting httpd:                                            [  OK  ]
>=20
>=20
>=20
>=20
>=20
>=20
> The relevant part of httpd.conf is as follows:
>=20
> <VirtualHost *:443>
>   ServerAdmin webmaster@mywebsite.com
>   ServerName www.mywebsite.com
>   ServerAlias mywebsite.com
>   DocumentRoot /home/tomcat/mywebsite.com/webapps
>   ErrorLog /home/tomcat/mywebsite.com/logs/error_log
>   CustomLog /home/tomcat/mywebsite.com/logs/access_log common
>=20
>   <IfModule mod_ssl.c>
>     SSLEngine on
>     SSLCertificateFile=20
> /home/tomcat/mywebsite.com/conf/ssl/www.mywebsite.com.pem
>   </IfModule>
> </VirtualHost>
>=20
>=20
>=20
>=20
>=20
> When I hit https://www.mywebsite.com from IE6, it complains with a
> dialog box, stating:
>=20
> Security Alert
> Information you exchange with this site cannot be exchanged or
> viewed by others. However, there is a problem with the site's
> security certificate.
>=20
> - The security certificate was by a company you have not chosen
> to trust. View the certificate to determine whether you want to
> trust the certifying authority.
>=20
> ...
>=20
> - The name on the security certificate is invalid or does not
> match the name of the site.
>=20
>  >>> when I view the certificate, I see:
>   blah, blah, blah
>   Issued to: localhost.localdomain
>   Issued by: localhost.localdomain
>   Valid from 4/6/2003 to 4/5/2004
>=20
> On the main dialog, I click the "Yes" button to proceed and=20
> get into the site.
>=20
>  >>>> When I try to hit it from Mozilla 1.2.1, I get and=20
> Alert box showing
> www.mywebsite.com received a message with incorrect message
> Authentication Code. If the error occurs frequently, contact=20
> the website
> administrator.
>=20
>=20
>=20
> How do I fix this???
>=20
> Thanks.
> Dean Hoover
>=20
>=20
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP=20
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>=20
>=20
Diese E-mail ist eine private und pers=F6nliche Kommunikation. Sie hat
keinen Bezug zur B=F6rsen- bzw. Gesch=E4ftst=E4tigkeit der SWX Gruppe. =
This
e-mail is of a private and personal nature. It is not related to the
exchange or business activities of the SWX Group. Le pr=E9sent e-mail =
est
un message priv=E9 et personnel, sans rapport avec l'activit=E9 =
boursi=E8re du
Groupe SWX.

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company.=20

------------------------------

Date: Fri, 27 Feb 2004 15:38:46 +0100
To: users@httpd.apache.org
From: Cerion Armour-Brown <cerion@terpsichore.ws>
Subject: Re: [users@httpd] HTTPS and virtual hosts
Message-Id: <200402271538.46123.cerion@terpsichore.ws>

On Friday 27 February 2004 15:01, Dean A. Hoover wrote:
> I am a newbie at apache httpd and ssl. I've been reading various books
> and online stuff on the subject, trying to figure out how to enable
> HTTPS on my webserver for virtual hosts. I talked to people I know that
> have also done it, and I am still not able to get this working. I am using
> RH9 and apache httpd-2.0.40-21.9. Here is
> what I did in /home/tomcat/mywebsite.com/conf/ssl:
>
> # openssl req -new -x509 -days 3650 -nodes -out www.mywebsite.com.pem
> -keyout www.mywebsite.com.pem
> Generating a 1024 bit RSA private key
> .........++++++
> ..++++++
> writing new private key to 'www.mywebsite.com.pem'
> -----
> You are about to be asked to enter information that will be incorporated
> into your certificate request.
> What you are about to enter is what is called a Distinguished Name or a
DN.
> There are quite a few fields but you can leave some blank
> For some fields there will be a default value,
> If you enter '.', the field will be left blank.
> -----
> Country Name (2 letter code) [GB]:US
> State or Province Name (full name) [Berkshire]:New York
> Locality Name (eg, city) [Newbury]:Rochester
> Organization Name (eg, company) [My Company Ltd]:My Web Site, Inc.
> Organizational Unit Name (eg, section) []:
> Common Name (eg, your name or your server's hostname) []:www.mywebsite.com
> Email Address []:webmaster@mywebsite.com
> [root@mywebsite ssl]# /etc/init.d/httpd restart
> Stopping httpd:                                            [  OK  ]
> Starting httpd:                                            [  OK  ]
>
>
> The relevant part of httpd.conf is as follows:
>
> <VirtualHost *:443>
>   ServerAdmin webmaster@mywebsite.com
>   ServerName www.mywebsite.com
>   ServerAlias mywebsite.com
>   DocumentRoot /home/tomcat/mywebsite.com/webapps
>   ErrorLog /home/tomcat/mywebsite.com/logs/error_log
>   CustomLog /home/tomcat/mywebsite.com/logs/access_log common
>
>   <IfModule mod_ssl.c>
>     SSLEngine on
>     SSLCertificateFile
> /home/tomcat/mywebsite.com/conf/ssl/www.mywebsite.com.pem </IfModule>
> </VirtualHost>

It's 'invalid'... you're giving the private key instead of the public 
certificate

You need something like this in httpd.conf:
   SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
   SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
   SSLCACertificatePath /usr/local/apache/conf/ssl.crt
   SSLCACertificateFile /usr/local/apache/conf/ssl.crt/ca.crt

To make these (I can't rem the commands offhand - easily found tho):
1) Generate a private server key (server.key)
2) Generate a certificate signing request (server.csr)
3) Get this signed - either by yourself (you'll need a self-signed Cert.
Auth. 
certificate & key : ca.key, ca.crt), or by a trusted authority (Thwarte,
etc) 
=> This gives you your certificate (server.crt)

Be aware that if you do self sign it, people will still get the 'untrusted' 
message, 'cos they don't know you from jack...

NOTE: You can't have more than one virtual host using ssl, listening to the 
same port, 'cos you can't have name-based resolution with ssl...
hth,
Cerion

------------------------------

Date: Fri, 27 Feb 2004 09:39:13 -0500
To: users@httpd.apache.org
From: "Dean A. Hoover" <dhoover@rochester.rr.com>
Subject: Re: [users@httpd] HTTPS and virtual hosts
Message-ID: <403F5691.4060001@rochester.rr.com>

I think I get most of what you are saying. But the really odd thing in
my mind is that when I "view" the certificate in IE, it is apparently
not the one that I self signed. It refers to localhost.localdomain, which is
not what I put in the cert. Any other ideas?

Dean Hoover

Boyle Owen wrote:

>>-----Original Message----
>>From: Dean A. Hoover [mailto:dhoover@rochester.rr.com]
>>
>>I am a newbie at apache httpd and ssl. I've been reading various books
>>and online stuff on the subject, trying to figure out how to enable
>>HTTPS on my webserver for virtual hosts. I talked to people I 
>>know that
>>have also done it, and I am still not able to get this 
>>working. I am using
>>RH9 and apache httpd-2.0.40-21.9. Here is
>>what I did in /home/tomcat/mywebsite.com/conf/ssl:
>>    
>>
>
>After reading below, there's nothing wrong with the apache or mod_ssl
>side at all. I guess by "fix" you mean "just click on the site and
>browse straight in". If so, your problem comes from the certificate and
>your understanding and expectations of HTTPS. 
>
>HTTPS consists of two mechanisms - encryption and authentication.
>Encrytion is easy to understand - the browser and server agree on a
>session key and encrypt all traffic between them. But there's no point
>in establishing a secure channel with a site unless you're sure of its
>identity. What the browsers are warning you about is that they can't
>confirm the authenticity of your site (If you went to a site that looked
>like amazon, but the browser warned you that it could not trust the
>site, would you type in your credit card number?)
>
>For the browser to trust the site, the certificate that the site
>presents must authenticate itself by referring to a root certificate
>that the browser has in its cache (ie, the site cert has to be signed).
>Since you made a self-signed cert (actually, you didn't mention anything
>about self-signing it), the browser can't authenticate it - hence the
>warnings.
>
>I don't know anything about Mozilla, BTW, so no idea what its problem
>is.
>
>Rgds,
>Owen Boyle
>Disclaimer: Any disclaimer attached to this message may be ignored. 
>  
>
>># openssl req -new -x509 -days 3650 -nodes -out 
>>www.mywebsite.com.pem -keyout 
>>www.mywebsite.com.pem
>>Generating a 1024 bit RSA private key
>>.........++++++
>>..++++++
>>writing new private key to 'www.mywebsite.com.pem'
>>-----
>>You are about to be asked to enter information that will be 
>>incorporated
>>into your certificate request.
>>What you are about to enter is what is called a Distinguished 
>>Name or a DN.
>>There are quite a few fields but you can leave some blank
>>For some fields there will be a default value,
>>If you enter '.', the field will be left blank.
>>-----
>>Country Name (2 letter code) [GB]:US
>>State or Province Name (full name) [Berkshire]:New York
>>Locality Name (eg, city) [Newbury]:Rochester
>>Organization Name (eg, company) [My Company Ltd]:My Web Site, Inc.
>>Organizational Unit Name (eg, section) []:
>>Common Name (eg, your name or your server's hostname) 
>>[]:www.mywebsite.com
>>Email Address []:webmaster@mywebsite.com
>>[root@mywebsite ssl]# /etc/init.d/httpd restart
>>Stopping httpd:                                            [  OK  ]
>>Starting httpd:                                            [  OK  ]
>>
>>
>>
>>
>>
>>
>>The relevant part of httpd.conf is as follows:
>>
>><VirtualHost *:443>
>>  ServerAdmin webmaster@mywebsite.com
>>  ServerName www.mywebsite.com
>>  ServerAlias mywebsite.com
>>  DocumentRoot /home/tomcat/mywebsite.com/webapps
>>  ErrorLog /home/tomcat/mywebsite.com/logs/error_log
>>  CustomLog /home/tomcat/mywebsite.com/logs/access_log common
>>
>>  <IfModule mod_ssl.c>
>>    SSLEngine on
>>    SSLCertificateFile 
>>/home/tomcat/mywebsite.com/conf/ssl/www.mywebsite.com.pem
>>  </IfModule>
>></VirtualHost>
>>
>>
>>
>>
>>
>>When I hit https://www.mywebsite.com from IE6, it complains with a
>>dialog box, stating:
>>
>>Security Alert
>>Information you exchange with this site cannot be exchanged or
>>viewed by others. However, there is a problem with the site's
>>security certificate.
>>
>>- The security certificate was by a company you have not chosen
>>to trust. View the certificate to determine whether you want to
>>trust the certifying authority.
>>
>>...
>>
>>- The name on the security certificate is invalid or does not
>>match the name of the site.
>>
>> >>> when I view the certificate, I see:
>>  blah, blah, blah
>>  Issued to: localhost.localdomain
>>  Issued by: localhost.localdomain
>>  Valid from 4/6/2003 to 4/5/2004
>>
>>On the main dialog, I click the "Yes" button to proceed and 
>>get into the site.
>>
>> >>>> When I try to hit it from Mozilla 1.2.1, I get and 
>>Alert box showing
>>www.mywebsite.com received a message with incorrect message
>>Authentication Code. If the error occurs frequently, contact 
>>the website
>>administrator.
>>
>>
>>
>>How do I fix this???
>>
>>Thanks.
>>Dean Hoover
>>
>>
>>---------------------------------------------------------------------
>>The official User-To-User support forum of the Apache HTTP 
>>Server Project.
>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>>For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>>    
>>
>Diese E-mail ist eine private und persönliche Kommunikation. Sie hat
>keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This
>e-mail is of a private and personal nature. It is not related to the
>exchange or business activities of the SWX Group. Le présent e-mail est
>un message privé et personnel, sans rapport avec l'activité boursière du
>Groupe SWX.
>
>This message is for the named person's use only. It may contain
>confidential, proprietary or legally privileged information. No
>confidentiality or privilege is waived or lost by any mistransmission.
>If you receive this message in error, please notify the sender urgently
>and then immediately delete the message and any copies of it from your
>system. Please also immediately destroy any hardcopies of the message.
>You must not, directly or indirectly, use, disclose, distribute, print,
>or copy any part of this message if you are not the intended recipient.
>The sender's company reserves the right to monitor all e-mail
>communications through their networks. Any views expressed in this
>message are those of the individual sender, except where the message
>states otherwise and the sender is authorised to state them to be the
>views of the sender's company. 
>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
>  
>

------------------------------

Date: Fri, 27 Feb 2004 16:03:41 +0100
To: users@httpd.apache.org
From: Cerion Armour-Brown <cerion@terpsichore.ws>
Subject: Re: [users@httpd] HTTPS and virtual hosts
Message-Id: <200402271603.41852.cerion@terpsichore.ws>

On Friday 27 February 2004 15:01, Dean A. Hoover wrote:
> I am a newbie at apache httpd and ssl. I've been reading various books
> and online stuff on the subject, trying to figure out how to enable
> HTTPS on my webserver for virtual hosts. I talked to people I know that
> have also done it, and I am still not able to get this working. I am using
> RH9 and apache httpd-2.0.40-21.9. Here is
> what I did in /home/tomcat/mywebsite.com/conf/ssl:
>
> # openssl req -new -x509 -days 3650 -nodes -out www.mywebsite.com.pem
> -keyout www.mywebsite.com.pem

I read a little too quickly... I imagine your main problem here is you're 
writing your private key (-keyout ...) to the same file as your certificate 
request (-out ...)
Cerion

------------------------------

Date: Fri, 27 Feb 2004 10:12:22 -0500
To: users@httpd.apache.org
From: "Dean A. Hoover" <dhoover@rochester.rr.com>
Subject: Re: [users@httpd] HTTPS and virtual hosts
Message-ID: <403F5E56.5070602@rochester.rr.com>

Cerion Armour-Brown wrote:

>On Friday 27 February 2004 15:01, Dean A. Hoover wrote:
>  
>
>>I am a newbie at apache httpd and ssl. I've been reading various books
>>and online stuff on the subject, trying to figure out how to enable
>>HTTPS on my webserver for virtual hosts. I talked to people I know that
>>have also done it, and I am still not able to get this working. I am using
>>RH9 and apache httpd-2.0.40-21.9. Here is
>>what I did in /home/tomcat/mywebsite.com/conf/ssl:
>>
>># openssl req -new -x509 -days 3650 -nodes -out www.mywebsite.com.pem
>>-keyout www.mywebsite.com.pem
>>    
>>
>
>I read a little too quickly... I imagine your main problem here is you're 
>writing your private key (-keyout ...) to the same file as your certificate

>request (-out ...)
>Cerion
>
>  
>
OK, so now I try the following in /home/tomcat/mywebsite.com/conf/ssl:

# openssl genrsa -out www.mywebsite.com.key 1024
Generating RSA private key, 1024 bit long modulus
....++++++
................++++++
e is 65537 (0x10001)

# openssl req -new -key www.mywebsite.com.key -x509 -out 
www.mywebsite.com.crt
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:New York
Locality Name (eg, city) [Newbury]:Rochester
Organization Name (eg, company) [My Company Ltd]:My Web Site, Inc.
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:www.mywebsite.com
Email Address []:webmaster@mywebsite.com

And change httpd.conf as follows:

  SSLEngine on
  SSLCertificateFile 
/home/tomcat/fermata-international.com/conf/ssl/www.mywebsite.com.crt
  SSLCertificateKeyFile 
/home/tomcat/fermata-international.com/conf/ssl/www.website.com.key

As in previous email, when I use IE to hit the site, it complains. OK 
fine, so it does not know who
the heck I am. But when I "View Certificate" I still see:

Issued to: localhost.localdomain
Issued by: localhost.localdomain
Valid from 4/6/2003 to 4/4/2004

Where is that coming from???

Dean Hoover

------------------------------

Date: Fri, 27 Feb 2004 10:13:59 -0500
To: users@httpd.apache.org
From: "Dean A. Hoover" <dhoover@rochester.rr.com>
Subject: Re: [users@httpd] HTTPS and virtual hosts
Message-ID: <403F5EB7.9060300@rochester.rr.com>

Dean A. Hoover wrote:

> Cerion Armour-Brown wrote:
>
>> On Friday 27 February 2004 15:01, Dean A. Hoover wrote:
>>  
>>
>>> I am a newbie at apache httpd and ssl. I've been reading various books
>>> and online stuff on the subject, trying to figure out how to enable
>>> HTTPS on my webserver for virtual hosts. I talked to people I know that
>>> have also done it, and I am still not able to get this working. I am 
>>> using
>>> RH9 and apache httpd-2.0.40-21.9. Here is
>>> what I did in /home/tomcat/mywebsite.com/conf/ssl:
>>>
>>> # openssl req -new -x509 -days 3650 -nodes -out www.mywebsite.com.pem
>>> -keyout www.mywebsite.com.pem
>>>   
>>
>>
>> I read a little too quickly... I imagine your main problem here is 
>> you're writing your private key (-keyout ...) to the same file as 
>> your certificate request (-out ...)
>> Cerion
>>
>>  
>>
> OK, so now I try the following in /home/tomcat/mywebsite.com/conf/ssl:
>
> # openssl genrsa -out www.mywebsite.com.key 1024
> Generating RSA private key, 1024 bit long modulus
> ....++++++
> ................++++++
> e is 65537 (0x10001)
>
> # openssl req -new -key www.mywebsite.com.key -x509 -out 
> www.mywebsite.com.crt
> You are about to be asked to enter information that will be incorporated
> into your certificate request.
> What you are about to enter is what is called a Distinguished Name or 
> a DN.
> There are quite a few fields but you can leave some blank
> For some fields there will be a default value,
> If you enter '.', the field will be left blank.
> -----
> Country Name (2 letter code) [GB]:US
> State or Province Name (full name) [Berkshire]:New York
> Locality Name (eg, city) [Newbury]:Rochester
> Organization Name (eg, company) [My Company Ltd]:My Web Site, Inc.
> Organizational Unit Name (eg, section) []:
> Common Name (eg, your name or your server's hostname) 
> []:www.mywebsite.com
> Email Address []:webmaster@mywebsite.com
>
>
>
> And change httpd.conf as follows:
>
>  SSLEngine on
>  SSLCertificateFile 
> /home/tomcat/fermata-international.com/conf/ssl/www.mywebsite.com.crt
>  SSLCertificateKeyFile 
> /home/tomcat/fermata-international.com/conf/ssl/www.website.com.key 

whoops, let that read mywebsite... including the directory

>
>
> As in previous email, when I use IE to hit the site, it complains. OK 
> fine, so it does not know who
> the heck I am. But when I "View Certificate" I still see:
>
> Issued to: localhost.localdomain
> Issued by: localhost.localdomain
> Valid from 4/6/2003 to 4/4/2004
>
> Where is that coming from???
>
> Dean Hoover
>
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server 
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

------------------------------

Date: Fri, 27 Feb 2004 16:43:26 +0100
To: users@httpd.apache.org
From: Cerion Armour-Brown <cerion@terpsichore.ws>
Subject: Re: [users@httpd] HTTPS and virtual hosts
Message-Id: <200402271643.26706.cerion@terpsichore.ws>

On Friday 27 February 2004 16:12, Dean A. Hoover wrote:
> Cerion Armour-Brown wrote:
> >On Friday 27 February 2004 15:01, Dean A. Hoover wrote:
> >>I am a newbie at apache httpd and ssl. I've been reading various books
> >>and online stuff on the subject, trying to figure out how to enable
> >>HTTPS on my webserver for virtual hosts. I talked to people I know that
> >>have also done it, and I am still not able to get this working. I am
> >> using RH9 and apache httpd-2.0.40-21.9. Here is
> >>what I did in /home/tomcat/mywebsite.com/conf/ssl:
> >>
> >># openssl req -new -x509 -days 3650 -nodes -out www.mywebsite.com.pem
> >>-keyout www.mywebsite.com.pem
> >
> >I read a little too quickly... I imagine your main problem here is you're
> >writing your private key (-keyout ...) to the same file as your
> > certificate request (-out ...)
> >Cerion
>
> OK, so now I try the following in /home/tomcat/mywebsite.com/conf/ssl:
>
> # openssl genrsa -out www.mywebsite.com.key 1024
> Generating RSA private key, 1024 bit long modulus
> ....++++++
> ................++++++
> e is 65537 (0x10001)
>
> # openssl req -new -key www.mywebsite.com.key -x509 -out
> www.mywebsite.com.crt
> You are about to be asked to enter information that will be incorporated
> into your certificate request.
> What you are about to enter is what is called a Distinguished Name or a
DN.
> There are quite a few fields but you can leave some blank
> For some fields there will be a default value,
> If you enter '.', the field will be left blank.
> -----
> Country Name (2 letter code) [GB]:US
> State or Province Name (full name) [Berkshire]:New York
> Locality Name (eg, city) [Newbury]:Rochester
> Organization Name (eg, company) [My Company Ltd]:My Web Site, Inc.
> Organizational Unit Name (eg, section) []:
> Common Name (eg, your name or your server's hostname) []:www.mywebsite.com
> Email Address []:webmaster@mywebsite.com
>
>
>
> And change httpd.conf as follows:
>
>   SSLEngine on
>   SSLCertificateFile
> /home/tomcat/fermata-international.com/conf/ssl/www.mywebsite.com.crt
>   SSLCertificateKeyFile
> /home/tomcat/fermata-international.com/conf/ssl/www.website.com.key
>
> As in previous email, when I use IE to hit the site, it complains. OK
> fine, so it does not know who
> the heck I am. But when I "View Certificate" I still see:
>
> Issued to: localhost.localdomain
> Issued by: localhost.localdomain
> Valid from 4/6/2003 to 4/4/2004
>
> Where is that coming from???
>
> Dean Hoover

Well, I've never had this, but I imagine it's because what you've created is
a 
certificate signing request - it's not a certificate until you sign it...

read this: http://www.vanemery.com/Linux/Apache/apache-SSL.html
Cerion

------------------------------

Date: Fri, 27 Feb 2004 14:50:46 +0000
To: users@httpd.apache.org 
From: patrick.odowd@co-operativebank.co.uk
Subject: Directive explanations
Message-ID: <00281117.C22244@co-operativebank.co.uk>

Before acting on this e-mail or opening any attachment, you are advised to
read the disclaimer at the end of this mail.

Hi,
I am using Apache on the iSeries (AS400), there is a GUI that generates the
httpd.conf file. I am trying to get a better understanding of what the
Apache
directives mean and how they work in the generated httpd.conf file. I have
found
some directive explanations on the Apache site, I am wondering if there are
any
recommended websites/books?

Some of the questions I have are:
Q1. What are these LogFormat directives and what are the various parameters
here
e.g. %h, %>s, {Referer} etc.

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
LogFormat "%{Cookie}n \"%r\" %t" cookie
LogFormat "%{User-agent}i" agent
LogFormat "%{Referer}i -> %U" referer
LogFormat "%h %l %u %t \"%r\" %>s %b" common

Q2. Where can I get the details on what goes into the access_log created by
this
CustomLog directive? I can see there is loads of useful info in the logs.
There
are error_log files created also. 

CustomLog logs/access_log combined

How are these logs normally administered? Are there programs that look
through
these logs and sent alerts based on the content etc..?

Q3. What do these directives do?
SetEnvIf "User-Agent" "Mozilla/2" nokeepalive
SetEnvIf "User-Agent" "JDK/1\.0" force-response-1.0
SetEnvIf "User-Agent" "Java/1\.0" force-response-1.0
SetEnvIf "User-Agent" "RealPlayer 4\.0" force-response-1.0
SetEnvIf "User-Agent" "MSIE 4\.0b2;" nokeepalive
SetEnvIf "User-Agent" "MSIE 4\.0b2;" force-response-1.0

Q4. I read the following protects the server:

<Directory />
   Order Deny,Allow
   Deny From all
</Directory>

I read that the Order statement says Allow all access to the Server Root
directory by default. Then the Deny seems to say, override the Allow and
Deny
all users access to the Server Root directory? How do Order and Deny/Allow
work?
Do the directories below the Server Root inherit from the Server Root?

There is a further <Directory> tag that sets Allow From all for the Document
Root directory.

Thanks in advance,
Pat

**********************************************************************
This e-mail is intended solely for the addressee and is strictly
confidential. If you are not the addressee, please do not read, print,
re-transmit, store or act in reliance on it or any attachments. Instead
please e-mail it back to the sender and delete the message from your
computer.

E-mail transmission cannot be guaranteed to be secure or error free and The
Co-operative Bank accepts no liability for changes made to this e-mail (and
any attachments) after it was sent or for viruses arising as a result of
this e-mail transmission.

Any unauthorised reproduction, dissemination, copying, disclosure,
modification, distribution and/or publication of this e-mail message is
strictly prohibited.

The Co-operative Bank reserves the right to intercept any e - mails or other
communication for permitted purposes in accordance with the current
legislation which you send to, or receive from, any of the employees or
agents of the Bank via Bank telecommunication systems. By so corresponding
you also give your consent to the Bank monitoring and recording of any
correspondence using these systems.   

The Co-operative Bank p.l.c. is registered in England and Wales, number
990937. The registered office is at PO Box 101, 1, Balloon Street,
Manchester, M60 4EP.  
**********************************************************************

------------------------------

Date: Fri, 27 Feb 2004 10:48:40 -0500 (Est)
To: users@httpd.apache.org
From: Joshua Slive <joshua@slive.ca>
Subject: Re: [users@httpd] Directive explanations
Message-ID: <Pine.WNT.4.58.0402271041050.1028@Poste3947.hec.ca>

On Fri, 27 Feb 2004 patrick.odowd@co-operativebank.co.uk wrote:
> Some of the questions I have are:
> Q1. What are these LogFormat directives and what are the various
parameters here
> e.g. %h, %>s, {Referer} etc.

> Q2. Where can I get the details on what goes into the access_log created
> by this CustomLog directive? I can see there is loads of useful info in
> the logs. There are error_log files created also.

http://httpd.apache.org/docs-2.0/logs.html#accesslog
http://httpd.apache.org/docs-2.0/mod/mod_log_config.html#formats

> Q3. What do these directives do?

http://httpd.apache.org/docs-2.0/env.html#special

>
> Q4. I read the following protects the server:
>
> <Directory />
>    Order Deny,Allow
>    Deny From all
> </Directory>
>
> I read that the Order statement says Allow all access to the Server Root
> directory by default. Then the Deny seems to say, override the Allow and
> Deny all users access to the Server Root directory? How do Order and
> Deny/Allow work? Do the directories below the Server Root inherit from
> the Server Root?

This is not the ServerRoot.  It is the root of the filesystem.

There are some examples here:
http://httpd.apache.org/docs-2.0/mod/mod_access.html#order
http://httpd.apache.org/docs-2.0/howto/auth.html#whatotherneatstuffcanido
http://www.linuxplanet.com/linuxplanet/tutorials/1527/5/

Joshua.

------------------------------

Date: Fri, 27 Feb 2004 08:33:07 -0800
To: "Joe Orton" <jorton@redhat.com>
From: "Ian Huynh" <ianh@hubspan.com>
Cc: <users@httpd.apache.org>
Subject: RE: [users@httpd] Help with SSL and CGI Env var export - can't get
SSL_CLIENT_CERT_CHAINn values
Message-ID:
<C499DCDFEDBEBC4BB3B503FF44B41C676F1631@corpexch01.internal.hubspan.com>

Hey Joe
you are right in that mod_headers messed up multiple lines. I filed a =
bug with Apache=20
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=3D23223

We got around it by making some changes in mod_headers to get it to wrap =
the line properly.
So that is fixed and we are able to get multiline headers to come =
through as per the HTTP spec.

I WAS able to get SSL_SERVER_CERT to export as well now but the caveat =
is only one of the CERT
(either CLIENT or SERVER) will come out as a header. not both. If both =
are turned on, only the=20
first directive is recognized.

This sequence exports only Client Cert=20

>> RequestHeader set SSLClientCert %{SSL_CLIENT_CERT}e
>> RequestHeader set SSLServerCert %{SSL_SERVER_CERT}e

This sequence exports only Server Cert
>> RequestHeader set SSLServerCert %{SSL_SERVER_CERT}e
>> RequestHeader set SSLClientCert %{SSL_CLIENT_CERT}e

I could never get Client Cert chain to export.=20

>-----Original Message-----
>From: Joe Orton [mailto:jorton@redhat.com]
>Sent: Friday, February 27, 2004 12:41 AM
>To: Ian Huynh
>Cc: users@httpd.apache.org
>Subject: Re: [users@httpd] Help with SSL and CGI Env var export - can't
>get SSL_CLIENT_CERT_CHAINn values
>
>
>On Wed, Feb 25, 2004 at 10:48:38AM -0800, Ian Huynh wrote:
>> Env: 2.0.48 , Win2K, Open SSL 0.9.7c
>>=20
>> In apache 2.0.48 and openssl 0.9.7c, according to the docs below=20
>>=20
>> http://httpd.apache.org/docs-2.0/mod/mod_ssl.html
>>=20
>> there are a number of env vars that can be exported. I am=20
>interested in 3 of these=20
>>=20
>> SSL_SERVER_CERT
>> SSL_CLIENT_CERT string PEM-encoded client certificate=20
>> SSL_CLIENT_CERT_CHAINn string PEM-encoded certificates in=20
>client certificate chain=20
>
>Actually the docs are not in synch with the code, it should be:
>
>SSL_CLIENT_CERT_CHAIN_n
>
>> I can get the CLIENT_CERT exported but not the CERT_CHAINn=20
>or SERVER_CERT . Has anyone been able to get it to work?
>>
>> My httpd.conf is below
>>=20
>> # turns on SSL Options
>>=20
>> SSLOptions +StdEnvVars +ExportCertData=20
>>=20
>> # set the CGI values as HTTP Request Header.
>>=20
>> RequestHeader set SSLClientCert %{SSL_CLIENT_CERT}e
>> RequestHeader set SSLClientCertChain1 %{SSL_CLIENT_CERT_CHAIN1}e
>> RequestHeader set SSLClientCertChain2 %{SSL_CLIENT_CERT_CHAIN2}e
>> RequestHeader set SSLServerCert %{SSL_SERVER_CERT}e
>
>but I believe *none* of these are likely to work since mod_headers
>doesn't handle env vars which wrap over multiple lines
>
>joe
>

------------------------------

Date: Fri, 27 Feb 2004 20:08:16 +0000
To: users@httpd.apache.org
From: Joe Orton <jorton@redhat.com>
Subject: Re: [users@httpd] Help with SSL and CGI Env var export - can't get
SSL_CLIENT_CERT_CHAINn values
Message-ID: <20040227200816.GA5706@redhat.com>

On Fri, Feb 27, 2004 at 08:33:07AM -0800, Ian Huynh wrote:
> Hey Joe
> you are right in that mod_headers messed up multiple lines. I filed a bug
with Apache 
> http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23223

Does the fix I just attached to that bug work for you?

> I WAS able to get SSL_SERVER_CERT to export as well now but the caveat is
only one of the CERT
> (either CLIENT or SERVER) will come out as a header. not both. If both are
turned on, only the 
> first directive is recognized.
> 
> 
> This sequence exports only Client Cert 
> 
> >> RequestHeader set SSLClientCert %{SSL_CLIENT_CERT}e
> >> RequestHeader set SSLServerCert %{SSL_SERVER_CERT}e
> 
> This sequence exports only Server Cert
> >> RequestHeader set SSLServerCert %{SSL_SERVER_CERT}e
> >> RequestHeader set SSLClientCert %{SSL_CLIENT_CERT}e

That's odd, I can't reproduce that.

> I could never get Client Cert chain to export. 

And that is supposed to work if you have +ExportCertData.  Confused...

joe

------------------------------

Date: Fri, 27 Feb 2004 11:44:56 -0500
To: "'users@httpd.apache.org'" <users@httpd.apache.org>
From: "Kaplan, Andrew H." <AHKAPLAN@PARTNERS.ORG>
Subject: Problem With The Alias and ScriptAlias
Message-ID:
<5593DA408212D511B0910002A513501F06559215@phsexch20.mgh.harvard.edu>

 have set up an Apache server (1.3.29 w/ mod_ssl) such that a user will be
automatically redirected to the secure port when logging into the system.
The next thing I am doing is setting up the nagios ScriptAlias and Alias
directives so an application's welcome page comes up automatically. I have
added the 
appropriate information to the httpd.conf file and have restarted the
server.

The problem I am encountering is the following: If I enter the server
hostname with the application share, ie: http://nagios/nagios, I get the
following error message:

				nagiosnagios could not be found. Please
check the name and try again.

If I first enter the server hostname, and then enter the application share,
the welcome screen comes up without difficulty. 

------------------------------

Date: Fri, 27 Feb 2004 13:59:57 -0500
To: <users@httpd.apache.org>
From: "Jonathan Mangin" <jon.mangin@comcast.net>
Subject: Re: [users@httpd] 2.0.48 configuration errors -- Was:  /bin/sh: -f:
not found
Message-ID: <004f01c3fd63$e4e9c0e0$0a01a8c0@harpo>

Joe,
I've gotten different results by defining $RM, $AWK and $AS but no joy.
I've filed bug report #27160. Thanks.

----- Original Message ----- 
From: "Joe Orton" <jorton@redhat.com>
To: <users@httpd.apache.org>
Sent: Monday, February 23, 2004 5:58 AM
Subject: Re: [users@httpd] 2.0.48 configuration errors -- Was: /bin/sh: -f:
not found

> On Sun, Feb 22, 2004 at 10:48:20AM -0500, Jonathan Mangin wrote:
> > > > server/.libs/libmain.a(main.o)(.text+0xbf7): In function `main';
> > > > /export/home/jman/src/apache/httpd-2.0.48/server/main.c:619:
> > > > undefined reference to `ap_prelinked_modules'
> > > >
> > > > and then a whole lot of undefined references. Does anyone
> > > > know what I'm missing?
> > >
> > > Can you send in the modules.c file created by configure?
> >
> > modules.c is a zero-length file.
>
> That probably means that configure couldn't find awk.  Can you file a
> bug report and attach the complete output of configure and the
> config.log filed produced?
>
> (you would, BTW, expect to find lots of errors like you originally
> posted in config.log, that is normal)
>
> joe
>

------------------------------

Date: Fri, 27 Feb 2004 11:38:46 -0800
To: <users@httpd.apache.org>
From: "dan osullivan" <osounddan@sbcglobal.net>
Subject: Re: [users@httpd] 2.0.48 configuration errors -- Was:  /bin/sh: -f:
not found
Message-ID: <002f01c3fd69$51992410$2302a8c0@danspc>

Sorry, I'm not Joe. I just signed up for this mailing list today. But if you
feel like helping someone, I haven't been able to figure out how to post a
question. There seem to be no links to these forums on the appache website.
If you could tell me where to post I would very thankful.

This is my problem:

I've been trying to install Apache Server 2.0.48 on my computer, which is
running win2000 professional. Immediately upon completing the installation I
get a command window with the following message:

[error] <OS2> The System cannot find the specified: No installed service
named "Apache2"

The same thing happens whenever I try to start or stop Apache through the
Start>Programs ... menu.

Looking in the Services window I see there is in fact no Apache2.

During the installation process I use all the defaults and for the Network
name and Server name I use pacbell.net and www.pacbell.net respectively
(which is what my ISP told me to use).

I have IIS installed on my computer, but I'm under the impression that that
shouldn't cause any conflict with Apache. Am I wrong?

----- Original Message ----- 
From: "Jonathan Mangin" <jon.mangin@comcast.net>
To: <users@httpd.apache.org>
Sent: Friday, February 27, 2004 10:59 AM
Subject: Re: [users@httpd] 2.0.48 configuration errors -- Was: /bin/sh: -f:
not found

> Joe,
> I've gotten different results by defining $RM, $AWK and $AS but no joy.
> I've filed bug report #27160. Thanks.
>
>
> ----- Original Message ----- 
> From: "Joe Orton" <jorton@redhat.com>
> To: <users@httpd.apache.org>
> Sent: Monday, February 23, 2004 5:58 AM
> Subject: Re: [users@httpd] 2.0.48 configuration errors -- Was:
/bin/sh: -f:
> not found
>
>
> > On Sun, Feb 22, 2004 at 10:48:20AM -0500, Jonathan Mangin wrote:
> > > > > server/.libs/libmain.a(main.o)(.text+0xbf7): In function `main';
> > > > > /export/home/jman/src/apache/httpd-2.0.48/server/main.c:619:
> > > > > undefined reference to `ap_prelinked_modules'
> > > > >
> > > > > and then a whole lot of undefined references. Does anyone
> > > > > know what I'm missing?
> > > >
> > > > Can you send in the modules.c file created by configure?
> > >
> > > modules.c is a zero-length file.
> >
> > That probably means that configure couldn't find awk.  Can you file a
> > bug report and attach the complete output of configure and the
> > config.log filed produced?
> >
> > (you would, BTW, expect to find lots of errors like you originally
> > posted in config.log, that is normal)
> >
> > joe
> >
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org

------------------------------

Date: Fri, 27 Feb 2004 15:29:37 -0500
To: <users@httpd.apache.org>
From: "Jonathan Mangin" <jon.mangin@comcast.net>
Subject: Re: [users@httpd] 2.0.48 configuration errors -- Was:  /bin/sh: -f:
not found
Message-ID: <007901c3fd70$6da525d0$0a01a8c0@harpo>

I'm also sorry, I'm afraid I can't help you much. I use Windows
for MusicMatch and looking out of.
Repost your question to users@httpd.apache.org with a concise
subject line and many knowledgeable people will be happy to help.
The URL at the bottom of this post will guide you toward the
list archives. There have been several questions (and answers)
lately about installing Apache as a service.

----- Original Message ----- 
From: "dan osullivan" <osounddan@sbcglobal.net>
To: <users@httpd.apache.org>
Sent: Friday, February 27, 2004 2:38 PM
Subject: Re: [users@httpd] 2.0.48 configuration errors -- Was: /bin/sh: -f:
not found

> Sorry, I'm not Joe. I just signed up for this mailing list today. But if
you
> feel like helping someone, I haven't been able to figure out how to post a
> question. There seem to be no links to these forums on the appache
website.
> If you could tell me where to post I would very thankful.
>
> This is my problem:
>
> I've been trying to install Apache Server 2.0.48 on my computer, which is
> running win2000 professional. Immediately upon completing the installation
I
> get a command window with the following message:
>
>
>
> [error] <OS2> The System cannot find the specified: No installed service
> named "Apache2"
>
>
>
> The same thing happens whenever I try to start or stop Apache through the
> Start>Programs ... menu.
>
>
>
> Looking in the Services window I see there is in fact no Apache2.
>
>
>
> During the installation process I use all the defaults and for the Network
> name and Server name I use pacbell.net and www.pacbell.net respectively
> (which is what my ISP told me to use).
>
>
>
> I have IIS installed on my computer, but I'm under the impression that
that
> shouldn't cause any conflict with Apache. Am I wrong?
>

------------------------------

Date: Fri, 27 Feb 2004 14:41:24 -0500
To: users@httpd.apache.org
From: Darryl Cook <dlc@cs.appstate.edu>
Subject: Re: [users@httpd] Re: Mod Rewrite URL Redirection
Message-ID: <403F9D64.1010601@cs.appstate.edu>

--------------010501050806060409040603
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

this will work as it was passed on to me by someone on this list as 
well......

    RewriteEngine on
    RewriteCond %{REMOTE_ADDR} 152.10\.[0-9]+\.[0-9]+$
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/(.*)$ https://%{SERVER_NAME}/$1 [R,L]

substitute 152.10 for whatever your ip address begins with.

darryl

Ed Avis wrote:

>"Mike Wagner" <Mwagner@nps.k12.va.us> writes:
>
>  
>
>>I want to be able to have http://testdomain.cxm to point to
>>https://testdomain.cxm.  I was told that mod_rewrite can do this.
>>    
>>
>
>I thought the 'sslrequiressl' directive would normally be used.
>
>  
>

--------------010501050806060409040603
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
  <title></title>
</head>
<body text="#000000" bgcolor="#ffffff">
this will work as it was passed on to me by someone on this list as
well......<br>
<br>
&nbsp;&nbsp;&nbsp; RewriteEngine on<br>
&nbsp;&nbsp;&nbsp; RewriteCond %{REMOTE_ADDR} 152.10\.[0-9]+\.[0-9]+$<br>
&nbsp;&nbsp;&nbsp; RewriteCond %{HTTPS} !=on<br>
&nbsp;&nbsp;&nbsp; RewriteRule ^/(.*)$ <a class="moz-txt-link-freetext"
href="https://%{SERVER_NAME">https://%{SERVER_NAME</a>}/$1 [R,L]<br>
<br>
substitute 152.10 for whatever your ip address begins with.<br>
<br>
darryl<br>
<br>
Ed Avis wrote:<br>
<blockquote type="cite" cite="midl1vfltljhk.fsf@budvar.future-i.net">
  <pre wrap="">"Mike Wagner" <a class="moz-txt-link-rfc2396E"
href="mailto:Mwagner@nps.k12.va.us">&lt;Mwagner@nps.k12.va.us&gt;</a>
writes:

  </pre>
  <blockquote type="cite">
    <pre wrap="">I want to be able to have <a class="moz-txt-link-freetext"
href="http://testdomain.cxm">http://testdomain.cxm</a> to point to
<a class="moz-txt-link-freetext"
href="https://testdomain.cxm">https://testdomain.cxm</a>.  I was told that
mod_rewrite can do this.
    </pre>
  </blockquote>
  <pre wrap=""><!---->
I thought the 'sslrequiressl' directive would normally be used.

  </pre>
</blockquote>
</body>
</html>

--------------010501050806060409040603--

------------------------------

Date: Fri, 27 Feb 2004 20:11:06 +0000
To: nicolas.villoutreix@accenture.com
From: Joe Orton <jorton@redhat.com>
Cc: users@httpd.apache.org
Subject: Re: [users@httpd] RE : [users@httpd] Forwarding client Certficates
from mod_ssl to a distant mod_jk through HTTPHeaders.
Message-ID: <20040227201106.GB5706@redhat.com>

On Fri, Feb 06, 2004 at 01:47:35PM +0100, nicolas.villoutreix@accenture.com
wrote:
> Hi Joe,
> for my purpose, i think the first method would be better.
>  
> I want to forward the ssl certificate from one apache to an other. The
> solution i experimented was using mod_proxy and mod_headers.

Nicolas, I just attached a mod_headers fix for this to the bug:

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23223

Is this a workable solution for you too?

Regards,

joe

------------------------------

Date: Fri, 27 Feb 2004 13:16:57 -0700
To: "'users@httpd.apache.org'" <users@httpd.apache.org>
From: "Breheny, Paul" <Paul.Breheny@echostar.com>
Subject:  Apache administration application
Message-ID: <15A1FDA26DAD524DA7A7AF77313EBA8FA18A64@riv-excha5.echostar.com>

------_=_NextPart_001_01C3FD6E.9D5D3110
Content-Type: text/plain

I am trying to find a tool for administering and configuring all of our
Apache servers in dev/test/prod. The following requirements are necessary:
*        GUI
*        Ability to handle multiple applications per environment
*        SSL management - alert when certs expire
*        Server performance provisioning - allocate resources to the server
that needs it most
*        Must work with Apache installs on Solaris
*        Ability to administer all hosts from the same app
*        Ability to configure all hosts from the same app
*        Ability to tie in to Openview
*        Reporting on site usage
*        Low cost - good value for the dollars spent
*        Central management point - Can use same tool from anywhere. Either,
it does not require an install on each individual's computer or, if it must
be installed on all computers, central storage.
*        Role based activities - admin vs. power user vs. user
 
I have looked at Apache Commander, but it does not have reporting, user
roles, dynamic provisioning. Apache Conf does not have those either. Mohawk
looks promising, but the company is no longer around. I have not found any
other tools on the web that meet all the criteria. Does anyone know of a
tool that does all the above?
 
Paul Breheny

------_=_NextPart_001_01C3FD6E.9D5D3110
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable

<html xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns=3D"http://www.w3.org/TR/REC-html40">

<head>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3DUS-ASCII">

<meta name=3DProgId content=3DWord.Document>
<meta name=3DGenerator content=3D"Microsoft Word 10">
<meta name=3DOriginator content=3D"Microsoft Word 10">
<link rel=3DFile-List href=3D"cid:filelist.xml@01C3FD33.FA08DC70">
<!--[if gte mso 9]><xml>
 <o:OfficeDocumentSettings>
  <o:DoNotRelyOnCSS/>
 </o:OfficeDocumentSettings>
</xml><![endif]--><!--[if gte mso 9]><xml>
 <w:WordDocument>
  <w:SpellingState>Clean</w:SpellingState>
  <w:GrammarState>Clean</w:GrammarState>
  <w:DocumentKind>DocumentEmail</w:DocumentKind>
  <w:EnvelopeVis/>
  <w:Compatibility>
   <w:BreakWrappedTables/>
   <w:SnapToGridInCell/>
   <w:WrapTextWithPunct/>
   <w:UseAsianBreakRules/>
  </w:Compatibility>
  <w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel>
 </w:WordDocument>
</xml><![endif]-->
<style>
<!--
 /* Font Definitions */
 @font-face
	{font-family:"Comic Sans MS";
	panose-1:3 15 7 2 3 3 2 2 2 4;
	mso-font-charset:0;
	mso-generic-font-family:script;
	mso-font-pitch:variable;
	mso-font-signature:647 0 0 0 159 0;}
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
	{mso-style-parent:"";
	margin:0in;
	margin-bottom:.0001pt;
	mso-pagination:widow-orphan;
	font-size:12.0pt;
	font-family:Arial;
	mso-fareast-font-family:"Times New Roman";
	mso-bidi-font-family:"Times New Roman";}
a:link, span.MsoHyperlink
	{color:blue;
	text-decoration:underline;
	text-underline:single;}
a:visited, span.MsoHyperlinkFollowed
	{color:purple;
	text-decoration:underline;
	text-underline:single;}
span.EmailStyle17
	{mso-style-type:personal;
	mso-style-noshow:yes;
	mso-ansi-font-size:10.0pt;
	mso-bidi-font-size:10.0pt;
	font-family:Arial;
	mso-ascii-font-family:Arial;
	mso-hansi-font-family:Arial;
	mso-bidi-font-family:Arial;
	color:windowtext;}
span.EmailStyle18
	{mso-style-type:personal-reply;
	mso-style-noshow:yes;
	mso-ansi-font-size:10.0pt;
	mso-bidi-font-size:10.0pt;
	font-family:Arial;
	mso-ascii-font-family:Arial;
	mso-hansi-font-family:Arial;
	mso-bidi-font-family:Arial;
	color:navy;}
@page Section1
	{size:8.5in 11.0in;
	margin:1.0in 1.25in 1.0in 1.25in;
	mso-header-margin:.5in;
	mso-footer-margin:.5in;
	mso-paper-source:0;}
div.Section1
	{page:Section1;}
 /* List Definitions */
 @list l0
	{mso-list-id:1186019181;
	mso-list-type:hybrid;
	mso-list-template-ids:844369886 67698689 67698691 67698693 67698689
=
67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
	{mso-level-number-format:bullet;
	mso-level-text:\F0B7;
	mso-level-tab-stop:1.0in;
	mso-level-number-position:left;
	margin-left:1.0in;
	text-indent:-.25in;
	font-family:Symbol;}
@list l0:level2
	{mso-level-tab-stop:1.0in;
	mso-level-number-position:left;
	text-indent:-.25in;}
@list l0:level3
	{mso-level-tab-stop:1.5in;
	mso-level-number-position:left;
	text-indent:-.25in;}
@list l0:level4
	{mso-level-tab-stop:2.0in;
	mso-level-number-position:left;
	text-indent:-.25in;}
@list l0:level5
	{mso-level-tab-stop:2.5in;
	mso-level-number-position:left;
	text-indent:-.25in;}
@list l0:level6
	{mso-level-tab-stop:3.0in;
	mso-level-number-position:left;
	text-indent:-.25in;}
@list l0:level7
	{mso-level-tab-stop:3.5in;
	mso-level-number-position:left;
	text-indent:-.25in;}
@list l0:level8
	{mso-level-tab-stop:4.0in;
	mso-level-number-position:left;
	text-indent:-.25in;}
@list l0:level9
	{mso-level-tab-stop:4.5in;
	mso-level-number-position:left;
	text-indent:-.25in;}
ol
	{margin-bottom:0in;}
ul
	{margin-bottom:0in;}
-->
</style>
<!--[if gte mso 10]>
<style>
 /* Style Definitions */=20
 table.MsoNormalTable
	{mso-style-name:"Table Normal";
	mso-tstyle-rowband-size:0;
	mso-tstyle-colband-size:0;
	mso-style-noshow:yes;
	mso-style-parent:"";
	mso-padding-alt:0in 5.4pt 0in 5.4pt;
	mso-para-margin:0in;
	mso-para-margin-bottom:.0001pt;
	mso-pagination:widow-orphan;
	font-size:10.0pt;
	font-family:"Times New Roman";}
</style>
<![endif]-->
</head>

<body lang=3DEN-US link=3Dblue vlink=3Dpurple =
style=3D'tab-interval:.5in'>

<div class=3DSection1>

<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3DArial><span
style=3D'font-size:12.0pt;mso-bidi-font-family:Arial'>I am trying to =
find a tool
for administering and configuring all of our Apache servers in =
dev/test/prod.
The following requirements are necessary:<o:p></o:p></span></font></p>

<p class=3DMsoNormal =
style=3D'margin-left:1.5in;text-indent:-.25in;mso-list:l0 level1 lfo2;
tab-stops:list 1.5in'><![if !supportLists]><font size=3D3 =
face=3DSymbol><span
style=3D'font-size:12.0pt;font-family:Symbol;mso-fareast-font-family:Sym=
bol;
mso-bidi-font-family:Symbol'><span =
style=3D'mso-list:Ignore'>&middot;<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></font></span></span></font><![endif]><span =
style=3D'mso-bidi-font-family:
Arial'>GUI<o:p></o:p></span></p>

<p class=3DMsoNormal =
style=3D'margin-left:1.5in;text-indent:-.25in;mso-list:l0 level1 lfo2;
tab-stops:list 1.5in'><![if !supportLists]><font size=3D3 =
face=3DSymbol><span
style=3D'font-size:12.0pt;font-family:Symbol;mso-fareast-font-family:Sym=
bol;
mso-bidi-font-family:Symbol'><span =
style=3D'mso-list:Ignore'>&middot;<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></font></span></span></font><![endif]><span =
style=3D'mso-bidi-font-family:
Arial'>Ability to handle multiple applications per =
environment<o:p></o:p></span></p>

<p class=3DMsoNormal =
style=3D'margin-left:1.5in;text-indent:-.25in;mso-list:l0 level1 lfo2;
tab-stops:list 1.5in'><![if !supportLists]><font size=3D3 =
face=3DSymbol><span
style=3D'font-size:12.0pt;font-family:Symbol;mso-fareast-font-family:Sym=
bol;
mso-bidi-font-family:Symbol'><span =
style=3D'mso-list:Ignore'>&middot;<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></font></span></span></font><![endif]><span =
style=3D'mso-bidi-font-family:
Arial'>SSL management - alert when certs expire<o:p></o:p></span></p>

<p class=3DMsoNormal =
style=3D'margin-left:1.5in;text-indent:-.25in;mso-list:l0 level1 lfo2;
tab-stops:list 1.5in'><![if !supportLists]><font size=3D3 =
face=3DSymbol><span
style=3D'font-size:12.0pt;font-family:Symbol;mso-fareast-font-family:Sym=
bol;
mso-bidi-font-family:Symbol'><span =
style=3D'mso-list:Ignore'>&middot;<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></font></span></span></font><![endif]><span =
style=3D'mso-bidi-font-family:
Arial'>Server performance provisioning - allocate resources to the =
server
that needs it most<o:p></o:p></span></p>

<p class=3DMsoNormal =
style=3D'margin-left:1.5in;text-indent:-.25in;mso-list:l0 level1 lfo2;
tab-stops:list 1.5in'><![if !supportLists]><font size=3D3 =
face=3DSymbol><span
style=3D'font-size:12.0pt;font-family:Symbol;mso-fareast-font-family:Sym=
bol;
mso-bidi-font-family:Symbol'><span =
style=3D'mso-list:Ignore'>&middot;<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></font></span></span></font><![endif]><span =
style=3D'mso-bidi-font-family:
Arial'>Must work with Apache installs on Solaris<o:p></o:p></span></p>

<p class=3DMsoNormal =
style=3D'margin-left:1.5in;text-indent:-.25in;mso-list:l0 level1 lfo2;
tab-stops:list 1.5in'><![if !supportLists]><font size=3D3 =
face=3DSymbol><span
style=3D'font-size:12.0pt;font-family:Symbol;mso-fareast-font-family:Sym=
bol;
mso-bidi-font-family:Symbol'><span =
style=3D'mso-list:Ignore'>&middot;<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></font></span></span></font><![endif]><span =
style=3D'mso-bidi-font-family:
Arial'>Ability to administer all hosts from the same =
app<o:p></o:p></span></p>

<p class=3DMsoNormal =
style=3D'margin-left:1.5in;text-indent:-.25in;mso-list:l0 level1 lfo2;
tab-stops:list 1.5in'><![if !supportLists]><font size=3D3 =
face=3DSymbol><span
style=3D'font-size:12.0pt;font-family:Symbol;mso-fareast-font-family:Sym=
bol;
mso-bidi-font-family:Symbol'><span =
style=3D'mso-list:Ignore'>&middot;<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></font></span></span></font><![endif]><span =
style=3D'mso-bidi-font-family:
Arial'>Ability to configure all hosts from the same =
app<o:p></o:p></span></p>

<p class=3DMsoNormal =
style=3D'margin-left:1.5in;text-indent:-.25in;mso-list:l0 level1 lfo2;
tab-stops:list 1.5in'><![if !supportLists]><font size=3D3 =
face=3DSymbol><span
style=3D'font-size:12.0pt;font-family:Symbol;mso-fareast-font-family:Sym=
bol;
mso-bidi-font-family:Symbol'><span =
style=3D'mso-list:Ignore'>&middot;<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></font></span></span></font><![endif]><span =
style=3D'mso-bidi-font-family:
Arial'>Ability to tie in to Openview<o:p></o:p></span></p>

<p class=3DMsoNormal =
style=3D'margin-left:1.5in;text-indent:-.25in;mso-list:l0 level1 lfo2;
tab-stops:list 1.5in'><![if !supportLists]><font size=3D3 =
face=3DSymbol><span
style=3D'font-size:12.0pt;font-family:Symbol;mso-fareast-font-family:Sym=
bol;
mso-bidi-font-family:Symbol'><span =
style=3D'mso-list:Ignore'>&middot;<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></font></span></span></font><![endif]><span =
style=3D'mso-bidi-font-family:
Arial'>Reporting on site usage<o:p></o:p></span></p>

<p class=3DMsoNormal =
style=3D'margin-left:1.5in;text-indent:-.25in;mso-list:l0 level1 lfo2;
tab-stops:list 1.5in'><![if !supportLists]><font size=3D3 =
face=3DSymbol><span
style=3D'font-size:12.0pt;font-family:Symbol;mso-fareast-font-family:Sym=
bol;
mso-bidi-font-family:Symbol'><span =
style=3D'mso-list:Ignore'>&middot;<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></font></span></span></font><![endif]><span =
style=3D'mso-bidi-font-family:
Arial'>Low cost - good value for the dollars =
spent<o:p></o:p></span></p>

<p class=3DMsoNormal =
style=3D'margin-left:1.5in;text-indent:-.25in;mso-list:l0 level1 lfo2;
tab-stops:list 1.5in'><![if !supportLists]><font size=3D3 =
face=3DSymbol><span
style=3D'font-size:12.0pt;font-family:Symbol;mso-fareast-font-family:Sym=
bol;
mso-bidi-font-family:Symbol'><span =
style=3D'mso-list:Ignore'>&middot;<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></font></span></span></font><![endif]><span =
style=3D'mso-bidi-font-family:
Arial'>Central management point - Can use same tool from anywhere.
Either, it does not require an install on each individual's computer =
or,
if it must be installed on all computers, central =
storage.<o:p></o:p></span></p>

<p class=3DMsoNormal =
style=3D'margin-left:1.5in;text-indent:-.25in;mso-list:l0 level1 lfo2;
tab-stops:list 1.5in'><![if !supportLists]><font size=3D3 =
face=3DSymbol><span
style=3D'font-size:12.0pt;font-family:Symbol;mso-fareast-font-family:Sym=
bol;
mso-bidi-font-family:Symbol'><span =
style=3D'mso-list:Ignore'>&middot;<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></font></span></span></font><![endif]><span =
style=3D'mso-bidi-font-family:
Arial'>Role based activities - admin vs. power user vs. =
user<o:p></o:p></span></p>

<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3DArial><span
style=3D'font-size:12.0pt;mso-bidi-font-family:Arial'><o:p>&nbsp;</o:p><=
/span></font></p>

<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3DArial><span
style=3D'font-size:12.0pt;mso-bidi-font-family:Arial'>I have looked at =
Apache
Commander, but it does not have <font color=3D"#333333"><span =
style=3D'color:#333333'>reporting,
user roles, dynamic provisioning. Apache Conf does not have those =
either.
Mohawk looks promising, but the company is no longer around. I have not =
found
any other tools on the web that meet all the criteria. Does anyone know =
of a
tool that does all the =
above?</span></font><o:p></o:p></span></font></p>

<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;mso-bidi-font-family:Arial'><o:p>&nbsp;</o:p><=
/span></font></p>

<p class=3DMsoNormal style=3D'margin-left:.5in'><font size=3D3 =
face=3D"Comic Sans MS"><span
style=3D'font-size:12.0pt;font-family:"Comic Sans =
MS";mso-no-proof:yes'>Paul Breheny</span></font><span
style=3D'mso-no-proof:yes'><o:p></o:p></span></p>

</div>

</body>

</html>

------_=_NextPart_001_01C3FD6E.9D5D3110--

------------------------------

End of users Digest
***********************************


This e-mail, including attachments, may include confidential and/or
proprietary information, and may be used only by the person or entity to
which it is addressed. If the reader of this e-mail is not the intended
recipient or his or her authorized agent, the reader is hereby notified that
any dissemination, distribution or copying of this e-mail is prohibited. If
you have received this e-mail in error, please notify the sender by replying
to this message and delete this e-mail immediately.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message