httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mathijs <mathijs...@gmail.com>
Subject Re: [users@httpd] Problems in setting up a "HTTPS" based WebDAV server
Date Thu, 22 Mar 2012 13:01:12 GMT
Hi and welcome to Apache,

Some notes about your questions:

1) You probably shouldn't post private keys to public mailing lists

2) Try generating the self-signed key and certificate pair with this
command:
openssl req -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout ssl.key
-out ssl.crt
(No need for a passphrase either.)

3) The CN or Common Name in a SSL certificate should always match the Host
header in the http request. You are setting the Common Name to 127.0.0.1
and accessing the server with 'localhost', which causes a mismatch.

And finally, if you need urgent help, its often a better idea to join the
apache httpd channel on irc (#httpd on irc.freenode.net) instead of
repeatedly posting to the mailinglist.

On Thu, Mar 22, 2012 at 1:45 PM, Ajay Garg <ajaygargnsit@gmail.com> wrote:

> Ping .. :-)
>
> (On a serious note, I really need some help).
>
> Thanks and Regards,
> Ajay
>
>
> On Thu, Mar 22, 2012 at 10:14 AM, Ajay Garg <ajaygargnsit@gmail.com>wrote:
>
>> I came across talks wherein it was mentioned that there could be
>> mismatches in the "modulus" and "public exponent" of "server.key" and
>> "server.crt". I have done the tests (using "openssl" command), but both -
>> "modulus" and "public exponent" appear to be the same.
>>
>> For brevity, I am posting the contents ::
>>
>> server.key ::
>>
>>
>> ####################################################################################################################
>> -----BEGIN RSA PRIVATE KEY-----
>> Proc-Type: 4,ENCRYPTED
>> DEK-Info: AES-128-CBC,06A5864C289A29E8133ECDC689F27D91
>>
>> PYvc38+2ReDk6ZrWBIkl6kkfFzob56ZXNMjcB/Iz0yHhKj2NI79h5wli+TLD30PP
>> BdsFgF4GTjHuLseD80EulX1JpcfHWgGEL92/flO9eRpxUeu9UgE+BcMyxaa2q3HO
>> mHgozrTf+GNRJ+r6ApNDVAGPv2ysf8t78nHvS16m4NuX01Asc6v9+3A5jpLgZ8L/
>> /eXbE5OVCOgdU4pULrfRb79N2rcpfk9+dWKfHkAdFNpMLqK0tmyp/pzn/V9PDcQe
>> 5L2xxTHnw3A9TZYwW3YG0buKeFLInt1w9ZRyJ81XfmsVtrcaZiwtNH2oEfwLtxVo
>> rWDPGeIJbdPNRwCgsT8ysRFC8H6K47UN5EM95Fnn/SW/VuFo7nFtTDP73s9sJiwT
>> P//PZbUxW1kAsj0KmWN70zfJIwZoQ2ar79r6aa4BS8buqumSuzVGJGEGzFD6CbuE
>> 3YXnyflANuA8zvhS0x44+yqd+x2DQUb80S3tZebAyEakBqeGNQGbWwI2/VgA/mDL
>> 5O8niB9wu4CoC6z4PIFlhER5Pwo5MrYVPLzmak8/Ouw2Vo+a9lRrmr6BiSTHReMr
>> QZ3FMax+ZH8cWBzfd2/tp0uGu4kh0fik6JzPOY6wvOIvB6Q6nylOY0DiVkmEryt+
>> z4BzpxweNd0jd6x68fl3ZfK7a9GYrUr33Dan7Z1VUZm9iuusOgIQ3IxEO74gAvOU
>> +RabEs3VbeKCb9c32zAfYWnmZuqBgHRTKc0prSx/LANnjkG8VoMslXY0Uw4965Hd
>> JPzQ5FGuKTK+21eLtPelMye2uXFmkzpsPi/8/2Zk91UmasuMoJWK1hlSiztEP3I7
>> slbGdk2yJiC6JTCZltoAWVYH4Fr/QQasn36WwBnTTEgABXUsz+UqwIaSZK192L0Z
>> yOTuxYNE4loc3cUcUDPT9e8T6L9X6qcvNMkkY4E/HdvGizXB1scb6X9+Xn3s2aTS
>> cCO2udxWnBDJ21t7f8yVkRUt93dQ9JlLUEFgjWFkHkippj9N6PXE7aHnXt9LiUKs
>> Ooc9iEZFIhxICw51t/NXmq/2seoV1GgwysYdTdXbN0b1C7PVP2Nsy12zpcNbyCPT
>> XAqclsCGnBVU1FKA7Rjwua2uiPd05kE85pail6wRrMx0/8NnveVmQpVA1B5lcQb+
>> EL2baH9MnDkuMB02UHi/x+s+qBEHKUBQ0x4zK0Fb7sxw9Hr5XejxkAfZj4vOSLem
>> STajY7jcGNIcXlTkv4Uj2u065I+jiWzEI9DWZVU+AR0GnEXoTT5RzR+Dj15DjUYt
>> UqawF4vXWZh9egaygNxx/PBGnSKjtUEW4mTb13xW/0ZV+WrMntFPG8JqZyZeMDPI
>> 9gMW6PCr/KidIfDC8d0NRz1rWrSEVWqZ12UJJny0xvw3dnbvJ/T652iYo743owBl
>> 8yIKHFBtLv5muBQ52AYrOrYlD8E55B+25jwoY7z/5Ct9kjxCMPWjRiGDdDJIkg3g
>> y/LljDRLp4SFvLPAESJ6gepLPFOTuuAdiI3rQd94pTsGHCGLRamro1HW11bJ4nsk
>> vPw+MDFHebycRrEHTryL5+DOrbuwo14KbQGQxbT4JC0lEx/5W7w0KwfOp5p1f3zm
>> -----END RSA PRIVATE KEY-----
>>
>> ####################################################################################################################
>>
>>
>>
>>
>> server.crt ::
>>
>>
>> ####################################################################################################################
>> -----BEGIN CERTIFICATE-----
>> MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBiDELMAkGA1UEBhMCSU4x
>> DjAMBgNVBAgMBURlbGhpMQ4wDAYDVQQHDAVEZWxoaTEOMAwGA1UECgwFRGVsaGkx
>> DjAMBgNVBAsMBURlbGhpMRIwEAYDVQQDDAkxMjcuMC4wLjExJTAjBgkqhkiG9w0B
>> CQEWFmFqYXlnYXJnbnNpdEBnbWFpbC5jb20wHhcNMTIwMzIxMTMyMTUyWhcNMTMw
>> MzIxMTMyMTUyWjCBiDELMAkGA1UEBhMCSU4xDjAMBgNVBAgMBURlbGhpMQ4wDAYD
>> VQQHDAVEZWxoaTEOMAwGA1UECgwFRGVsaGkxDjAMBgNVBAsMBURlbGhpMRIwEAYD
>> VQQDDAkxMjcuMC4wLjExJTAjBgkqhkiG9w0BCQEWFmFqYXlnYXJnbnNpdEBnbWFp
>> bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCU8htaaJnsOTPD
>> AZQkNE7SHGvQ5RFsTqZOZeaNEV2F6LUqvK8ysmCnKVGE8F9+2we1I/W1bxNsx5f2
>> 2ifd2u/pROOPzO0xhlJzWJmJy0xeIcWceMNXUDLXr2ix8+b6LCPbzsyEGbg6IQAE
>> AyIMaFv3pA1nYjfEV9ntyF4SEkMgSQdCGfhqQY4ILvWoqbRZwQwKhPxzM6NXmPxW
>> kxelx6QUAlAwjqgMaHI+Fa2dk6NNTk9GWB3QYN24Cw+kFGv9f2UkJQlQ0qiC8R+d
>> Bh63oNdvZG5YR4QycqCFoPEdwcL2ak5hr8TfVx1sTA/75sswkKUrZYSrAbGgerN2
>> KsSWu6utAgMBAAGjUDBOMB0GA1UdDgQWBBQGl2ejA7PJlpC2bwp9gP0NlOwEgDAf
>> BgNVHSMEGDAWgBQGl2ejA7PJlpC2bwp9gP0NlOwEgDAMBgNVHRMEBTADAQH/MA0G
>> CSqGSIb3DQEBBQUAA4IBAQA93Hkimjlm5g8j7+rZq4sfVhBO7Opx7IoMtkcrmClM
>> AECUrzWnQfJoSWQCzW+Gaj9F/CXtQYKt0VnAdGD212CJ6dzhJR1UfTzwSVdzK4gl
>> C0Q7YqLZMp7GrpTSOB1rwxNAQwuhcJWiOQP1dRJF8OqSu8ywE5y2hNeCTiXZlLlH
>> p+RBxdtG30NJHDDoosx76fUVE4S2Ll3UKKBqXfrQmtF+QnHPEtSHk8cesVFymNU3
>> WtQhiAy58RYoU24RX/AcvV/PfFcEpXAVVNndwuZkhV+9uD2NzvkxhcVUx0CDSy/J
>> xdsjcda59LByv1K0J46hsWb5AuRbVos6u+O2CpcOj028
>> -----END CERTIFICATE-----
>>
>> ####################################################################################################################
>>
>>
>>
>> Regards,
>> Ajay
>>
>>
>> On Wed, Mar 21, 2012 at 6:55 PM, Ajay Garg <ajaygargnsit@gmail.com>wrote:
>>
>>> Well, I looked into "/etc/httpd/logs/error_log", and found that were
>>> some errors related to server-name not matching (don't remember the exact
>>> statement). But even then the service startup showed "OK", which apparently
>>> is a misnomer.
>>>
>>> Anyways, I regenerated "server.key" and "server.crt" by ::
>>>
>>>
>>> ##################################################################################################################
>>> [ajay@ajay ~]$ cd /etc/ssl/certs/
>>> [ajay@ajay certs]$ ls
>>> localhost.crt  make-dummy-cert  Makefile  server.crt  server.key
>>> [ajay@ajay certs]$ pwd
>>> /etc/ssl/certs
>>> [ajay@ajay certs]$ sudo rm server.key
>>> [ajay@ajay certs]$ sudo rm server.crt
>>> [ajay@ajay certs]$ sudo make server.key
>>> umask 77 ; \
>>> /usr/bin/openssl genrsa -aes128 2048 > server.key
>>> Generating RSA private key, 2048 bit long modulus
>>>
>>> ...........................................................................................+++
>>> .........................................+++
>>> e is 65537 (0x10001)
>>> Enter pass phrase:
>>> Verifying - Enter pass phrase:
>>> [ajay@ajay certs]$ sudo make server.crt
>>> umask 77 ; \
>>> /usr/bin/openssl req -utf8 -new -key server.key -x509 -days 365 -out
>>> server.crt -set_serial 0
>>> Enter pass phrase for server.key:
>>> You are about to be asked to enter information that will be incorporated
>>> into your certificate request.
>>> What you are about to enter is what is called a Distinguished Name or a
>>> DN.
>>> There are quite a few fields but you can leave some blank
>>> For some fields there will be a default value,
>>> If you enter '.', the field will be left blank.
>>> -----
>>> Country Name (2 letter code) [XX]:IN
>>> State or Province Name (full name) []:Delhi
>>> Locality Name (eg, city) [Default City]:Delhi
>>> Organization Name (eg, company) [Default Company Ltd]:Delhi
>>> Organizational Unit Name (eg, section) []:Delhi
>>> Common Name (eg, your name or your server's hostname) []:127.0.0.1
>>> Email Address []:ajaygargnsit@gmail.com
>>>
>>> ##################################################################################################################
>>>
>>>
>>>
>>>
>>>
>>>
>>> I then tried to start "httpd" ::
>>>
>>>
>>> ##################################################################################################################
>>> [ajay@ajay certs]$ sudo service httpd start
>>> Starting httpd: [Wed Mar 21 18:52:00 2012] [warn] module ssl_module is
>>> already loaded, skipping
>>>
>>> Apache/2.2.17 mod_ssl/2.2.17 (Pass Phrase Dialog)
>>> Some of your private key files are encrypted for security reasons.
>>> In order to read them you have to provide the pass phrases.
>>>
>>> Server 127.0.0.1:443 (RSA)
>>>
>>> Enter pass phrase:
>>>
>>> OK: Pass Phrase Dialog successful.
>>>                                                            [FAILED]
>>>
>>> ##################################################################################################################
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> and "/etc/httpd/logs/error_log" showed ::
>>>
>>>
>>> ##################################################################################################################
>>> [Wed Mar 21 18:52:00 2012] [notice] SELinux policy enabled; httpd
>>> running as context unconfined_u:system_r:httpd_t:s0
>>> [Wed Mar 21 18:52:00 2012] [notice] suEXEC mechanism enabled (wrapper:
>>> /usr/sbin/suexec)
>>> [Wed Mar 21 18:52:00 2012] [notice] SSL FIPS mode disabled
>>> [Wed Mar 21 18:52:02 2012] [warn] RSA server certificate is a CA
>>> certificate (BasicConstraints: CA == TRUE !?)
>>> [Wed Mar 21 18:52:02 2012] [error] Unable to configure RSA server
>>> private key
>>> [Wed Mar 21 18:52:02 2012] [error] SSL Library Error: 185073780
>>> error:0B080074:x509 certificate routines:X509_check_private_key:key values
>>> mismatch
>>>
>>> ##################################################################################################################
>>>
>>>
>>>
>>> Ideas.. ??
>>>
>>>
>>> Thanks and Regards,
>>> Ajay
>>>
>>>
>>>
>>>
>>> On Wed, Mar 21, 2012 at 5:37 PM, Ajay Garg <ajaygargnsit@gmail.com>wrote:
>>>
>>>> Hi all.
>>>>
>>>> I am afraid I am a newbie to Apache; and have been trying to setup a
>>>> HTTPS based WebDAV server using Apache2 on Fedora 14.
>>>>
>>>> Prior to this, I could get the HTTP based WebDAV server working, and
>>>> accessing the shares via gnome-nautilus worked like a charm :-)
>>>> Thus, I will present whatever I have tried to setup the HTTPS variant.
>>>>
>>>>
>>>> 1.
>>>> Following are the contents of "/etc/httpd/conf/httpd.conf"
>>>>
>>>> ##############################
>>>>
>>>> ###############################################################################################
>>>> #
>>>> # This is the main Apache server configuration file.  It contains the
>>>> # configuration directives that give the server its instructions.
>>>> # See <URL:http://httpd.apache.org/docs/2.2/> for detailed information.
>>>> # In particular, see
>>>> # <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
>>>> # for a discussion of each configuration directive.
>>>> #
>>>> #
>>>> # Do NOT simply read the instructions in here without understanding
>>>> # what they do.  They're here only as hints or reminders.  If you are
>>>> unsure
>>>> # consult the online docs. You have been warned.
>>>> #
>>>> # The configuration directives are grouped into three basic sections:
>>>> #  1. Directives that control the operation of the Apache server
>>>> process as a
>>>> #     whole (the 'global environment').
>>>> #  2. Directives that define the parameters of the 'main' or 'default'
>>>> server,
>>>> #     which responds to requests that aren't handled by a virtual host.
>>>> #     These directives also provide default values for the settings
>>>> #     of all virtual hosts.
>>>> #  3. Settings for virtual hosts, which allow Web requests to be sent to
>>>> #     different IP addresses or hostnames and have them handled by the
>>>> #     same Apache server process.
>>>> #
>>>> # Configuration and logfile names: If the filenames you specify for many
>>>> # of the server's control files begin with "/" (or "drive:/" for
>>>> Win32), the
>>>> # server will use that explicit path.  If the filenames do *not* begin
>>>> # with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
>>>> # with ServerRoot set to "/etc/httpd" will be interpreted by the
>>>> # server as "/etc/httpd/logs/foo.log".
>>>> #
>>>>
>>>> ### Section 1: Global Environment
>>>> #
>>>> # The directives in this section affect the overall operation of Apache,
>>>> # such as the number of concurrent requests it can handle or where it
>>>> # can find its configuration files.
>>>> #
>>>>
>>>> #
>>>> # Don't give away too much information about all the subcomponents
>>>> # we are running.  Comment out this line if you don't mind remote sites
>>>> # finding out what major optional modules you are running
>>>> ServerTokens OS
>>>>
>>>> #
>>>> # ServerRoot: The top of the directory tree under which the server's
>>>> # configuration, error, and log files are kept.
>>>> #
>>>> # NOTE!  If you intend to place this on an NFS (or otherwise network)
>>>> # mounted filesystem then please read the LockFile documentation
>>>> # (available at <URL:
>>>> http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>);
>>>> # you will save yourself a lot of trouble.
>>>> #
>>>> # Do NOT add a slash at the end of the directory path.
>>>> #
>>>> ServerRoot "/etc/httpd"
>>>>
>>>> #
>>>> # PidFile: The file in which the server should record its process
>>>> # identification number when it starts.  Note the PIDFILE variable in
>>>> # /etc/sysconfig/httpd must be set appropriately if this location is
>>>> # changed.
>>>> #
>>>> PidFile run/httpd.pid
>>>>
>>>> #
>>>> # Timeout: The number of seconds before receives and sends time out.
>>>> #
>>>> Timeout 60
>>>>
>>>> #
>>>> # KeepAlive: Whether or not to allow persistent connections (more than
>>>> # one request per connection). Set to "Off" to deactivate.
>>>> #
>>>> KeepAlive Off
>>>>
>>>> #
>>>> # MaxKeepAliveRequests: The maximum number of requests to allow
>>>> # during a persistent connection. Set to 0 to allow an unlimited amount.
>>>> # We recommend you leave this number high, for maximum performance.
>>>> #
>>>> MaxKeepAliveRequests 100
>>>>
>>>> #
>>>> # KeepAliveTimeout: Number of seconds to wait for the next request from
>>>> the
>>>> # same client on the same connection.
>>>> #
>>>> KeepAliveTimeout 5
>>>>
>>>> ##
>>>> ## Server-Pool Size Regulation (MPM specific)
>>>> ##
>>>>
>>>> # prefork MPM
>>>> # StartServers: number of server processes to start
>>>> # MinSpareServers: minimum number of server processes which are kept
>>>> spare
>>>> # MaxSpareServers: maximum number of server processes which are kept
>>>> spare
>>>> # ServerLimit: maximum value for MaxClients for the lifetime of the
>>>> server
>>>> # MaxClients: maximum number of server processes allowed to start
>>>> # MaxRequestsPerChild: maximum number of requests a server process
>>>> serves
>>>> <IfModule prefork.c>
>>>> StartServers       8
>>>> MinSpareServers    5
>>>> MaxSpareServers   20
>>>> ServerLimit      256
>>>> MaxClients       256
>>>> MaxRequestsPerChild  4000
>>>> </IfModule>
>>>>
>>>> # worker MPM
>>>> # StartServers: initial number of server processes to start
>>>> # MaxClients: maximum number of simultaneous client connections
>>>> # MinSpareThreads: minimum number of worker threads which are kept spare
>>>> # MaxSpareThreads: maximum number of worker threads which are kept spare
>>>> # ThreadsPerChild: constant number of worker threads in each server
>>>> process
>>>> # MaxRequestsPerChild: maximum number of requests a server process
>>>> serves
>>>> <IfModule worker.c>
>>>> StartServers         4
>>>> MaxClients         300
>>>> MinSpareThreads     25
>>>> MaxSpareThreads     75
>>>> ThreadsPerChild     25
>>>> MaxRequestsPerChild  0
>>>> </IfModule>
>>>>
>>>> #
>>>> # Listen: Allows you to bind Apache to specific IP addresses and/or
>>>> # ports, in addition to the default. See also the <VirtualHost>
>>>> # directive.
>>>> #
>>>> # Change this to Listen on specific IP addresses as shown below to
>>>> # prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
>>>> #
>>>> #Listen 12.34.56.78:80 <http://12.34.56.78/>
>>>> Listen 80
>>>>
>>>> #
>>>> # Dynamic Shared Object (DSO) Support
>>>> #
>>>> # To be able to use the functionality of a module which was built as a
>>>> DSO you
>>>> # have to place corresponding `LoadModule' lines at this location so the
>>>> # directives contained in it are actually available _before_ they are
>>>> used.
>>>> # Statically compiled modules (those listed by `httpd -l') do not need
>>>> # to be loaded here.
>>>> #
>>>> # Example:
>>>> # LoadModule foo_module modules/mod_foo.so
>>>> #
>>>> LoadModule auth_basic_module modules/mod_auth_basic.so
>>>> LoadModule auth_digest_module modules/mod_auth_digest.so
>>>> LoadModule authn_file_module modules/mod_authn_file.so
>>>> LoadModule authn_alias_module modules/mod_authn_alias.so
>>>> LoadModule authn_anon_module modules/mod_authn_anon.so
>>>> LoadModule authn_dbm_module modules/mod_authn_dbm.so
>>>> LoadModule authn_default_module modules/mod_authn_default.so
>>>> LoadModule authz_host_module modules/mod_authz_host.so
>>>> LoadModule authz_user_module modules/mod_authz_user.so
>>>> LoadModule authz_owner_module modules/mod_authz_owner.so
>>>> LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
>>>> LoadModule authz_dbm_module modules/mod_authz_dbm.so
>>>> LoadModule authz_default_module modules/mod_authz_default.so
>>>> LoadModule ldap_module modules/mod_ldap.so
>>>> LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
>>>> LoadModule include_module modules/mod_include.so
>>>> LoadModule log_config_module modules/mod_log_config.so
>>>> LoadModule logio_module modules/mod_logio.so
>>>> LoadModule env_module modules/mod_env.so
>>>> LoadModule ext_filter_module modules/mod_ext_filter.so
>>>> LoadModule mime_magic_module modules/mod_mime_magic.so
>>>> LoadModule expires_module modules/mod_expires.so
>>>> LoadModule deflate_module modules/mod_deflate.so
>>>> LoadModule headers_module modules/mod_headers.so
>>>> LoadModule usertrack_module modules/mod_usertrack.so
>>>> LoadModule setenvif_module modules/mod_setenvif.so
>>>> LoadModule mime_module modules/mod_mime.so
>>>> LoadModule dav_module modules/mod_dav.so
>>>> LoadModule status_module modules/mod_status.so
>>>> LoadModule autoindex_module modules/mod_autoindex.so
>>>> LoadModule info_module modules/mod_info.so
>>>> LoadModule dav_fs_module modules/mod_dav_fs.so
>>>> LoadModule vhost_alias_module modules/mod_vhost_alias.so
>>>> LoadModule negotiation_module modules/mod_negotiation.so
>>>> LoadModule dir_module modules/mod_dir.so
>>>> LoadModule actions_module modules/mod_actions.so
>>>> LoadModule speling_module modules/mod_speling.so
>>>> LoadModule userdir_module modules/mod_userdir.so
>>>> LoadModule alias_module modules/mod_alias.so
>>>> LoadModule substitute_module modules/mod_substitute.so
>>>> LoadModule rewrite_module modules/mod_rewrite.so
>>>> LoadModule proxy_module modules/mod_proxy.so
>>>> LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
>>>> LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
>>>> LoadModule proxy_http_module modules/mod_proxy_http.so
>>>> LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
>>>> LoadModule proxy_connect_module modules/mod_proxy_connect.so
>>>> LoadModule cache_module modules/mod_cache.so
>>>> LoadModule suexec_module modules/mod_suexec.so
>>>> LoadModule disk_cache_module modules/mod_disk_cache.so
>>>> LoadModule cgi_module modules/mod_cgi.so
>>>> LoadModule version_module modules/mod_version.so
>>>> LoadModule ssl_module modules/mod_ssl.so
>>>>
>>>> #
>>>> # The following modules are not loaded by default:
>>>> #
>>>> #LoadModule asis_module modules/mod_asis.so
>>>> #LoadModule authn_dbd_module modules/mod_authn_dbd.so
>>>> #LoadModule cern_meta_module modules/mod_cern_meta.so
>>>> #LoadModule cgid_module modules/mod_cgid.so
>>>> #LoadModule dbd_module modules/mod_dbd.so
>>>> #LoadModule dumpio_module modules/mod_dumpio.so
>>>> #LoadModule filter_module modules/mod_filter.so
>>>> #LoadModule ident_module modules/mod_ident.so
>>>> #LoadModule log_forensic_module modules/mod_log_forensic.so
>>>> #LoadModule unique_id_module modules/mod_unique_id.so
>>>> #
>>>>
>>>> #
>>>> # Load config files from the config directory "/etc/httpd/conf.d".
>>>> #
>>>> Include conf.d/*.conf
>>>>
>>>> #
>>>> # ExtendedStatus controls whether Apache will generate "full" status
>>>> # information (ExtendedStatus On) or just basic information
>>>> (ExtendedStatus
>>>> # Off) when the "server-status" handler is called. The default is Off.
>>>> #
>>>> #ExtendedStatus On
>>>>
>>>> #
>>>> # If you wish httpd to run as a different user or group, you must run
>>>> # httpd as root initially and it will switch.
>>>> #
>>>> # User/Group: The name (or #number) of the user/group to run httpd as.
>>>> #  . On SCO (ODT 3) use "User nouser" and "Group nogroup".
>>>> #  . On HPUX you may not be able to use shared memory as nobody, and the
>>>> #    suggested workaround is to create a user www and use that user.
>>>> #  NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
>>>> #  when the value of (unsigned)Group is above 60000;
>>>> #  don't use Group #-1 on these systems!
>>>> #
>>>> User apache
>>>> Group apache
>>>>
>>>> ### Section 2: 'Main' server configuration
>>>> #
>>>> # The directives in this section set up the values used by the 'main'
>>>> # server, which responds to any requests that aren't handled by a
>>>> # <VirtualHost> definition.  These values also provide defaults for
>>>> # any <VirtualHost> containers you may define later in the file.
>>>> #
>>>> # All of these directives may appear inside <VirtualHost> containers,
>>>> # in which case these default settings will be overridden for the
>>>> # virtual host being defined.
>>>> #
>>>>
>>>> #
>>>> # ServerAdmin: Your address, where problems with the server should be
>>>> # e-mailed.  This address appears on some server-generated pages, such
>>>> # as error documents.  e.g. admin@your-domain.com
>>>> #
>>>> ServerAdmin root@localhost
>>>>
>>>> #
>>>> # ServerName gives the name and port that the server uses to identify
>>>> itself.
>>>> # This can often be determined automatically, but we recommend you
>>>> specify
>>>> # it explicitly to prevent problems during startup.
>>>> #
>>>> # If this is not set to valid DNS name for your host, server-generated
>>>> # redirections will not work.  See also the UseCanonicalName directive.
>>>> #
>>>> # If your host doesn't have a registered DNS name, enter its IP address
>>>> here.
>>>> # You will have to access it by its address anyway, and this will make
>>>> # redirections work in a sensible way.
>>>> #
>>>> #ServerName www.example.com:80 <http://www.example.com/>
>>>>
>>>> #
>>>> # UseCanonicalName: Determines how Apache constructs self-referencing
>>>> # URLs and the SERVER_NAME and SERVER_PORT variables.
>>>> # When set "Off", Apache will use the Hostname and Port supplied
>>>> # by the client.  When set "On", Apache will use the value of the
>>>> # ServerName directive.
>>>> #
>>>> UseCanonicalName Off
>>>>
>>>> #
>>>> # DocumentRoot: The directory out of which you will serve your
>>>> # documents. By default, all requests are taken from this directory, but
>>>> # symbolic links and aliases may be used to point to other locations.
>>>> #
>>>> DocumentRoot "/var/www/html"
>>>>
>>>> #
>>>> # Each directory to which Apache has access can be configured with
>>>> respect
>>>> # to which services and features are allowed and/or disabled in that
>>>> # directory (and its subdirectories).
>>>> #
>>>> # First, we configure the "default" to be a very restrictive set of
>>>> # features.
>>>> #
>>>> <Directory />
>>>>     Options FollowSymLinks
>>>>     AllowOverride None
>>>> </Directory>
>>>>
>>>> #
>>>> # Note that from this point forward you must specifically allow
>>>> # particular features to be enabled - so if something's not working as
>>>> # you might expect, make sure that you have specifically enabled it
>>>> # below.
>>>> #
>>>>
>>>> #
>>>> # This should be changed to whatever you set DocumentRoot to.
>>>> #
>>>> <Directory "/var/www/html">
>>>>
>>>> #
>>>> # Possible values for the Options directive are "None", "All",
>>>> # or any combination of:
>>>> #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI
>>>> MultiViews
>>>> #
>>>> # Note that "MultiViews" must be named *explicitly* --- "Options All"
>>>> # doesn't give it to you.
>>>> #
>>>> # The Options directive is both complicated and important.  Please see
>>>> # http://httpd.apache.org/docs/2.2/mod/core.html#options
>>>> # for more information.
>>>> #
>>>>     Options Indexes FollowSymLinks
>>>>
>>>> #
>>>> # AllowOverride controls what directives may be placed in .htaccess
>>>> files.
>>>> # It can be "All", "None", or any combination of the keywords:
>>>> #   Options FileInfo AuthConfig Limit
>>>> #
>>>>     AllowOverride None
>>>>
>>>> #
>>>> # Controls who can get stuff from this server.
>>>> #
>>>>     Order allow,deny
>>>>     Allow from all
>>>>
>>>> </Directory>
>>>>
>>>> #
>>>> # UserDir: The name of the directory that is appended onto a user's home
>>>> # directory if a ~user request is received.
>>>> #
>>>> # The path to the end user account 'public_html' directory must be
>>>> # accessible to the webserver userid.  This usually means that ~userid
>>>> # must have permissions of 711, ~userid/public_html must have
>>>> permissions
>>>> # of 755, and documents contained therein must be world-readable.
>>>> # Otherwise, the client will only receive a "403 Forbidden" message.
>>>> #
>>>> # See also: http://httpd.apache.org/docs/misc/FAQ.html#forbidden
>>>> #
>>>> <IfModule mod_userdir.c>
>>>>     #
>>>>     # UserDir is disabled by default since it can confirm the presence
>>>>     # of a username on the system (depending on home directory
>>>>     # permissions).
>>>>     #
>>>>     UserDir disabled
>>>>
>>>>     #
>>>>     # To enable requests to /~user/ to serve the user's public_html
>>>>     # directory, remove the "UserDir disabled" line above, and uncomment
>>>>     # the following line instead:
>>>>     #
>>>>     #UserDir public_html
>>>>
>>>> </IfModule>
>>>>
>>>> #
>>>> # Control access to UserDir directories.  The following is an example
>>>> # for a site where these directories are restricted to read-only.
>>>> #
>>>> #<Directory /home/*/public_html>
>>>> #    AllowOverride FileInfo AuthConfig Limit
>>>> #    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
>>>> #    <Limit GET POST OPTIONS>
>>>> #        Order allow,deny
>>>> #        Allow from all
>>>> #    </Limit>
>>>> #    <LimitExcept GET POST OPTIONS>
>>>> #        Order deny,allow
>>>> #        Deny from all
>>>> #    </LimitExcept>
>>>> #</Directory>
>>>>
>>>> #
>>>> # DirectoryIndex: sets the file that Apache will serve if a directory
>>>> # is requested.
>>>> #
>>>> # The index.html.var file (a type-map) is used to deliver content-
>>>> # negotiated documents.  The MultiViews Option can be used for the
>>>> # same purpose, but it is much slower.
>>>> #
>>>> DirectoryIndex index.html index.html.var
>>>>
>>>> #
>>>> # AccessFileName: The name of the file to look for in each directory
>>>> # for additional configuration directives.  See also the AllowOverride
>>>> # directive.
>>>> #
>>>> AccessFileName .htaccess
>>>>
>>>> #
>>>> # The following lines prevent .htaccess and .htpasswd files from being
>>>> # viewed by Web clients.
>>>> #
>>>> <Files ~ "^\.ht">
>>>>     Order allow,deny
>>>>     Deny from all
>>>>     Satisfy All
>>>> </Files>
>>>>
>>>> #
>>>> # TypesConfig describes where the mime.types file (or equivalent) is
>>>> # to be found.
>>>> #
>>>> TypesConfig /etc/mime.types
>>>>
>>>> #
>>>> # DefaultType is the default MIME type the server will use for a
>>>> document
>>>> # if it cannot otherwise determine one, such as from filename
>>>> extensions.
>>>> # If your server contains mostly text or HTML documents, "text/plain" is
>>>> # a good value.  If most of your content is binary, such as applications
>>>> # or images, you may want to use "application/octet-stream" instead to
>>>> # keep browsers from trying to display binary files as though they are
>>>> # text.
>>>> #
>>>> DefaultType text/plain
>>>>
>>>> #
>>>> # The mod_mime_magic module allows the server to use various hints from
>>>> the
>>>> # contents of the file itself to determine its type.  The MIMEMagicFile
>>>> # directive tells the module where the hint definitions are located.
>>>> #
>>>> <IfModule mod_mime_magic.c>
>>>> #   MIMEMagicFile /usr/share/magic.mime
>>>>     MIMEMagicFile conf/magic
>>>> </IfModule>
>>>>
>>>> #
>>>> # HostnameLookups: Log the names of clients or just their IP addresses
>>>> # e.g., www.apache.org (on) or 204.62.129.132 (off).
>>>> # The default is off because it'd be overall better for the net if
>>>> people
>>>> # had to knowingly turn this feature on, since enabling it means that
>>>> # each client request will result in AT LEAST one lookup request to the
>>>> # nameserver.
>>>> #
>>>> HostnameLookups Off
>>>>
>>>> #
>>>> # EnableMMAP: Control whether memory-mapping is used to deliver
>>>> # files (assuming that the underlying OS supports it).
>>>> # The default is on; turn this off if you serve from NFS-mounted
>>>> # filesystems.  On some systems, turning it off (regardless of
>>>> # filesystem) can improve performance; for details, please see
>>>> # http://httpd.apache.org/docs/2.2/mod/core.html#enablemmap
>>>> #
>>>> #EnableMMAP off
>>>>
>>>> #
>>>> # EnableSendfile: Control whether the sendfile kernel support is
>>>> # used to deliver files (assuming that the OS supports it).
>>>> # The default is on; turn this off if you serve from NFS-mounted
>>>> # filesystems.  Please see
>>>> # http://httpd.apache.org/docs/2.2/mod/core.html#enablesendfile
>>>> #
>>>> #EnableSendfile off
>>>>
>>>> #
>>>> # ErrorLog: The location of the error log file.
>>>> # If you do not specify an ErrorLog directive within a <VirtualHost>
>>>> # container, error messages relating to that virtual host will be
>>>> # logged here.  If you *do* define an error logfile for a <VirtualHost>
>>>> # container, that host's errors will be logged there and not here.
>>>> #
>>>> ErrorLog logs/error_log
>>>>
>>>> #
>>>> # LogLevel: Control the number of messages logged to the error_log.
>>>> # Possible values include: debug, info, notice, warn, error, crit,
>>>> # alert, emerg.
>>>> #
>>>> LogLevel warn
>>>>
>>>> #
>>>> # The following directives define some format nicknames for use with
>>>> # a CustomLog directive (see below).
>>>> #
>>>> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
>>>> \"%{User-Agent}i\"" combined
>>>> LogFormat "%h %l %u %t \"%r\" %>s %b" common
>>>> LogFormat "%{Referer}i -> %U" referer
>>>> LogFormat "%{User-agent}i" agent
>>>>
>>>> # "combinedio" includes actual counts of actual bytes received (%I) and
>>>> sent (%O); this
>>>> # requires the mod_logio module to be loaded.
>>>> #LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
>>>> \"%{User-Agent}i\" %I %O" combinedio
>>>>
>>>> #
>>>> # The location and format of the access logfile (Common Logfile Format).
>>>> # If you do not define any access logfiles within a <VirtualHost>
>>>> # container, they will be logged here.  Contrariwise, if you *do*
>>>> # define per-<VirtualHost> access logfiles, transactions will be
>>>> # logged therein and *not* in this file.
>>>> #
>>>> #CustomLog logs/access_log common
>>>>
>>>> #
>>>> # If you would like to have separate agent and referer logfiles,
>>>> uncomment
>>>> # the following directives.
>>>> #
>>>> #CustomLog logs/referer_log referer
>>>> #CustomLog logs/agent_log agent
>>>>
>>>> #
>>>> # For a single logfile with access, agent, and referer information
>>>> # (Combined Logfile Format), use the following directive:
>>>> #
>>>> CustomLog logs/access_log combined
>>>>
>>>> #
>>>> # Optionally add a line containing the server version and virtual host
>>>> # name to server-generated pages (internal error documents, FTP
>>>> directory
>>>> # listings, mod_status and mod_info output etc., but not CGI generated
>>>> # documents or custom error documents).
>>>> # Set to "EMail" to also include a mailto: link to the ServerAdmin.
>>>> # Set to one of:  On | Off | EMail
>>>> #
>>>> ServerSignature On
>>>>
>>>> #
>>>> # Aliases: Add here as many aliases as you need (with no limit). The
>>>> format is
>>>> # Alias fakename realname
>>>> #
>>>> # Note that if you include a trailing / on fakename then the server will
>>>> # require it to be present in the URL.  So "/icons" isn't aliased in
>>>> this
>>>> # example, only "/icons/".  If the fakename is slash-terminated, then
>>>> the
>>>> # realname must also be slash terminated, and if the fakename omits the
>>>> # trailing slash, the realname must also omit it.
>>>> #
>>>> # We include the /icons/ alias for FancyIndexed directory listings.  If
>>>> you
>>>> # do not use FancyIndexing, you may comment this out.
>>>> #
>>>> Alias /icons/ "/var/www/icons/"
>>>>
>>>> <Directory "/var/www/icons">
>>>>     Options Indexes MultiViews FollowSymLinks
>>>>     AllowOverride None
>>>>     Order allow,deny
>>>>     Allow from all
>>>> </Directory>
>>>>
>>>> #
>>>> # WebDAV module configuration section.
>>>> #
>>>> <IfModule mod_dav_fs.c>
>>>>     # Location of the WebDAV lock database.
>>>>     DAVLockDB /var/lib/dav/lockdb
>>>> </IfModule>
>>>>
>>>> #
>>>> # ScriptAlias: This controls which directories contain server scripts.
>>>> # ScriptAliases are essentially the same as Aliases, except that
>>>> # documents in the realname directory are treated as applications and
>>>> # run by the server when requested rather than as documents sent to the
>>>> client.
>>>> # The same rules about trailing "/" apply to ScriptAlias directives as
>>>> to
>>>> # Alias.
>>>> #
>>>> ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
>>>>
>>>> #
>>>> # "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
>>>> # CGI directory exists, if you have that configured.
>>>> #
>>>> <Directory "/var/www/cgi-bin">
>>>>     AllowOverride None
>>>>     Options None
>>>>     Order allow,deny
>>>>     Allow from all
>>>> </Directory>
>>>>
>>>> #
>>>> # Redirect allows you to tell clients about documents which used to
>>>> exist in
>>>> # your server's namespace, but do not anymore. This allows you to tell
>>>> the
>>>> # clients where to look for the relocated document.
>>>> # Example:
>>>> # Redirect permanent /foo http://www.example.com/bar
>>>>
>>>> #
>>>> # Directives controlling the display of server-generated directory
>>>> listings.
>>>> #
>>>>
>>>> #
>>>> # IndexOptions: Controls the appearance of server-generated directory
>>>> # listings.
>>>> #
>>>> IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable
>>>> Charset=UTF-8
>>>>
>>>> #
>>>> # AddIcon* directives tell the server which icon to show for different
>>>> # files or filename extensions.  These are only displayed for
>>>> # FancyIndexed directories.
>>>> #
>>>> AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
>>>>
>>>> AddIconByType (TXT,/icons/text.gif) text/*
>>>> AddIconByType (IMG,/icons/image2.gif) image/*
>>>> AddIconByType (SND,/icons/sound2.gif) audio/*
>>>> AddIconByType (VID,/icons/movie.gif) video/*
>>>>
>>>> AddIcon /icons/binary.gif .bin .exe
>>>> AddIcon /icons/binhex.gif .hqx
>>>> AddIcon /icons/tar.gif .tar
>>>> AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
>>>> AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
>>>> AddIcon /icons/a.gif .ps .ai .eps
>>>> AddIcon /icons/layout.gif .html .shtml .htm .pdf
>>>> AddIcon /icons/text.gif .txt
>>>> AddIcon /icons/c.gif .c
>>>> AddIcon /icons/p.gif .pl .py
>>>> AddIcon /icons/f.gif .for
>>>> AddIcon /icons/dvi.gif .dvi
>>>> AddIcon /icons/uuencoded.gif .uu
>>>> AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
>>>> AddIcon /icons/tex.gif .tex
>>>> AddIcon /icons/bomb.gif core
>>>>
>>>> AddIcon /icons/back.gif ..
>>>> AddIcon /icons/hand.right.gif README
>>>> AddIcon /icons/folder.gif ^^DIRECTORY^^
>>>> AddIcon /icons/blank.gif ^^BLANKICON^^
>>>>
>>>> #
>>>> # DefaultIcon is which icon to show for files which do not have an icon
>>>> # explicitly set.
>>>> #
>>>> DefaultIcon /icons/unknown.gif
>>>>
>>>> #
>>>> # AddDescription allows you to place a short description after a file in
>>>> # server-generated indexes.  These are only displayed for FancyIndexed
>>>> # directories.
>>>> # Format: AddDescription "description" filename
>>>> #
>>>> #AddDescription "GZIP compressed document" .gz
>>>> #AddDescription "tar archive" .tar
>>>> #AddDescription "GZIP compressed tar archive" .tgz
>>>>
>>>> #
>>>> # ReadmeName is the name of the README file the server will look for by
>>>> # default, and append to directory listings.
>>>> #
>>>> # HeaderName is the name of a file which should be prepended to
>>>> # directory indexes.
>>>> ReadmeName README.html
>>>> HeaderName HEADER.html
>>>>
>>>> #
>>>> # IndexIgnore is a set of filenames which directory indexing should
>>>> ignore
>>>> # and not include in the listing.  Shell-style wildcarding is permitted.
>>>> #
>>>> IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
>>>>
>>>> #
>>>> # DefaultLanguage and AddLanguage allows you to specify the language of
>>>> # a document. You can then use content negotiation to give a browser a
>>>> # file in a language the user can understand.
>>>> #
>>>> # Specify a default language. This means that all data
>>>> # going out without a specific language tag (see below) will
>>>> # be marked with this one. You probably do NOT want to set
>>>> # this unless you are sure it is correct for all cases.
>>>> #
>>>> # * It is generally better to not mark a page as
>>>> # * being a certain language than marking it with the wrong
>>>> # * language!
>>>> #
>>>> # DefaultLanguage nl
>>>> #
>>>> # Note 1: The suffix does not have to be the same as the language
>>>> # keyword --- those with documents in Polish (whose net-standard
>>>> # language code is pl) may wish to use "AddLanguage pl .po" to
>>>> # avoid the ambiguity with the common suffix for perl scripts.
>>>> #
>>>> # Note 2: The example entries below illustrate that in some cases
>>>> # the two character 'Language' abbreviation is not identical to
>>>> # the two character 'Country' code for its country,
>>>> # E.g. 'Danmark/dk' versus 'Danish/da'.
>>>> #
>>>> # Note 3: In the case of 'ltz' we violate the RFC by using a three char
>>>> # specifier. There is 'work in progress' to fix this and get
>>>> # the reference data for rfc1766 cleaned up.
>>>> #
>>>> # Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
>>>> # English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German
>>>> (de)
>>>> # Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
>>>> # Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
>>>> # Norwegian (no) - Polish (pl) - Portugese (pt)
>>>> # Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
>>>> # Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese
>>>> (zh-TW)
>>>> #
>>>> AddLanguage ca .ca
>>>> AddLanguage cs .cz .cs
>>>> AddLanguage da .dk
>>>> AddLanguage de .de
>>>> AddLanguage el .el
>>>> AddLanguage en .en
>>>> AddLanguage eo .eo
>>>> AddLanguage es .es
>>>> AddLanguage et .et
>>>> AddLanguage fr .fr
>>>> AddLanguage he .he
>>>> AddLanguage hr .hr
>>>> AddLanguage it .it
>>>> AddLanguage ja .ja
>>>> AddLanguage ko .ko
>>>> AddLanguage ltz .ltz
>>>> AddLanguage nl .nl
>>>> AddLanguage nn .nn
>>>> AddLanguage no .no
>>>> AddLanguage pl .po
>>>> AddLanguage pt .pt
>>>> AddLanguage pt-BR .pt-br
>>>> AddLanguage ru .ru
>>>> AddLanguage sv .sv
>>>> AddLanguage zh-CN .zh-cn
>>>> AddLanguage zh-TW .zh-tw
>>>>
>>>> #
>>>> # LanguagePriority allows you to give precedence to some languages
>>>> # in case of a tie during content negotiation.
>>>> #
>>>> # Just list the languages in decreasing order of preference. We have
>>>> # more or less alphabetized them here. You probably want to change this.
>>>> #
>>>> LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn
>>>> no pl pt pt-BR ru sv zh-CN zh-TW
>>>>
>>>> #
>>>> # ForceLanguagePriority allows you to serve a result page rather than
>>>> # MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE
>>>> (Fallback)
>>>> # [in case no accepted languages matched the available variants]
>>>> #
>>>> ForceLanguagePriority Prefer Fallback
>>>>
>>>> #
>>>> # Specify a default charset for all content served; this enables
>>>> # interpretation of all content as UTF-8 by default.  To use the
>>>> # default browser choice (ISO-8859-1), or to allow the META tags
>>>> # in HTML content to override this choice, comment out this
>>>> # directive:
>>>> #
>>>> AddDefaultCharset UTF-8
>>>>
>>>> #
>>>> # AddType allows you to add to or override the MIME configuration
>>>> # file mime.types for specific file types.
>>>> #
>>>> #AddType application/x-tar .tgz
>>>>
>>>> #
>>>> # AddEncoding allows you to have certain browsers uncompress
>>>> # information on the fly. Note: Not all browsers support this.
>>>> # Despite the name similarity, the following Add* directives have
>>>> nothing
>>>> # to do with the FancyIndexing customization directives above.
>>>> #
>>>> #AddEncoding x-compress .Z
>>>> #AddEncoding x-gzip .gz .tgz
>>>>
>>>> # If the AddEncoding directives above are commented-out, then you
>>>> # probably should define those extensions to indicate media types:
>>>> #
>>>> AddType application/x-compress .Z
>>>> AddType application/x-gzip .gz .tgz
>>>>
>>>> #
>>>> #   MIME-types for downloading Certificates and CRLs
>>>> #
>>>> AddType application/x-x509-ca-cert .crt
>>>> AddType application/x-pkcs7-crl    .crl
>>>>
>>>> #
>>>> # AddHandler allows you to map certain file extensions to "handlers":
>>>> # actions unrelated to filetype. These can be either built into the
>>>> server
>>>> # or added with the Action directive (see below)
>>>> #
>>>> # To use CGI scripts outside of ScriptAliased directories:
>>>> # (You will also need to add "ExecCGI" to the "Options" directive.)
>>>> #
>>>> #AddHandler cgi-script .cgi
>>>>
>>>> #
>>>> # For files that include their own HTTP headers:
>>>> #
>>>> #AddHandler send-as-is asis
>>>>
>>>> #
>>>> # For type maps (negotiated resources):
>>>> # (This is enabled by default to allow the Apache "It Worked" page
>>>> #  to be distributed in multiple languages.)
>>>> #
>>>> AddHandler type-map var
>>>>
>>>> #
>>>> # Filters allow you to process content before it is sent to the client.
>>>> #
>>>> # To parse .shtml files for server-side includes (SSI):
>>>> # (You will also need to add "Includes" to the "Options" directive.)
>>>> #
>>>> AddType text/html .shtml
>>>> AddOutputFilter INCLUDES .shtml
>>>>
>>>> #
>>>> # Action lets you define media types that will execute a script whenever
>>>> # a matching file is called. This eliminates the need for repeated URL
>>>> # pathnames for oft-used CGI file processors.
>>>> # Format: Action media/type /cgi-script/location
>>>> # Format: Action handler-name /cgi-script/location
>>>> #
>>>>
>>>> #
>>>> # Customizable error responses come in three flavors:
>>>> # 1) plain text 2) local redirects 3) external redirects
>>>> #
>>>> # Some examples:
>>>> #ErrorDocument 500 "The server made a boo boo."
>>>> #ErrorDocument 404 /missing.html
>>>> #ErrorDocument 404 "/cgi-bin/missing_handler.pl"
>>>> #ErrorDocument 402 http://www.example.com/subscription_info.html
>>>> #
>>>>
>>>> #
>>>> # Putting this all together, we can internationalize error responses.
>>>> #
>>>> # We use Alias to redirect any /error/HTTP_<error>.html.var response to
>>>> # our collection of by-error message multi-language collections.  We
>>>> use
>>>> # includes to substitute the appropriate text.
>>>> #
>>>> # You can modify the messages' appearance without changing any of the
>>>> # default HTTP_<error>.html.var files by adding the line:
>>>> #
>>>> #   Alias /error/include/ "/your/include/path/"
>>>> #
>>>> # which allows you to create your own set of files by starting with the
>>>> # /var/www/error/include/ files and
>>>> # copying them to /your/include/path/, even on a per-VirtualHost basis.
>>>> #
>>>>
>>>> Alias /error/ "/var/www/error/"
>>>>
>>>> <IfModule mod_negotiation.c>
>>>> <IfModule mod_include.c>
>>>>     <Directory "/var/www/error">
>>>>         AllowOverride None
>>>>         Options IncludesNoExec
>>>>         AddOutputFilter Includes html
>>>>         AddHandler type-map var
>>>>         Order allow,deny
>>>>         Allow from all
>>>>         LanguagePriority en es de fr
>>>>         ForceLanguagePriority Prefer Fallback
>>>>     </Directory>
>>>>
>>>> #    ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
>>>> #    ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
>>>> #    ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
>>>> #    ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
>>>> #    ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
>>>> #    ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
>>>> #    ErrorDocument 410 /error/HTTP_GONE.html.var
>>>> #    ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
>>>> #    ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
>>>> #    ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
>>>> #    ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
>>>> #    ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
>>>> #    ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
>>>> #    ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
>>>> #    ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
>>>> #    ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
>>>> #    ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
>>>>
>>>> </IfModule>
>>>> </IfModule>
>>>>
>>>> #
>>>> # The following directives modify normal HTTP response behavior to
>>>> # handle known problems with browser implementations.
>>>> #
>>>> BrowserMatch "Mozilla/2" nokeepalive
>>>> BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
>>>> BrowserMatch "RealPlayer 4\.0" force-response-1.0
>>>> BrowserMatch "Java/1\.0" force-response-1.0
>>>> BrowserMatch "JDK/1\.0" force-response-1.0
>>>>
>>>> #
>>>> # The following directive disables redirects on non-GET requests for
>>>> # a directory that does not include the trailing slash.  This fixes a
>>>> # problem with Microsoft WebFolders which does not appropriately handle
>>>> # redirects for folders with DAV methods.
>>>> # Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
>>>> #
>>>> BrowserMatch "Microsoft Data Access Internet Publishing Provider"
>>>> redirect-carefully
>>>> BrowserMatch "MS FrontPage" redirect-carefully
>>>> BrowserMatch "^WebDrive" redirect-carefully
>>>> BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
>>>> BrowserMatch "^gnome-vfs/1.0" redirect-carefully
>>>> BrowserMatch "^XML Spy" redirect-carefully
>>>> BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
>>>>
>>>> #
>>>> # Allow server status reports generated by mod_status,
>>>> # with the URL of http://servername/server-status
>>>> # Change the ".example.com" to match your domain to enable.
>>>> #
>>>> #<Location /server-status>
>>>> #    SetHandler server-status
>>>> #    Order deny,allow
>>>> #    Deny from all
>>>> #    Allow from .example.com
>>>> #</Location>
>>>>
>>>> #
>>>> # Allow remote server configuration reports, with the URL of
>>>> #  http://servername/server-info (requires that mod_info.c be loaded).
>>>> # Change the ".example.com" to match your domain to enable.
>>>> #
>>>> #<Location /server-info>
>>>> #    SetHandler server-info
>>>> #    Order deny,allow
>>>> #    Deny from all
>>>> #    Allow from .example.com
>>>> #</Location>
>>>>
>>>> #
>>>> # Proxy Server directives. Uncomment the following lines to
>>>> # enable the proxy server:
>>>> #
>>>> #<IfModule mod_proxy.c>
>>>> #ProxyRequests On
>>>> #
>>>> #<Proxy *>
>>>> #    Order deny,allow
>>>> #    Deny from all
>>>> #    Allow from .example.com
>>>> #</Proxy>
>>>>
>>>> #
>>>> # Enable/disable the handling of HTTP/1.1 "Via:" headers.
>>>> # ("Full" adds the server version; "Block" removes all outgoing Via:
>>>> headers)
>>>> # Set to one of: Off | On | Full | Block
>>>> #
>>>> #ProxyVia On
>>>>
>>>> #
>>>> # To enable a cache of proxied content, uncomment the following lines.
>>>> # See http://httpd.apache.org/docs/2.2/mod/mod_cache.html for more
>>>> details.
>>>> #
>>>> #<IfModule mod_disk_cache.c>
>>>> #   CacheEnable disk /
>>>> #   CacheRoot "/var/cache/mod_proxy"
>>>> #</IfModule>
>>>> #
>>>>
>>>> #</IfModule>
>>>> # End of proxy directives.
>>>>
>>>> ### Section 3: Virtual Hosts
>>>> #
>>>> # VirtualHost: If you want to maintain multiple domains/hostnames on
>>>> your
>>>> # machine you can setup VirtualHost containers for them. Most
>>>> configurations
>>>> # use only name-based virtual hosts so the server doesn't need to worry
>>>> about
>>>> # IP addresses. This is indicated by the asterisks in the directives
>>>> below.
>>>> #
>>>> # Please see the documentation at
>>>> # <URL:http://httpd.apache.org/docs/2.2/vhosts/>
>>>> # for further details before you try to setup virtual hosts.
>>>> #
>>>> # You may use the command line option '-S' to verify your virtual host
>>>> # configuration.
>>>>
>>>> #
>>>> # Use name-based virtual hosting.
>>>> #
>>>> #NameVirtualHost *:80
>>>> #
>>>> # NOTE: NameVirtualHost cannot be used without a port specifier
>>>> # (e.g. :80) if mod_ssl is being used, due to the nature of the
>>>> # SSL protocol.
>>>> #
>>>>
>>>> #
>>>> # VirtualHost example:
>>>> # Almost any Apache directive may go into a VirtualHost container.
>>>> # The first VirtualHost section is used for requests without a known
>>>> # server name.
>>>> #
>>>> #<VirtualHost *:80>
>>>> #    ServerAdmin webmaster@dummy-host.example.com
>>>> #    DocumentRoot /www/docs/dummy-host.example.com
>>>> #    ServerName dummy-host.example.com
>>>> #    ErrorLog logs/dummy-host.example.com-error_log
>>>> #    CustomLog logs/dummy-host.example.com-access_log common
>>>> #</VirtualHost>
>>>>
>>>> NameVirtualHost *:443
>>>> <VirtualHost *:443>
>>>>         SSLEngine on
>>>>         SSLCipherSuite
>>>> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
>>>>
>>>>         SSLCertificateFile      /etc/ssl/certs/server.crt
>>>>         SSLCertificateKeyFile   /etc/ssl/certs/server.key
>>>>
>>>>         DocumentRoot /var/www/web1/web/
>>>>         <Directory /var/www/web1/web/>
>>>>                 Options Indexes MultiViews
>>>>                 AllowOverride None
>>>>                 Order allow,deny
>>>>                 allow from all
>>>>         </Directory>
>>>>
>>>>         Alias /webdav /var/www/web1/web
>>>>
>>>>         <Location /webdav>
>>>>            DAV On
>>>>            AuthType Basic
>>>>            AuthName "webdav"
>>>>            AuthUserFile /var/www/web1/passwd.dav
>>>>            Require valid-user
>>>>        </Location>
>>>>
>>>> </VirtualHost>
>>>>
>>>> ##########################################################################################################################
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> 2.
>>>> Following is the startup info when I do "sudo service httpd start" ::
>>>>
>>>>
>>>> ##########################################################################################################################
>>>> [ajay@ajay ~]$ sudo service httpd start
>>>> Starting httpd: [Wed Mar 21 11:20:59 2012] [warn] module ssl_module is
>>>> already loaded, skipping
>>>> httpd: Could not reliably determine the server's fully qualified domain
>>>> name, using ::1 for ServerName
>>>> Apache/2.2.17 mod_ssl/2.2.17 (Pass Phrase Dialog)
>>>> Some of your private key files are encrypted for security reasons.
>>>> In order to read them you have to provide the pass phrases.
>>>>
>>>> Server ::1:443 (RSA)
>>>> Enter pass phrase:
>>>>
>>>> OK: Pass Phrase Dialog successful.
>>>>                                                            [  OK  ]
>>>>
>>>> ##########################################################################################################################
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> 3.
>>>> Following are the parameters I enter in gnome-nautilus ::
>>>>
>>>>
>>>> ###########################################################################################################################
>>>> Service type:                       Secure WebDAV (HTTPS)
>>>> Server:                                localhost
>>>>
>>>> Optional information:
>>>> Port:                                    443
>>>> Folder:                                 webdav
>>>> User Name:
>>>>
>>>> Add bookmark
>>>> Bookmark name:
>>>>
>>>> ###########################################################################################################################
>>>>
>>>>
>>>>
>>>> 4.
>>>> Finally, upon clikcing "Connect", I get the popup with the following
>>>> message ::
>>>>
>>>>
>>>> ###########################################################################################################################
>>>> Cannot display location "davs://
>>>> localhost/webdav"
>>>>
>>>> HTTP Error: Cannot connect to destination (localhost)
>>>>
>>>> ###########################################################################################################################
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> I will be obliged for any pointers. I have been going nuts for three
>>>> days :|
>>>>
>>>> Looking forward to a reply.
>>>>
>>>>
>>>> Regards,
>>>> Ajay
>>>>
>>>
>>>
>>
>


-- 
Gr,

Mathijs

Mime
View raw message