httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stephen Collyer <>
Subject Re: [users@httpd] Apache 2.0.55 SSL and POST problem
Date Tue, 31 Jan 2006 15:12:48 GMT
Joe Orton wrote:
> On Tue, Jan 31, 2006 at 02:42:27PM +0000, Stephen Collyer wrote:
>>Joe Orton wrote:
>>>On Tue, Jan 31, 2006 at 12:34:27PM +0000, Stephen Collyer wrote:
>>>>I have an SSL enabled Apache 2.0.55, with a CGI enabled
>>>>Location accessible via SSL.
>>>>When I try to execute a POST against this location, I get
>>>>a 405 "Method not allowed" response.
>>>This is - which 
>>>was fixed in 2.2.0; you can apply this patch to 2.0.x releases:
>>Thanks - that certainly looks like the problem. I notice that there
>>are some potential workarounds mentioned on that page. Is there
>>an "official" workaround, or should someone with a 2.0 Apache simply
>>bite the bullet and apply the patch ? (or move to 2.2.0 ?)
> Ignore all the patches in the PR other than the one I referenced above - 
> that is the same as the code which went into 2.2.  There is no 
> "official" fix for 2.0 unless and until something gets committed, but 
> the above patch is as close as you'll get until then.

Right. Howver, by "workaround" I was referring to a configuration
change (maybe adding that SSLOptions +OptRenegotiate ?).

I'm unclear as to why the error message suggests a config fix, but
a patch is necessary - I guess the question is, if I can fix the
problem by changing the config (and it's not clear to me yet if I can),
what does the patch buy me ? The closing of a security hole maybe ?


Stephen Collyer
Netspinner Ltd

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message