You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Andrew M <an...@jibeya.com> on 2004/12/01 01:30:41 UTC
Re: [users@httpd] mod_jk2 https
Ralph,
I am using Apache 2.0.52 and have made the following amendments:
1. create a certificate file : /library/Apache2/conf/mysiteNew.crt
2. create a key file: /library/Apache2/conf/www.mysite.com.key
3. Amend the ssl.conf file:
<IfDefine SSL>
<VirtualHost 127.0.0.1:443>
......
SSLCertificateFile /Library/Apache2/conf/mysiteNew.crt
SSLCertificateKeyFile /Library/Apache2/conf/www.mysite.com.key
****** Start Note ***
RewriteEngine on
RewriteRule "^/WEB-INF/?(.*)" "$0" [L,F,NC]
RewriteRule "^/(.*)\.gif$" "$0" [L]
RewriteRule "^/(.*)\.jpg$" "$0" [L]
RewriteRule "^/(.*)\.swf$" "$0" [L]
RewriteRule "^/(.*)\.php$" "$0" [L]
RewriteRule "^/(.*)\.m3u$" "$0" [L]
RewriteRule "^/(.*)\.mp3$" "$0" [L]
RewriteRule "^/(.*)\.html$" "$0" [L]
RewriteRule (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$
https://localhost:8080/mysite/$1.$2 [P,L]
RewriteRule "^/(.*)" "https://localhost:8080/$1" [P]
ProxyPassReverse / https://localhost:8080/
***End Note ***
</virtualHost>
</IfDefine>
Note: Not sure about the rewrite code in the virtual host. The thinking
behind this is to be able to do https://www.mysite.com in the url and
be directed to port 8080!!! http://www.mysite.com works fine.
Suffice to say, when I enter https://www.mysite.com into the url I get
'the connection was refused when attempting to contact www.mysite.com'.
What am I doing wrong???
many thanks
Andrew
p.s. I have enabled port 443 in the firewall as well.
On 30 Nov 2004, at 22:10, Ralf Glauberman wrote:
> plain text please!
>
> did you have a look at the general https documentation. i think you
> will have to set up ssl as described there. try it, if you are having
> problems, ask again.
>
> ----- Original Message ----- From: Andrew M
> To: users@httpd.apache.org
> Sent: Tuesday, November 30, 2004 7:56 PM
> Subject: [users@httpd] mod_jk2 https
>
>
> Hi,
> I currently have apache sitting at the front end passing requests to
> jboss on port 8080 like so in my http.conf:
>
> # mod_jk2 configuration
> LoadModule jk2_module modules/mod_jk2.so
>
> # for jboss
> RewriteEngine on
>
> RewriteRule "^/WEB-INF/?(.*)" "$0" [L,F,NC]
> RewriteRule "^/(.*)\.gif$" "$0" [L]
> RewriteRule "^/(.*)\.jpg$" "$0" [L]
> RewriteRule "^/(.*)\.swf$" "$0" [L]
> RewriteRule "^/(.*)\.php$" "$0" [L]
> RewriteRule "^/(.*)\.m3u$" "$0" [L]
> RewriteRule "^/(.*)\.mp3$" "$0" [L]
> RewriteRule "^/(.*)\.html$" "$0" [L]
> RewriteRule (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$
> http://localhost:8080/mysite/$1.$2 [P,L]
> RewriteRule "^/(.*)" "http://localhost:8080/$1" [P]
> ProxyPassReverse / http://localhost:8080/
>
> How would I, in this instance, setup https? Bare with me if this seems
> fairly obvious as I have never worked with https before.
>
> many thanks
>
> p.s. How do I then go about creating/obtaining a certificate to sit in
> apache to make the whole ssl thing work?
> Andrew
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Hi,
I have port 80, in http.conf, like so:
Listen 127.0.0.1:80
and port 443, in ssl.conf, like so:
Listen 127.0.0.1:443
Now I get:
could not bind to address 127.0.0.1:443
no listening sockets available, shutting down
Unable to open logs
Any ideas?
thanks
Andrew
On 1 Dec 2004, at 21:27, Andrew M wrote:
> ralph,
> I have recreated a key with no encryption but now get the following
> message in the terminal window:
>
> ./apachectl start
> (13)Permission denied: make_sock: could not bind to address 0.0.0.0:443
> no listening sockets available, shutting down
> Unable to open logs
>
> or
>
> ./apachectl startssl
> (13)Permission denied: make_sock: could not bind to address 0.0.0.0:443
> no listening sockets available, shutting down
> Unable to open logs
>
> I have attached my new key
>
> regards
>
>
> Andrew
>
> <server.key>
>
> On 1 Dec 2004, at 20:59, Ralf Glauberman wrote:
>
>> like i sayed, your key-file is encrypted, try to use a unencrypted
>> one.
>>
>> ----- Original Message ----- From: "Andrew M" <an...@jibeya.com>
>> To: <us...@httpd.apache.org>
>> Sent: Wednesday, December 01, 2004 9:45 PM
>> Subject: Re: [users@httpd] mod_jk2 https
>>
>>
>>> Ralph,
>>> my test key and certificate look fine to me, take a look.
>>>
>>>
>>> regards
>>>
>>> Andrew
>>>
>>>
>>
>>
>> ----------------------------------------------------------------------
>> ----------
>>
>>
>>>
>>> On 1 Dec 2004, at 20:35, Ralf Glauberman wrote:
>>>
>>>> make sure your key-file and crt-file exist, belong together, are
>>>> valid
>>>> and readable for apache.
>>>> try a non-encripted certificate/key.
>>>> the key-file should look like this:
>>>> -----BEGIN RSA PRIVATE KEY-----
>>>> ...
>>>> -----END RSA PRIVATE KEY-----
>>>> the cert should look like this:
>>>> Certificate:
>>>> Data:
>>>> Version: 1 (0x0)
>>>> Serial Number: 4 (0x4)
>>>> Signature Algorithm: md5WithRSAEncryption
>>>> Issuer: ...
>>>> Validity
>>>> Not Before: Jun 21 12:51:40 2004 GMT
>>>> Not After : Dec 18 12:51:40 2004 GMT
>>>> Subject: ...
>>>> Subject Public Key Info:
>>>> Public Key Algorithm: rsaEncryption
>>>> RSA Public Key: (1024 bit)
>>>> Modulus (1024 bit):
>>>> ... other stuff
>>>> -----BEGIN CERTIFICATE-----
>>>> ...
>>>> ----END CERTIFICATE-----
>>>>
>>>>
>>>> ----- Original Message ----- From: Andrew M
>>>> To: users@httpd.apache.org
>>>> Sent: Wednesday, December 01, 2004 9:23 PM
>>>> Subject: Re: [users@httpd] mod_jk2 https
>>>>
>>>>
>>>> Ralph,
>>>> I removed all the IfDefine tags from both the http.conf and ssl.conf
>>>> files and then shut down. The server will now not boot up when I ask
>>>> it to, and when I check the error logs I get the following:
>>>>
>>>> [Wed Dec 01 20:19:23 2004] [error] Init: Unable to read pass phrase
>>>> [Hint: key introduced or changed before restart?]
>>>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218710120
>>>> error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
>>>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218529960
>>>> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
>>>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218595386
>>>> error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
>>>> error
>>>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218734605
>>>> error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
>>>>
>>>> regards
>>>>
>>>> Andrew
>>>>
>>>>
>>>> On 1 Dec 2004, at 20:11, Ralf Glauberman wrote:
>>>>
>>>>
>>>> make sure you have removed every ifdefined in both configs, stop the
>>>> server, look at ps -aux to see if all childs have exited, if not
>>>> kill
>>>> them. then start apache again. look at the error_log to see if there
>>>> are any problems.
>>>>
>>>> ----- Original Message ----- From: Andrew M
>>>> To: users@httpd.apache.org
>>>> Sent: Wednesday, December 01, 2004 8:58 PM
>>>> Subject: Re: [users@httpd] mod_jk2 https
>>>>
>>>>
>>>> Ralph,
>>>> already done. See message below. i attach version2 serv-info details
>>>> again.
>>>> Once I remove the tags, if I try to reboot the server it will not
>>>> shutdown, and I also cannot access the server at all!
>>>>
>>>> regards
>>>>
>>>> Andrew
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On 1 Dec 2004, at 19:44, Andrew M wrote:
>>>>
>>>>
>>>> Ralph,
>>>> looking at the server-info myself, I was unable to see the ssl
>>>> module
>>>> being pulled in. I did the following:
>>>>
>>>> #<IfDefine SSL>
>>>> LoadModule ssl_module modules/mod_ssl.so
>>>> #</IfDefine>
>>>>
>>>> and now I can see the ssl_mod component being pulled in to the
>>>> server-info. Is there an issue with these tags? Anyway, I enclose
>>>> version 2 of the server-info
>>>>
>>>> regards
>>>>
>>>> Andrew
>>>> <Server_Information2.html>
>>>>
>>>> On 1 Dec 2004, at 19:38, Andrew M wrote:
>>>>
>>>>
>>>> Ralph,
>>>> as requested, i have attached the server information.. ;-)
>>>>
>>>> regards
>>>>
>>>> Andrew
>>>> <Server_Information.html>
>>>> On 1 Dec 2004, at 19:31, Ralf Glauberman wrote:
>>>>
>>>>
>>>> i'm really sorry, but i did a mistake: it has to be server-info, not
>>>> server-status. could you please try this?
>>>>
>>>> ----- Original Message ----- From: Andrew M
>>>> To: users@httpd.apache.org
>>>> Sent: Wednesday, December 01, 2004 7:13 PM
>>>> Subject: Re: [users@httpd] mod_jk2 https
>>>>
>>>>
>>>> Ralf,
>>>> I have attached the information you requested as a html file.
>>>>
>>>> regards
>>>>
>>>> Andrew
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On 1 Dec 2004, at 17:52, Ralf Glauberman wrote:
>>>>
>>>>
>>>> <Location /server-status>
>>>> SetHandler server-status
>>>> Order deny,allow
>>>> Deny from all
>>>> Allow from 127.0.0.1
>>>> </Location>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>>
>>>>
>>>> <beya-email.gif>
>>>> +The home of urban music
>>>> + http://www.beyarecords.com
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>> <beya-email.gif>
>>>> +The home of urban music
>>>> + http://www.beyarecords.com
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>>
>>>
>>>
>>>
>>
>>
>> ----------------------------------------------------------------------
>> ----------
>>
>>
>>> ---------------------------------------------------------------------
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project.
>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
On to the third day,
and i still can't get SSL to work! I can access :80 via telnet but not
:443. i created my certificate using the example explained in the
attached htm page. My current http.conf and ssl.conf are also attached.
Can anyone please shed some light on this issue please. Going to sleep
now....
many thanks
Andrew
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Ralph,
ps -aux gives me:
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME
COMMAND
uzomaduj 192 5.6 5.7 162300 59492 ?? Ss 5:37PM 8:40.26
/System/Li
uzomaduj 752 1.2 1.2 160436 12656 ?? S 6:02PM 0:33.69
/Applicati
root 2 0.0 0.0 18608 212 ?? Ss 5:37PM 0:00.41
/sbin/mach
root 82 0.0 0.0 18092 212 ?? Ss 5:37PM 0:00.15
/usr/sbin/
root 88 0.0 0.2 29340 1776 ?? Ss 5:37PM 0:02.28
kextd
root 90 0.0 0.2 29920 2060 ?? Ss 5:37PM 0:00.79
/usr/sbin/
root 91 0.0 0.1 27888 1048 ?? Ss 5:37PM 0:00.93
/usr/sbin/
root 96 0.0 0.0 18676 268 ?? Ss 5:37PM 0:01.31
/usr/sbin/
root 122 0.0 0.0 27480 396 ?? Ss 5:37PM 0:02.82
netinfod -
root 124 0.0 0.0 18056 124 ?? Ss 5:37PM 0:04.11
update
root 128 0.0 0.0 27336 396 ?? S 5:37PM 0:00.00
/usr/libex
root 129 0.0 0.0 18080 132 ?? Ss 5:37PM 0:00.00
dynamic_pa
root 153 0.0 0.2 39480 2208 ?? Ss 5:37PM 0:02.57
/System/Li
root 159 0.0 0.0 27344 140 ?? Ss 5:37PM 0:00.01
/usr/sbin/
root 161 0.0 0.0 27612 188 ?? Ss 5:37PM 0:00.04
cron
root 162 0.0 0.1 27908 812 ?? S 5:37PM 0:00.04
/Library/S
root 165 0.0 0.1 27752 700 ?? Ss 5:37PM 0:01.37
/usr/sbin/
root 182 0.0 0.1 28900 1248 ?? Ss 5:37PM 0:00.58
/System/Li
nobody 186 0.0 0.1 27968 836 ?? Ss 5:37PM 0:00.05
/usr/sbin/
uzomaduj 201 0.0 0.4 80904 4672 ?? Ss 5:37PM 0:06.15
/System/Li
uzomaduj 208 0.0 0.6 127376 6096 ?? Ss 5:37PM 0:02.65
/System/Li
root 225 0.0 0.1 32268 1416 ?? Ss 5:37PM 0:01.13
/usr/sbin/
root 234 0.0 0.2 29176 1644 ?? Ss 5:38PM 0:06.47
/usr/sbin/
root 284 0.0 0.0 27328 152 ?? Ss 5:38PM 0:00.00
/usr/libex
root 297 0.0 0.0 20120 164 ?? Ss 5:38PM 0:00.00
nfsiod -n
root 310 0.0 0.0 18120 148 ?? Ss 5:38PM 0:00.00
rpc.lockd
root 319 0.0 0.1 29760 1272 ?? Ss 5:38PM 0:01.83
/usr/sbin/
root 329 0.0 0.1 28976 940 ?? Ss 5:38PM 0:00.02
/usr/sbin/
root 343 0.0 0.0 18320 344 ?? Ss 5:38PM 0:01.17
ntpd -f /v
root 350 0.0 0.1 29016 1212 ?? Ss 5:38PM 0:00.99
/usr/sbin/
root 370 0.0 0.0 27484 280 ?? Ss 5:38PM 0:00.05
xinetd -in
uzomaduj 372 0.0 0.2 45300 2116 ?? Ss 5:39PM 0:00.29
/System/Li
uzomaduj 378 0.0 0.4 146032 4428 ?? S 5:39PM 0:14.24
/System/Li
uzomaduj 379 0.0 0.6 159884 6276 ?? S 5:39PM 0:05.32
/System/Li
uzomaduj 380 0.0 2.0 176536 20764 ?? S 5:39PM 0:44.73
/System/Li
uzomaduj 382 0.0 0.3 147732 3452 ?? Ss 5:39PM 0:00.53
/System/Li
root 401 0.0 0.1 28548 1080 ?? Ss 5:39PM 0:00.36
nmbd
uzomaduj 508 0.0 1.5 164588 16120 ?? S 5:42PM 0:56.73
/Developer
root 690 0.0 0.1 27992 1080 ?? Ss 5:50PM 0:00.05
/System/Li
uzomaduj 703 0.0 0.2 37180 2152 ?? S 5:58PM 0:00.61
/System/Li
uzomaduj 745 0.0 4.2 244176 44152 ?? S 6:00PM 5:52.64
/Applicati
root 753 0.0 0.0 27540 496 p1 Ss 6:02PM 0:00.02
login -pf
uzomaduj 754 0.0 0.1 22652 904 p1 S 6:02PM 0:00.04
-tcsh
root 762 0.0 0.1 27856 644 p1 S 6:02PM 0:00.01
su - postg
postgres 763 0.0 0.1 18644 752 p1 S 6:02PM 0:00.02
-su
postgres 764 0.0 0.2 58072 1744 p1 S+ 6:02PM 0:00.21
/usr/local
postgres 766 0.0 0.0 58072 440 p1 S+ 6:02PM 0:00.55
postgres:
postgres 767 0.0 0.0 48912 164 p1 S+ 6:02PM 0:00.06
postgres:
postgres 768 0.0 0.0 48012 344 p1 S+ 6:02PM 0:00.01
postgres:
root 770 0.0 0.0 27540 504 p2 Ss 6:04PM 0:00.03
login -pf
uzomaduj 771 0.0 0.1 22652 908 p2 S 6:04PM 0:00.03
-tcsh
uzomaduj 779 0.0 0.1 18644 636 p2 S+ 6:04PM 0:00.02
sh ./run.s
uzomaduj 785 0.0 14.9 548660 156096 p2 S+ 6:04PM 7:11.19
java -serv
uzomaduj 787 0.0 3.1 188788 32836 ?? S 6:05PM 3:20.89
/Applicati
root 1426 0.0 0.0 27540 496 std Ss 9:10PM 0:00.01
login -pf
uzomaduj 1427 0.0 0.1 22652 916 std S 9:10PM 0:00.09
-tcsh
uzomaduj 1614 0.0 1.1 156320 11016 ?? S 9:20PM 0:01.24
/Applicati
root 1623 0.0 0.0 0 0 ?? Z 1Jan70 0:00.00
(sh)
root 1667 0.0 0.1 18132 716 std R+ 9:35PM 0:00.01
ps -aux
root 1632 0.0 0.0 0 0 ?? Z 1Jan70 0:00.00
(sh)
root 1 0.0 0.0 18072 304 ?? Ss 5:37PM 0:00.03
/sbin/init
can't see any other http-thread!
regards
Andrew
On 1 Dec 2004, at 21:35, Ralf Glauberman wrote:
> there is still an application bound to port 443. use ps -aux and make
> sure there is no http-thread running.
>
> ----- Original Message ----- From: "Andrew M" <an...@jibeya.com>
> To: <us...@httpd.apache.org>
> Sent: Wednesday, December 01, 2004 10:27 PM
> Subject: Re: [users@httpd] mod_jk2 https
>
>
>> ralph,
>> I have recreated a key with no encryption but now get the following
>> message in the terminal window:
>>
>> ./apachectl start
>> (13)Permission denied: make_sock: could not bind to address
>> 0.0.0.0:443
>> no listening sockets available, shutting down
>> Unable to open logs
>>
>> or
>>
>> ./apachectl startssl
>> (13)Permission denied: make_sock: could not bind to address
>> 0.0.0.0:443
>> no listening sockets available, shutting down
>> Unable to open logs
>>
>> I have attached my new key
>>
>> regards
>>
>>
>> Andrew
>>
>>
>
>
> -----------------------------------------------------------------------
> ---------
>
>
>>
>>
>> On 1 Dec 2004, at 20:59, Ralf Glauberman wrote:
>>
>>> like i sayed, your key-file is encrypted, try to use a unencrypted
>>> one.
>>>
>>> ----- Original Message ----- From: "Andrew M" <an...@jibeya.com>
>>> To: <us...@httpd.apache.org>
>>> Sent: Wednesday, December 01, 2004 9:45 PM
>>> Subject: Re: [users@httpd] mod_jk2 https
>>>
>>>
>>>> Ralph,
>>>> my test key and certificate look fine to me, take a look.
>>>>
>>>>
>>>> regards
>>>>
>>>> Andrew
>>>>
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> -- ---------
>>>
>>>
>>>>
>>>> On 1 Dec 2004, at 20:35, Ralf Glauberman wrote:
>>>>
>>>>> make sure your key-file and crt-file exist, belong together, are
>>>>> valid
>>>>> and readable for apache.
>>>>> try a non-encripted certificate/key.
>>>>> the key-file should look like this:
>>>>> -----BEGIN RSA PRIVATE KEY-----
>>>>> ...
>>>>> -----END RSA PRIVATE KEY-----
>>>>> the cert should look like this:
>>>>> Certificate:
>>>>> Data:
>>>>> Version: 1 (0x0)
>>>>> Serial Number: 4 (0x4)
>>>>> Signature Algorithm: md5WithRSAEncryption
>>>>> Issuer: ...
>>>>> Validity
>>>>> Not Before: Jun 21 12:51:40 2004 GMT
>>>>> Not After : Dec 18 12:51:40 2004 GMT
>>>>> Subject: ...
>>>>> Subject Public Key Info:
>>>>> Public Key Algorithm: rsaEncryption
>>>>> RSA Public Key: (1024 bit)
>>>>> Modulus (1024 bit):
>>>>> ... other stuff
>>>>> -----BEGIN CERTIFICATE-----
>>>>> ...
>>>>> ----END CERTIFICATE-----
>>>>>
>>>>>
>>>>> ----- Original Message ----- From: Andrew M
>>>>> To: users@httpd.apache.org
>>>>> Sent: Wednesday, December 01, 2004 9:23 PM
>>>>> Subject: Re: [users@httpd] mod_jk2 https
>>>>>
>>>>>
>>>>> Ralph,
>>>>> I removed all the IfDefine tags from both the http.conf and
>>>>> ssl.conf
>>>>> files and then shut down. The server will now not boot up when I
>>>>> ask
>>>>> it to, and when I check the error logs I get the following:
>>>>>
>>>>> [Wed Dec 01 20:19:23 2004] [error] Init: Unable to read pass phrase
>>>>> [Hint: key introduced or changed before restart?]
>>>>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218710120
>>>>> error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
>>>>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218529960
>>>>> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
>>>>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218595386
>>>>> error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
>>>>> error
>>>>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218734605
>>>>> error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
>>>>>
>>>>> regards
>>>>>
>>>>> Andrew
>>>>>
>>>>>
>>>>> On 1 Dec 2004, at 20:11, Ralf Glauberman wrote:
>>>>>
>>>>>
>>>>> make sure you have removed every ifdefined in both configs, stop
>>>>> the
>>>>> server, look at ps -aux to see if all childs have exited, if not
>>>>> kill
>>>>> them. then start apache again. look at the error_log to see if
>>>>> there
>>>>> are any problems.
>>>>>
>>>>> ----- Original Message ----- From: Andrew M
>>>>> To: users@httpd.apache.org
>>>>> Sent: Wednesday, December 01, 2004 8:58 PM
>>>>> Subject: Re: [users@httpd] mod_jk2 https
>>>>>
>>>>>
>>>>> Ralph,
>>>>> already done. See message below. i attach version2 serv-info
>>>>> details
>>>>> again.
>>>>> Once I remove the tags, if I try to reboot the server it will not
>>>>> shutdown, and I also cannot access the server at all!
>>>>>
>>>>> regards
>>>>>
>>>>> Andrew
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On 1 Dec 2004, at 19:44, Andrew M wrote:
>>>>>
>>>>>
>>>>> Ralph,
>>>>> looking at the server-info myself, I was unable to see the ssl
>>>>> module
>>>>> being pulled in. I did the following:
>>>>>
>>>>> #<IfDefine SSL>
>>>>> LoadModule ssl_module modules/mod_ssl.so
>>>>> #</IfDefine>
>>>>>
>>>>> and now I can see the ssl_mod component being pulled in to the
>>>>> server-info. Is there an issue with these tags? Anyway, I enclose
>>>>> version 2 of the server-info
>>>>>
>>>>> regards
>>>>>
>>>>> Andrew
>>>>> <Server_Information2.html>
>>>>>
>>>>> On 1 Dec 2004, at 19:38, Andrew M wrote:
>>>>>
>>>>>
>>>>> Ralph,
>>>>> as requested, i have attached the server information.. ;-)
>>>>>
>>>>> regards
>>>>>
>>>>> Andrew
>>>>> <Server_Information.html>
>>>>> On 1 Dec 2004, at 19:31, Ralf Glauberman wrote:
>>>>>
>>>>>
>>>>> i'm really sorry, but i did a mistake: it has to be server-info,
>>>>> not
>>>>> server-status. could you please try this?
>>>>>
>>>>> ----- Original Message ----- From: Andrew M
>>>>> To: users@httpd.apache.org
>>>>> Sent: Wednesday, December 01, 2004 7:13 PM
>>>>> Subject: Re: [users@httpd] mod_jk2 https
>>>>>
>>>>>
>>>>> Ralf,
>>>>> I have attached the information you requested as a html file.
>>>>>
>>>>> regards
>>>>>
>>>>> Andrew
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On 1 Dec 2004, at 17:52, Ralf Glauberman wrote:
>>>>>
>>>>>
>>>>> <Location /server-status>
>>>>> SetHandler server-status
>>>>> Order deny,allow
>>>>> Deny from all
>>>>> Allow from 127.0.0.1
>>>>> </Location>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> -------------------------------------------------------------------
>>>>> --
>>>>> The official User-To-User support forum of the Apache HTTP Server
>>>>> Project.
>>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>>
>>>>> -------------------------------------------------------------------
>>>>> --
>>>>> The official User-To-User support forum of the Apache HTTP Server
>>>>> Project.
>>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>>
>>>>>
>>>>>
>>>>> <beya-email.gif>
>>>>> +The home of urban music
>>>>> + http://www.beyarecords.com
>>>>>
>>>>> -------------------------------------------------------------------
>>>>> --
>>>>> The official User-To-User support forum of the Apache HTTP Server
>>>>> Project.
>>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>>
>>>>> <beya-email.gif>
>>>>> +The home of urban music
>>>>> + http://www.beyarecords.com
>>>>>
>>>>> -------------------------------------------------------------------
>>>>> --
>>>>> The official User-To-User support forum of the Apache HTTP Server
>>>>> Project.
>>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> -------------------------------------------------------------------
>>>>> --
>>>>> The official User-To-User support forum of the Apache HTTP Server
>>>>> Project.
>>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>>
>>>>> -------------------------------------------------------------------
>>>>> --
>>>>> The official User-To-User support forum of the Apache HTTP Server
>>>>> Project.
>>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>>
>>>>> -------------------------------------------------------------------
>>>>> --
>>>>> The official User-To-User support forum of the Apache HTTP Server
>>>>> Project.
>>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> -- ---------
>>>
>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>> ---------------------------------------------------------------------
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project.
>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>
>>
>>
>
>
> -----------------------------------------------------------------------
> ---------
>
>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Ralf Glauberman <rg...@michaeli-gymnasium.de>.
there is still an application bound to port 443. use ps -aux and make sure
there is no http-thread running.
----- Original Message -----
From: "Andrew M" <an...@jibeya.com>
To: <us...@httpd.apache.org>
Sent: Wednesday, December 01, 2004 10:27 PM
Subject: Re: [users@httpd] mod_jk2 https
> ralph,
> I have recreated a key with no encryption but now get the following
> message in the terminal window:
>
> ./apachectl start
> (13)Permission denied: make_sock: could not bind to address 0.0.0.0:443
> no listening sockets available, shutting down
> Unable to open logs
>
> or
>
> ./apachectl startssl
> (13)Permission denied: make_sock: could not bind to address 0.0.0.0:443
> no listening sockets available, shutting down
> Unable to open logs
>
> I have attached my new key
>
> regards
>
>
> Andrew
>
>
--------------------------------------------------------------------------------
>
>
> On 1 Dec 2004, at 20:59, Ralf Glauberman wrote:
>
>> like i sayed, your key-file is encrypted, try to use a unencrypted one.
>>
>> ----- Original Message ----- From: "Andrew M" <an...@jibeya.com>
>> To: <us...@httpd.apache.org>
>> Sent: Wednesday, December 01, 2004 9:45 PM
>> Subject: Re: [users@httpd] mod_jk2 https
>>
>>
>>> Ralph,
>>> my test key and certificate look fine to me, take a look.
>>>
>>>
>>> regards
>>>
>>> Andrew
>>>
>>>
>>
>>
>> -----------------------------------------------------------------------
>> ---------
>>
>>
>>>
>>> On 1 Dec 2004, at 20:35, Ralf Glauberman wrote:
>>>
>>>> make sure your key-file and crt-file exist, belong together, are
>>>> valid
>>>> and readable for apache.
>>>> try a non-encripted certificate/key.
>>>> the key-file should look like this:
>>>> -----BEGIN RSA PRIVATE KEY-----
>>>> ...
>>>> -----END RSA PRIVATE KEY-----
>>>> the cert should look like this:
>>>> Certificate:
>>>> Data:
>>>> Version: 1 (0x0)
>>>> Serial Number: 4 (0x4)
>>>> Signature Algorithm: md5WithRSAEncryption
>>>> Issuer: ...
>>>> Validity
>>>> Not Before: Jun 21 12:51:40 2004 GMT
>>>> Not After : Dec 18 12:51:40 2004 GMT
>>>> Subject: ...
>>>> Subject Public Key Info:
>>>> Public Key Algorithm: rsaEncryption
>>>> RSA Public Key: (1024 bit)
>>>> Modulus (1024 bit):
>>>> ... other stuff
>>>> -----BEGIN CERTIFICATE-----
>>>> ...
>>>> ----END CERTIFICATE-----
>>>>
>>>>
>>>> ----- Original Message ----- From: Andrew M
>>>> To: users@httpd.apache.org
>>>> Sent: Wednesday, December 01, 2004 9:23 PM
>>>> Subject: Re: [users@httpd] mod_jk2 https
>>>>
>>>>
>>>> Ralph,
>>>> I removed all the IfDefine tags from both the http.conf and ssl.conf
>>>> files and then shut down. The server will now not boot up when I ask
>>>> it to, and when I check the error logs I get the following:
>>>>
>>>> [Wed Dec 01 20:19:23 2004] [error] Init: Unable to read pass phrase
>>>> [Hint: key introduced or changed before restart?]
>>>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218710120
>>>> error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
>>>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218529960
>>>> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
>>>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218595386
>>>> error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
>>>> error
>>>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218734605
>>>> error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
>>>>
>>>> regards
>>>>
>>>> Andrew
>>>>
>>>>
>>>> On 1 Dec 2004, at 20:11, Ralf Glauberman wrote:
>>>>
>>>>
>>>> make sure you have removed every ifdefined in both configs, stop the
>>>> server, look at ps -aux to see if all childs have exited, if not kill
>>>> them. then start apache again. look at the error_log to see if there
>>>> are any problems.
>>>>
>>>> ----- Original Message ----- From: Andrew M
>>>> To: users@httpd.apache.org
>>>> Sent: Wednesday, December 01, 2004 8:58 PM
>>>> Subject: Re: [users@httpd] mod_jk2 https
>>>>
>>>>
>>>> Ralph,
>>>> already done. See message below. i attach version2 serv-info details
>>>> again.
>>>> Once I remove the tags, if I try to reboot the server it will not
>>>> shutdown, and I also cannot access the server at all!
>>>>
>>>> regards
>>>>
>>>> Andrew
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On 1 Dec 2004, at 19:44, Andrew M wrote:
>>>>
>>>>
>>>> Ralph,
>>>> looking at the server-info myself, I was unable to see the ssl module
>>>> being pulled in. I did the following:
>>>>
>>>> #<IfDefine SSL>
>>>> LoadModule ssl_module modules/mod_ssl.so
>>>> #</IfDefine>
>>>>
>>>> and now I can see the ssl_mod component being pulled in to the
>>>> server-info. Is there an issue with these tags? Anyway, I enclose
>>>> version 2 of the server-info
>>>>
>>>> regards
>>>>
>>>> Andrew
>>>> <Server_Information2.html>
>>>>
>>>> On 1 Dec 2004, at 19:38, Andrew M wrote:
>>>>
>>>>
>>>> Ralph,
>>>> as requested, i have attached the server information.. ;-)
>>>>
>>>> regards
>>>>
>>>> Andrew
>>>> <Server_Information.html>
>>>> On 1 Dec 2004, at 19:31, Ralf Glauberman wrote:
>>>>
>>>>
>>>> i'm really sorry, but i did a mistake: it has to be server-info, not
>>>> server-status. could you please try this?
>>>>
>>>> ----- Original Message ----- From: Andrew M
>>>> To: users@httpd.apache.org
>>>> Sent: Wednesday, December 01, 2004 7:13 PM
>>>> Subject: Re: [users@httpd] mod_jk2 https
>>>>
>>>>
>>>> Ralf,
>>>> I have attached the information you requested as a html file.
>>>>
>>>> regards
>>>>
>>>> Andrew
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On 1 Dec 2004, at 17:52, Ralf Glauberman wrote:
>>>>
>>>>
>>>> <Location /server-status>
>>>> SetHandler server-status
>>>> Order deny,allow
>>>> Deny from all
>>>> Allow from 127.0.0.1
>>>> </Location>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>> ---------------------------------------------------------------------
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>>
>>>>
>>>> <beya-email.gif>
>>>> +The home of urban music
>>>> + http://www.beyarecords.com
>>>>
>>>> ---------------------------------------------------------------------
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>> <beya-email.gif>
>>>> +The home of urban music
>>>> + http://www.beyarecords.com
>>>>
>>>> ---------------------------------------------------------------------
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>> ---------------------------------------------------------------------
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>> ---------------------------------------------------------------------
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>>
>>>
>>>
>>>
>>
>>
>> -----------------------------------------------------------------------
>> ---------
>>
>>
>>> ---------------------------------------------------------------------
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project.
>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>
>
>
--------------------------------------------------------------------------------
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
ralph,
I have recreated a key with no encryption but now get the following
message in the terminal window:
./apachectl start
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs
or
./apachectl startssl
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs
I have attached my new key
regards
Andrew
Re: [users@httpd] mod_jk2 https
Posted by Ralf Glauberman <rg...@michaeli-gymnasium.de>.
like i sayed, your key-file is encrypted, try to use a unencrypted one.
----- Original Message -----
From: "Andrew M" <an...@jibeya.com>
To: <us...@httpd.apache.org>
Sent: Wednesday, December 01, 2004 9:45 PM
Subject: Re: [users@httpd] mod_jk2 https
> Ralph,
> my test key and certificate look fine to me, take a look.
>
>
> regards
>
> Andrew
>
>
--------------------------------------------------------------------------------
>
> On 1 Dec 2004, at 20:35, Ralf Glauberman wrote:
>
>> make sure your key-file and crt-file exist, belong together, are valid
>> and readable for apache.
>> try a non-encripted certificate/key.
>> the key-file should look like this:
>> -----BEGIN RSA PRIVATE KEY-----
>> ...
>> -----END RSA PRIVATE KEY-----
>> the cert should look like this:
>> Certificate:
>> Data:
>> Version: 1 (0x0)
>> Serial Number: 4 (0x4)
>> Signature Algorithm: md5WithRSAEncryption
>> Issuer: ...
>> Validity
>> Not Before: Jun 21 12:51:40 2004 GMT
>> Not After : Dec 18 12:51:40 2004 GMT
>> Subject: ...
>> Subject Public Key Info:
>> Public Key Algorithm: rsaEncryption
>> RSA Public Key: (1024 bit)
>> Modulus (1024 bit):
>> ... other stuff
>> -----BEGIN CERTIFICATE-----
>> ...
>> ----END CERTIFICATE-----
>>
>>
>> ----- Original Message ----- From: Andrew M
>> To: users@httpd.apache.org
>> Sent: Wednesday, December 01, 2004 9:23 PM
>> Subject: Re: [users@httpd] mod_jk2 https
>>
>>
>> Ralph,
>> I removed all the IfDefine tags from both the http.conf and ssl.conf
>> files and then shut down. The server will now not boot up when I ask
>> it to, and when I check the error logs I get the following:
>>
>> [Wed Dec 01 20:19:23 2004] [error] Init: Unable to read pass phrase
>> [Hint: key introduced or changed before restart?]
>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218710120
>> error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218529960
>> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218595386
>> error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
>> error
>> [Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218734605
>> error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
>>
>> regards
>>
>> Andrew
>>
>>
>> On 1 Dec 2004, at 20:11, Ralf Glauberman wrote:
>>
>>
>> make sure you have removed every ifdefined in both configs, stop the
>> server, look at ps -aux to see if all childs have exited, if not kill
>> them. then start apache again. look at the error_log to see if there
>> are any problems.
>>
>> ----- Original Message ----- From: Andrew M
>> To: users@httpd.apache.org
>> Sent: Wednesday, December 01, 2004 8:58 PM
>> Subject: Re: [users@httpd] mod_jk2 https
>>
>>
>> Ralph,
>> already done. See message below. i attach version2 serv-info details
>> again.
>> Once I remove the tags, if I try to reboot the server it will not
>> shutdown, and I also cannot access the server at all!
>>
>> regards
>>
>> Andrew
>>
>>
>>
>>
>>
>>
>> On 1 Dec 2004, at 19:44, Andrew M wrote:
>>
>>
>> Ralph,
>> looking at the server-info myself, I was unable to see the ssl module
>> being pulled in. I did the following:
>>
>> #<IfDefine SSL>
>> LoadModule ssl_module modules/mod_ssl.so
>> #</IfDefine>
>>
>> and now I can see the ssl_mod component being pulled in to the
>> server-info. Is there an issue with these tags? Anyway, I enclose
>> version 2 of the server-info
>>
>> regards
>>
>> Andrew
>> <Server_Information2.html>
>>
>> On 1 Dec 2004, at 19:38, Andrew M wrote:
>>
>>
>> Ralph,
>> as requested, i have attached the server information.. ;-)
>>
>> regards
>>
>> Andrew
>> <Server_Information.html>
>> On 1 Dec 2004, at 19:31, Ralf Glauberman wrote:
>>
>>
>> i'm really sorry, but i did a mistake: it has to be server-info, not
>> server-status. could you please try this?
>>
>> ----- Original Message ----- From: Andrew M
>> To: users@httpd.apache.org
>> Sent: Wednesday, December 01, 2004 7:13 PM
>> Subject: Re: [users@httpd] mod_jk2 https
>>
>>
>> Ralf,
>> I have attached the information you requested as a html file.
>>
>> regards
>>
>> Andrew
>>
>>
>>
>>
>>
>>
>>
>> On 1 Dec 2004, at 17:52, Ralf Glauberman wrote:
>>
>>
>> <Location /server-status>
>> SetHandler server-status
>> Order deny,allow
>> Deny from all
>> Allow from 127.0.0.1
>> </Location>
>>
>>
>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>>
>> <beya-email.gif>
>> +The home of urban music
>> + http://www.beyarecords.com
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>> <beya-email.gif>
>> +The home of urban music
>> + http://www.beyarecords.com
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>
>
>
--------------------------------------------------------------------------------
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Ralph,
my test key and certificate look fine to me, take a look.
regards
Andrew
Re: [users@httpd] mod_jk2 https
Posted by Ralf Glauberman <rg...@michaeli-gymnasium.de>.
make sure your key-file and crt-file exist, belong together, are valid and
readable for apache.
try a non-encripted certificate/key.
the key-file should look like this:
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
the cert should look like this:
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 4 (0x4)
Signature Algorithm: md5WithRSAEncryption
Issuer: ...
Validity
Not Before: Jun 21 12:51:40 2004 GMT
Not After : Dec 18 12:51:40 2004 GMT
Subject: ...
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
... other stuff
-----BEGIN CERTIFICATE-----
...
----END CERTIFICATE-----
----- Original Message -----
From: Andrew M
To: users@httpd.apache.org
Sent: Wednesday, December 01, 2004 9:23 PM
Subject: Re: [users@httpd] mod_jk2 https
Ralph,
I removed all the IfDefine tags from both the http.conf and ssl.conf files
and then shut down. The server will now not boot up when I ask it to, and
when I check the error logs I get the following:
[Wed Dec 01 20:19:23 2004] [error] Init: Unable to read pass phrase [Hint:
key introduced or changed before restart?]
[Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218710120
error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
[Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218529960
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218595386
error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
[Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218734605
error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
regards
Andrew
On 1 Dec 2004, at 20:11, Ralf Glauberman wrote:
make sure you have removed every ifdefined in both configs, stop the server,
look at ps -aux to see if all childs have exited, if not kill them. then
start apache again. look at the error_log to see if there are any problems.
----- Original Message ----- From: Andrew M
To: users@httpd.apache.org
Sent: Wednesday, December 01, 2004 8:58 PM
Subject: Re: [users@httpd] mod_jk2 https
Ralph,
already done. See message below. i attach version2 serv-info details again.
Once I remove the tags, if I try to reboot the server it will not shutdown,
and I also cannot access the server at all!
regards
Andrew
On 1 Dec 2004, at 19:44, Andrew M wrote:
Ralph,
looking at the server-info myself, I was unable to see the ssl module being
pulled in. I did the following:
#<IfDefine SSL>
LoadModule ssl_module modules/mod_ssl.so
#</IfDefine>
and now I can see the ssl_mod component being pulled in to the server-info.
Is there an issue with these tags? Anyway, I enclose version 2 of the
server-info
regards
Andrew
<Server_Information2.html>
On 1 Dec 2004, at 19:38, Andrew M wrote:
Ralph,
as requested, i have attached the server information.. ;-)
regards
Andrew
<Server_Information.html>
On 1 Dec 2004, at 19:31, Ralf Glauberman wrote:
i'm really sorry, but i did a mistake: it has to be server-info, not
server-status. could you please try this?
----- Original Message ----- From: Andrew M
To: users@httpd.apache.org
Sent: Wednesday, December 01, 2004 7:13 PM
Subject: Re: [users@httpd] mod_jk2 https
Ralf,
I have attached the information you requested as a html file.
regards
Andrew
On 1 Dec 2004, at 17:52, Ralf Glauberman wrote:
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
<beya-email.gif>
+The home of urban music
+ http://www.beyarecords.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
<beya-email.gif>
+The home of urban music
+ http://www.beyarecords.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Ralph,
I removed all the IfDefine tags from both the http.conf and ssl.conf
files and then shut down. The server will now not boot up when I ask it
to, and when I check the error logs I get the following:
[Wed Dec 01 20:19:23 2004] [error] Init: Unable to read pass phrase
[Hint: key introduced or changed before restart?]
[Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218710120
error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
[Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218529960
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218595386
error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
error
[Wed Dec 01 20:19:23 2004] [error] SSL Library Error: 218734605
error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
regards
Andrew
On 1 Dec 2004, at 20:11, Ralf Glauberman wrote:
> make sure you have removed every ifdefined in both configs, stop the
> server, look at ps -aux to see if all childs have exited, if not kill
> them. then start apache again. look at the error_log to see if there
> are any problems.
>
> ----- Original Message ----- From: Andrew M
> To: users@httpd.apache.org
> Sent: Wednesday, December 01, 2004 8:58 PM
> Subject: Re: [users@httpd] mod_jk2 https
>
>
> Ralph,
> already done. See message below. i attach version2 serv-info details
> again.
> Once I remove the tags, if I try to reboot the server it will not
> shutdown, and I also cannot access the server at all!
>
> regards
>
> Andrew
>
>
>
>
>
>
> On 1 Dec 2004, at 19:44, Andrew M wrote:
>
>
> Ralph,
> looking at the server-info myself, I was unable to see the ssl module
> being pulled in. I did the following:
>
> #<IfDefine SSL>
> LoadModule ssl_module modules/mod_ssl.so
> #</IfDefine>
>
> and now I can see the ssl_mod component being pulled in to the
> server-info. Is there an issue with these tags? Anyway, I enclose
> version 2 of the server-info
>
> regards
>
> Andrew
> <Server_Information2.html>
>
> On 1 Dec 2004, at 19:38, Andrew M wrote:
>
>
> Ralph,
> as requested, i have attached the server information.. ;-)
>
> regards
>
> Andrew
> <Server_Information.html>
> On 1 Dec 2004, at 19:31, Ralf Glauberman wrote:
>
>
> i'm really sorry, but i did a mistake: it has to be server-info, not
> server-status. could you please try this?
>
> ----- Original Message ----- From: Andrew M
> To: users@httpd.apache.org
> Sent: Wednesday, December 01, 2004 7:13 PM
> Subject: Re: [users@httpd] mod_jk2 https
>
>
> Ralf,
> I have attached the information you requested as a html file.
>
> regards
>
> Andrew
>
>
>
>
>
>
>
> On 1 Dec 2004, at 17:52, Ralf Glauberman wrote:
>
>
> <Location /server-status>
> SetHandler server-status
> Order deny,allow
> Deny from all
> Allow from 127.0.0.1
> </Location>
>
>
>
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
> <beya-email.gif>
> +The home of urban music
> + http://www.beyarecords.com
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
> <beya-email.gif>
> +The home of urban music
> + http://www.beyarecords.com
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users@httpd] mod_jk2 https
Posted by Ralf Glauberman <rg...@michaeli-gymnasium.de>.
make sure you have removed every ifdefined in both configs, stop the server,
look at ps -aux to see if all childs have exited, if not kill them. then
start apache again. look at the error_log to see if there are any problems.
----- Original Message -----
From: Andrew M
To: users@httpd.apache.org
Sent: Wednesday, December 01, 2004 8:58 PM
Subject: Re: [users@httpd] mod_jk2 https
Ralph,
already done. See message below. i attach version2 serv-info details again.
Once I remove the tags, if I try to reboot the server it will not shutdown,
and I also cannot access the server at all!
regards
Andrew
On 1 Dec 2004, at 19:44, Andrew M wrote:
Ralph,
looking at the server-info myself, I was unable to see the ssl module being
pulled in. I did the following:
#<IfDefine SSL>
LoadModule ssl_module modules/mod_ssl.so
#</IfDefine>
and now I can see the ssl_mod component being pulled in to the server-info.
Is there an issue with these tags? Anyway, I enclose version 2 of the
server-info
regards
Andrew
<Server_Information2.html>
On 1 Dec 2004, at 19:38, Andrew M wrote:
Ralph,
as requested, i have attached the server information.. ;-)
regards
Andrew
<Server_Information.html>
On 1 Dec 2004, at 19:31, Ralf Glauberman wrote:
i'm really sorry, but i did a mistake: it has to be server-info, not
server-status. could you please try this?
----- Original Message ----- From: Andrew M
To: users@httpd.apache.org
Sent: Wednesday, December 01, 2004 7:13 PM
Subject: Re: [users@httpd] mod_jk2 https
Ralf,
I have attached the information you requested as a html file.
regards
Andrew
On 1 Dec 2004, at 17:52, Ralf Glauberman wrote:
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
<beya-email.gif>
+The home of urban music
+ http://www.beyarecords.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
<beya-email.gif>
+The home of urban music
+ http://www.beyarecords.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Ralph,
already done. See message below. i attach version2 serv-info details
again.
Once I remove the tags, if I try to reboot the server it will not
shutdown, and I also cannot access the server at all!
regards
Andrew
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Ralph,
looking at the server-info myself, I was unable to see the ssl module
being pulled in. I did the following:
#<IfDefine SSL>
LoadModule ssl_module modules/mod_ssl.so
#</IfDefine>
and now I can see the ssl_mod component being pulled in to the
server-info. Is there an issue with these tags? Anyway, I enclose
version 2 of the server-info
regards
Andrew
Re: [users@httpd] mod_jk2 https
Posted by Ralf Glauberman <rg...@michaeli-gymnasium.de>.
well, it seem to be the problem i have been thinking about. i can't see
anything about mod_ssl being loaded. try to remove every
<IfDefine SSL> from your httpd.conf and ssl.conf.
----- Original Message -----
From: Andrew M
To: users@httpd.apache.org
Sent: Wednesday, December 01, 2004 8:38 PM
Subject: Re: [users@httpd] mod_jk2 https
Ralph,
as requested, i have attached the server information.. ;-)
regards
Andrew
On 1 Dec 2004, at 19:31, Ralf Glauberman wrote:
i'm really sorry, but i did a mistake: it has to be server-info, not
server-status. could you please try this?
----- Original Message ----- From: Andrew M
To: users@httpd.apache.org
Sent: Wednesday, December 01, 2004 7:13 PM
Subject: Re: [users@httpd] mod_jk2 https
Ralf,
I have attached the information you requested as a html file.
regards
Andrew
On 1 Dec 2004, at 17:52, Ralf Glauberman wrote:
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
+The home of urban music
+ http://www.beyarecords.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Ralph,
as requested, i have attached the server information.. ;-)
regards
Andrew
Re: [users@httpd] httpd question
Posted by Gustavo Córdova Avila <gu...@q-voz.com>.
Luke Shannon wrote:
>[...!SNIP!...]
>
>2 questions.
>
OK, shoot.
>1. (maybe a ridulus question) Does Linux treat folders named public
>differently than other folders?
>
Definitely!!! (not!)
Nop, nothing really gets special-cased under linux, everything
is either a file, a filesystem directory, or a device (or pseudo-
device) mountpoint.
Unless "public" has some device or virtual filesystem mounted, it's
a plain directory, like anything else.
I really can't guess anything about this "public" directory which
is giving you headaches, without seeing your full httpd.conf file,
so I won't guess anything about it. Just in case, search your
config file for "public" or "/public" and check what you find.
>
>2. Does windows follow the access rules in httpd.conf the same as Linux?
>
NO! But it tries hard enough :-)
Actually, Apache under Windows does (or tries damn hard) to do
the right thing. allow and deny clauses work as they should under
both platforms.
>Thanks,
>
>Luke
>
Yer Welcome.
--
Gustavo Córdova Avila <gu...@q-voz.com>
<ma...@q-voz.com>
*Tel:* +52 (81) 8130-1919 ext. 127
Integraciones del Norte, S.A. de C.V.
Padua #6047, Colonia Satélite Acueducto
Monterrey, Nuevo León, México.
[users@httpd] httpd question
Posted by Luke Shannon <ls...@hypermedia.com>.
Hey All;
Sorry to keep bringing up the windows vs linux question.
I have this in my httpd.conf file:
#Include /usr/tomcat404/conf/auto/mod_jk.conf
JkWorkersFile "/usr/apache/apache_1.3.27/conf/jk/workers.properties"
JkLogFile "/usr/apache/apache_1.3.27/logs/mod_jk.log"
JkLogLevel info
JkMount / bob
JkMount /* bob
Here is the workers.properties content (no idea why they named the worker
bob):
ps=/
worker.list=bob
worker.bob.port=8009
worker.bob.host=10.208.3.203
worker.bob.type=ajp13
In Linux everything gets sent to Tomcat EXCEPT a folder called public in the
htdocs directory? On windows everything goes to Tomcat, even if I deny
access for all to the htdocs folder? This don't work like I think they
should on either platform.
2 questions.
1. (maybe a ridulus question) Does Linux treat folders named public
differently than other folders?
2. Does windows follow the access rules in httpd.conf the same as Linux?
Thanks,
Luke
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Ralf Glauberman <rg...@michaeli-gymnasium.de>.
i'm really sorry, but i did a mistake: it has to be server-info, not
server-status. could you please try this?
----- Original Message -----
From: Andrew M
To: users@httpd.apache.org
Sent: Wednesday, December 01, 2004 7:13 PM
Subject: Re: [users@httpd] mod_jk2 https
Ralf,
I have attached the information you requested as a html file.
regards
Andrew
On 1 Dec 2004, at 17:52, Ralf Glauberman wrote:
> <Location /server-status>
> SetHandler server-status
> Order deny,allow
> Deny from all
> Allow from 127.0.0.1
> </Location>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Ralf,
I have attached the information you requested as a html file.
regards
Andrew
Re: [users@httpd] mod_jk2 https
Posted by Ralf Glauberman <rg...@michaeli-gymnasium.de>.
no, i mean you shall enable mod_info
put this in your config if it isn't allready there:
LoadModule info_module modules/mod_info.so
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
then restart apache and open http://localhost/server-status
send this page to us.
----- Original Message -----
From: Andrew M
To: users@httpd.apache.org
Sent: Wednesday, December 01, 2004 6:13 PM
Subject: Re: [users@httpd] mod_jk2 https
Ralf,
do you mean check the logs?
regards
Andrew
On 1 Dec 2004, at 17:09, Ralf Glauberman wrote:
get a server-info page to see if your ssl.conf is processed by apache.
----- Original Message ----- From: "Andrew M" <an...@jibeya.com>
To: <us...@httpd.apache.org>
Sent: Wednesday, December 01, 2004 6:03 PM
Subject: Re: [users@httpd] mod_jk2 https
Ralf,
the output I get is:
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host
I have assigned 443 as an available port in my firewall. any further
suggestions?
regards
Andrew
On 1 Dec 2004, at 15:40, Ralf Glauberman wrote:
telnet localhost 443
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
+The home of urban music
+ http://www.beyarecords.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Ralf,
do you mean check the logs?
regards
Andrew
On 1 Dec 2004, at 17:09, Ralf Glauberman wrote:
> get a server-info page to see if your ssl.conf is processed by apache.
>
> ----- Original Message ----- From: "Andrew M" <an...@jibeya.com>
> To: <us...@httpd.apache.org>
> Sent: Wednesday, December 01, 2004 6:03 PM
> Subject: Re: [users@httpd] mod_jk2 https
>
>
>> Ralf,
>> the output I get is:
>>
>> Trying ::1...
>> telnet: connect to address ::1: Connection refused
>> Trying 127.0.0.1...
>> telnet: connect to address 127.0.0.1: Connection refused
>> telnet: Unable to connect to remote host
>>
>> I have assigned 443 as an available port in my firewall. any further
>> suggestions?
>>
>> regards
>>
>> Andrew
>> On 1 Dec 2004, at 15:40, Ralf Glauberman wrote:
>>
>>> telnet localhost 443
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users@httpd] mod_jk2 https
Posted by Ralf Glauberman <rg...@michaeli-gymnasium.de>.
get a server-info page to see if your ssl.conf is processed by apache.
----- Original Message -----
From: "Andrew M" <an...@jibeya.com>
To: <us...@httpd.apache.org>
Sent: Wednesday, December 01, 2004 6:03 PM
Subject: Re: [users@httpd] mod_jk2 https
> Ralf,
> the output I get is:
>
> Trying ::1...
> telnet: connect to address ::1: Connection refused
> Trying 127.0.0.1...
> telnet: connect to address 127.0.0.1: Connection refused
> telnet: Unable to connect to remote host
>
> I have assigned 443 as an available port in my firewall. any further
> suggestions?
>
> regards
>
> Andrew
> On 1 Dec 2004, at 15:40, Ralf Glauberman wrote:
>
>> telnet localhost 443
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Ralf,
the output I get is:
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host
I have assigned 443 as an available port in my firewall. any further
suggestions?
regards
Andrew
On 1 Dec 2004, at 15:40, Ralf Glauberman wrote:
> telnet localhost 443
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Ralf Glauberman <rg...@michaeli-gymnasium.de>.
so, try telnet localhost 443. and get a loalhost/server-info page (you'll
need mod_info). what does it say?
----- Original Message -----
From: Andrew M
To: users@httpd.apache.org
Sent: Wednesday, December 01, 2004 1:52 PM
Subject: Re: [users@httpd] mod_jk2 https
Ralf,
when I do telnet I get the following message:
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
So all is fine on http://127.0.0.1. I'm still being refused on
https://127.0.0.1
Andrew
On 1 Dec 2004, at 11:46, Ralf Glauberman wrote:
apache has nothing to do with ping!
the message in your log doesn't say anything about mod_ssl, its about
mod_auth_ldap which can't comunicate with an ldap-server over ssl. try lynx
http://localhost/ and lynx https://localhost/, if lynx can't connect, your
apache isn't running. if you don't have lynx, try telnet localhost 80.
what do you get?
ralf
----- Original Message ----- From: "Andrew M" <an...@jibeya.com>
To: <us...@httpd.apache.org>
Sent: Wednesday, December 01, 2004 11:05 AM
Subject: Re: [users@httpd] mod_jk2 https
Parviz,
yes apache is up and running, you can see this if you ping
www.beyarecords.com. You are right though, I can't see port 80 or 443
either! HELP!!!!
Andrew
On 1 Dec 2004, at 09:45, parviz wrote:
I cant see you listening on port 80 or 443. Is your apache up?
Parviz
On Wed, 2004-12-01 at 01:28, Andrew M wrote:
Parviz,
here is part of the output generated from netstat -an:
tcp4 0 0 81.98.165.128.4444 81.98.165.128.54548
ESTABLISHED
tcp4 0 0 81.98.165.128.54548 81.98.165.128.4444
ESTABLISHED
tcp4 0 0 127.0.0.1.57474 127.0.0.1.631
CLOSE_WAIT
tcp4 0 0 127.0.0.1.57473 127.0.0.1.631
CLOSE_WAIT
tcp4 0 0 81.98.165.128.53524 207.46.107.69.1863
ESTABLISHED
tcp46 0 0 *.8009 *.*
LISTEN
tcp46 0 0 *.8093 *.*
LISTEN
tcp4 0 0 81.98.165.128.3528 81.98.165.128.64161
ESTABLISHED
tcp4 0 0 81.98.165.128.64161 81.98.165.128.3528
ESTABLISHED
tcp46 0 0 *.3528 *.*
LISTEN
tcp46 0 0 *.8080 *.*
LISTEN
tcp46 0 0 *.4445 *.*
LISTEN
tcp46 0 0 *.4444 *.*
LISTEN
tcp46 0 0 *.8083 *.*
LISTEN
tcp46 0 0 *.1099 *.*
LISTEN
tcp46 0 0 *.1098 *.*
LISTEN
tcp4 0 0 81.98.165.128.50438 205.188.8.138.5190
ESTABLISHED
tcp4 0 0 *.* *.*
CLOSED
tcp4 0 0 *.5432 *.*
LISTEN
tcp6 0 0 *.5432 *.*
LISTEN
tcp4 0 0 *.* *.*
CLOSED
tcp4 0 0 *.* *.*
CLOSED
tcp4 0 0 *.139 *.*
LISTEN
tcp4 0 0 127.0.0.1.631 *.*
LISTEN
tcp4 0 0 127.0.0.1.1033 127.0.0.1.916
ESTABLISHED
tcp4 0 0 127.0.0.1.916 127.0.0.1.1033
ESTABLISHED
tcp4 0 0 127.0.0.1.1033 *.*
LISTEN
udp4 0 0 127.0.0.1.49814 127.0.0.1.49814
udp4 0 0 81.98.165.128.49810 *.*
udp6 0 0 ::1.49242 ::1.49242
udp4 0 0 81.98.165.128.138 *.*
udp4 0 0 81.98.165.128.137 *.*
udp4 0 0 *.138 *.*
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
udp4 0 0 *.137 *.*
udp4 0 0 *.631 *.*
udp4 0 0 127.0.0.1.49159 127.0.0.1.1022
udp4 0 0 127.0.0.1.49158 127.0.0.1.1022
udp4 0 0 127.0.0.1.1022 *.*
udp4 0 0 127.0.0.1.49156 127.0.0.1.1023
udp4 0 0 127.0.0.1.1023 *.*
udp4 0 0 81.98.165.128.123 *.*
udp4 0 0 127.0.0.1.123 *.*
udp4 0 0 *.123 *.*
udp4 0 0 *.5353 *.*
udp4 0 0 *.68 *.*
udp4 0 0 127.0.0.1.1033 *.*
udp4 0 0 *.514 *.*
udp6 0 0 *.514 *.*
icm6 0 0 *.* *.*
icm6 0 0 *.* *.*
regards
Andrew
On 1 Dec 2004, at 09:22, parviz wrote:
can you run "netstat -an". There are just lines that are
toolong and I
dont see the port number.
Parviz
On Wed, 2004-12-01 at 01:14, Andrew M wrote:
Parviz,
I ran netstat and got the following output:
Active Internet connections
Proto Recv-Q Send-Q Local Address Foreign
Address
(state)
tcp4 0 0 localhost.57474
localhost.ipp
CLOSE_WAIT
tcp4 0 0 localhost.57473
localhost.ipp
CLOSE_WAIT
tcp4 0 0 cpc3-nott2-5-0-c.53524
baym-cs269.msgr..msnp
ESTABLISHED
tcp4 0 0 cpc3-nott2-5-0-c.jboss
cpc3-nott2-5-0-c.64161ESTABLISHED
tcp4 0 0 cpc3-nott2-5-0-c.64161
cpc3-nott2-5-0-c.jbossESTABLISHED
tcp4 0 0 cpc3-nott2-5-0-c.50438
205.188.8.138.aol
ESTABLISHED
tcp4 0 0 localhost.netinfo-loca
localhost.916
ESTABLISHED
tcp4 0 0 localhost.916
localhost.netinfo-locaESTABLISHED
udp4 0 0 localhost.49814
localhost.49814
udp4 0 0 cpc3-nott2-5-0-c.49810
*.*
udp6 0 0 localhost.49242
localhost.49242
udp4 0 0 cpc3-nott2-5-0-c.netbi
*.*
udp4 0 0 cpc3-nott2-5-0-c.netbi
*.*
udp4 0 0 *.netbios-dgm
*.*
udp4 0 0 *.*
*.*
udp4 0 0 *.*
*.*
udp4 0 0 *.netbios-ns
*.*
udp4 0 0 *.ipp
*.*
udp4 0 0 localhost.49159
localhost.1022
udp4 0 0 localhost.49158
localhost.1022
udp4 0 0 localhost.1022
*.*
udp4 0 0 localhost.49156
localhost.1023
udp4 0 0 localhost.1023
*.*
udp4 0 0 cpc3-nott2-5-0-c.ntp
*.*
udp4 0 0 localhost.ntp
*.*
udp4 0 0 *.ntp
*.*
udp4 0 0 *.mdns
*.*
udp4 0 0 *.bootpc
*.*
udp4 0 0 localhost.netinfo-loca
*.*
udp4 0 0 *.syslog
*.*
udp6 0 0 *.514
*.*
icm6 0 0 *.*
*.*
icm6 0 0 *.*
*.*
Active LOCAL (UNIX) domain sockets
Address Type Recv-Q Send-Q Inode Conn
Refs Nextref Addr
1d9b118 stream 296 0 0 0
0 0
1d9b310 stream 0 0 0 1d9b5e8
0 0
1d9b5e8 stream 0 0 0 1d9b310
0 0
1d9b460 stream 0 0 0 1d9b5b0
0 0
1d9b5b0 stream 0 0 0 1d9b460
0 0
1d9b348 stream 0 0 0 0
0 0
1d9b070 stream 0 0 0 0
0 0
1d9b1c0 stream 0 0 2560e40 0
0
0/tmp/icssuis501
1d9b1f8 stream 0 0 0 1d9b2a0
0 0
1d9b2a0 stream 0 0 0 1d9b1f8
0 0
1d9b268 stream 0 0 0 1d9b2d8
0 0
1d9b2d8 stream 0 0 0 1d9b268
0 0
1d9b738 stream 0 0 0 1d9b700
0 0
1d9b700 stream 0 0 0 1d9b738
0 0
1d9b7a8 stream 0 0 2597b58 0
0
0/tmp/.s.PGSQL.5432
1d9b818 stream 0 0 0 1d9ba10
0 0
1d9ba10 stream 0 0 0 1d9b818
0 0
1d9b9a0 stream 0 0 0 1d9b7e0
0 0
1d9b7e0 stream 0 0 0 1d9b9a0
0 0
1d9b968 stream 0 0 0 1d9ba80
0 0
1d9ba80 stream 0 0 0 1d9b968
0 0
1d9baf0 stream 0 0 0 1d9ba48
0 0
1d9ba48 stream 0 0 0 1d9baf0
0 0
1d9b850 stream 0 0 0 1d9b888
0 0
1d9b888 stream 0 0 0 1d9b850
0 0
1d9b8c0 stream 0 0 0 1d9bb98
0 0
1d9bb98 stream 0 0 0 1d9b8c0
0 0
1d9bee0 stream 0 0 1fa27b8 0
0
0/var/run/mDNSResponder
1d9bf18 stream 0 0 1f4a428 0
0
0/var/run/pppconfd
1d9bc08 dgram 0 0 0 1d9bfc0
0 1d9bbd0
1d9b188 dgram 0 0 0 1d9b658
1d9b658 0
1d9b658 dgram 0 0 0 1d9b188
1d9b188 0
1d9b3b8 dgram 0 0 0 1d9b230
1d9b230 0
1d9b230 dgram 0 0 0 1d9b3b8
1d9b3b8 0
1d9b540 dgram 0 0 0 1d9b498
1d9b498 0
1d9b498 dgram 0 0 0 1d9b540
1d9b540 0
1d9b578 dgram 0 0 0 1d9b4d0
1d9b4d0 0
1d9b4d0 dgram 0 0 0 1d9b578
1d9b578 0
1d9bbd0 dgram 0 0 0 1d9bfc0
0 1d9bab8
1d9bab8 dgram 0 0 0 1d9bfc0
0 1d9b930
1d9b930 dgram 0 0 0 1d9bfc0
0 1d9b9d8
1d9b9d8 dgram 0 0 0 1d9bfc0
0 1d9bd90
1d9bd90 dgram 0 0 0 1d9bfc0
0 1d9bb28
1d9bb28 dgram 0 0 0 1d9bfc0
0 1d9bb60
1d9bb60 dgram 0 0 0 1d9bfc0
0 1d9bcb0
1d9bcb0 dgram 0 0 0 1d9bfc0
0 1d9bd20
1d9bd20 dgram 0 0 0 1d9bfc0
0 1d9bce8
1d9bce8 dgram 0 0 0 1d9bfc0
0 1d9bea8
1d9bd58 dgram 0 0 0 1d9bc40
1d9bc40 0
1d9bc40 dgram 0 0 0 1d9bd58
1d9bd58 0
1d9bea8 dgram 0 0 0 1d9bfc0
0 1d9bc78
1d9bc78 dgram 0 0 0 1d9bfc0
0 1d9bf88
1d9bf88 dgram 0 0 0 1d9bfc0
0 1d9be38
1d9bdc8 dgram 0 0 0 1d9be00
1d9be00 0
1d9be00 dgram 0 0 0 1d9bdc8
1d9bdc8 0
1d9be38 dgram 0 0 0 1d9bfc0
0 1d9be70
1d9be70 dgram 0 0 0 1d9bfc0
0 1d9bf50
1d9bf50 dgram 0 0 0 1d9bfc0
0 0
1d9bfc0 dgram 0 0 1dd5610 0
1d9bc08
0/var/run/syslog
Andrew
On 1 Dec 2004, at 08:53, parviz wrote:
I didnt look at your config in detail. But
that error
messagealone
makes me think that either your tomcat(port
8080) or port 443
is not
listening on the right socket. for example
tomcat is listening
on
127.0.0.1:8080 but your trying to go
www.mysite.com:8080 (
which
resolves to some pulicIp:8080). Or something
similar. Lets run
netstat
and make sure port 443 and 8080 is listening
where they
should.
Parviz
On Tue, 2004-11-30 at 16:30, Andrew M wrote:
Ralph,
I am using Apache 2.0.52 and have made
the following
amendments:
1. create a certificate file :
/library/Apache2/conf/mysiteNew.crt
2. create a key file:
/library/Apache2/conf/www.mysite.com.key
3. Amend the ssl.conf file:
<IfDefine SSL>
<VirtualHost 127.0.0.1:443>
......
SSLCertificateFile
/Library/Apache2/conf/mysiteNew.crt
SSLCertificateKeyFile
/Library/Apache2/conf/www.mysite.com.key
****** Start Note ***
RewriteEngine on
RewriteRule "^/WEB-INF/?(.*)" "$0"
[L,F,NC]
RewriteRule "^/(.*)\.gif$" "$0" [L]
RewriteRule "^/(.*)\.jpg$" "$0" [L]
RewriteRule "^/(.*)\.swf$" "$0" [L]
RewriteRule "^/(.*)\.php$" "$0" [L]
RewriteRule "^/(.*)\.m3u$" "$0" [L]
RewriteRule "^/(.*)\.mp3$" "$0" [L]
RewriteRule "^/(.*)\.html$" "$0" [L]
RewriteRule
(.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$https://localhost:8080/mysite/
$1.$2[P,L]
RewriteRule "^/(.*)"
"https://localhost:8080/$1" [P]
ProxyPassReverse /
https://localhost:8080/
***End Note ***
</virtualHost>
</IfDefine>
Note: Not sure about the rewrite code
in the virtual
host. Thethinking
behind this is to be able to do
https://www.mysite.com
in theurl and
be directed to port 8080!!!
http://www.mysite.com
works fine.
Suffice to say, when I enter
https://www.mysite.com
into the url I
get'the connection was refused when
attempting to
contactwww.mysite.com'. What am I
doing wrong???
many thanks
Andrew
p.s. I have enabled port 443 in the
firewall as well.
On 30 Nov 2004, at 22:10, Ralf
Glauberman wrote:
plain text please!
did you have a look at the
general https
documentation. i
think youwill have to set up
ssl as described
there. try it,
if you are havingproblems, ask
again.
----- Original Message -----
From: Andrew M
To: users@httpd.apache.org
Sent: Tuesday, November 30,
2004 7:56 PM
Subject: [users@httpd] mod_jk2
https
Hi,
I currently have apache
sitting at the front
end passing
requests tojboss on port 8080
like so in my
http.conf:
# mod_jk2 configuration
LoadModule jk2_module
modules/mod_jk2.so
# for jboss
RewriteEngine on
RewriteRule "^/WEB-INF/?(.*)"
"$0" [L,F,NC]
RewriteRule "^/(.*)\.gif$"
"$0" [L]
RewriteRule "^/(.*)\.jpg$"
"$0" [L]
RewriteRule "^/(.*)\.swf$"
"$0" [L]
RewriteRule "^/(.*)\.php$"
"$0" [L]
RewriteRule "^/(.*)\.m3u$"
"$0" [L]
RewriteRule "^/(.*)\.mp3$"
"$0" [L]
RewriteRule "^/(.*)\.html$"
"$0" [L]
RewriteRule
(.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$http://localhost:8080/mysite/
$1.$2[P,L]
RewriteRule "^/(.*)"
"http://localhost:8080/$1" [P]
ProxyPassReverse /
http://localhost:8080/
How would I, in this instance,
setup https?
Bare with me if
this seemsfairly obvious as I
have never
worked with https
before.
many thanks
p.s. How do I then go about
creating/obtaining
a certificate
to sit inapache to make the
whole ssl thing
work?
Andrew
---------------------------------------------------------------------
The official User-To-User
support forum of the
Apache HTTP
ServerProject.
See
<URL:http://httpd.apache.org/userslist.html> for more
info.
To unsubscribe, e-mail:
users-unsubscribe@httpd.apache.org
" from the digest:
users-digest-unsubscribe@httpd.apache.org
For additional commands,
e-mail:
users-help@httpd.apache.org
______________________________________________________________________
+Thehome of urban music
+ http://www.beyarecords.com
______________________________________________________________________
---------------------------------------------------------------------
The official User-To-User support
forum of the Apache
HTTP ServerProject.
See
<URL:http://httpd.apache.org/userslist.html> for
more info.
To unsubscribe, e-mail:
users-unsubscribe@httpd.apache.org
" from the digest:
users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail:
users-help@httpd.apache.org
______________________________________________________________________
+Thehome of urban music
+ http://www.beyarecords.com
______________________________________________________________________
---------------------------------------------------------------------
The official User-To-User support forum of the Apache
HTTP ServerProject.
See <URL:http://httpd.apache.org/userslist.html> for
more info.
To unsubscribe, e-mail:
users-unsubscribe@httpd.apache.org
" from the digest:
users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail:
users-help@httpd.apache.org
______________________________________________________________________
+Thehome of urban music
+ http://www.beyarecords.com
______________________________________________________________________
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
+The home of urban music
+ http://www.beyarecords.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Ralf,
when I do telnet I get the following message:
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
So all is fine on http://127.0.0.1. I'm still being refused on
https://127.0.0.1
Andrew
On 1 Dec 2004, at 11:46, Ralf Glauberman wrote:
> apache has nothing to do with ping!
> the message in your log doesn't say anything about mod_ssl, its about
> mod_auth_ldap which can't comunicate with an ldap-server over ssl. try
> lynx http://localhost/ and lynx https://localhost/, if lynx can't
> connect, your apache isn't running. if you don't have lynx, try telnet
> localhost 80.
> what do you get?
> ralf
>
> ----- Original Message ----- From: "Andrew M" <an...@jibeya.com>
> To: <us...@httpd.apache.org>
> Sent: Wednesday, December 01, 2004 11:05 AM
> Subject: Re: [users@httpd] mod_jk2 https
>
>
>> Parviz,
>> yes apache is up and running, you can see this if you ping
>> www.beyarecords.com. You are right though, I can't see port 80 or 443
>> either! HELP!!!!
>>
>> Andrew
>> On 1 Dec 2004, at 09:45, parviz wrote:
>>
>>> I cant see you listening on port 80 or 443. Is your apache up?
>>>
>>> Parviz
>>>
>>>
>>> On Wed, 2004-12-01 at 01:28, Andrew M wrote:
>>>> Parviz,
>>>> here is part of the output generated from netstat -an:
>>>>
>>>> tcp4 0 0 81.98.165.128.4444 81.98.165.128.54548
>>>> ESTABLISHED
>>>> tcp4 0 0 81.98.165.128.54548 81.98.165.128.4444
>>>> ESTABLISHED
>>>> tcp4 0 0 127.0.0.1.57474 127.0.0.1.631
>>>> CLOSE_WAIT
>>>> tcp4 0 0 127.0.0.1.57473 127.0.0.1.631
>>>> CLOSE_WAIT
>>>> tcp4 0 0 81.98.165.128.53524 207.46.107.69.1863
>>>> ESTABLISHED
>>>> tcp46 0 0 *.8009 *.*
>>>> LISTEN
>>>> tcp46 0 0 *.8093 *.*
>>>> LISTEN
>>>> tcp4 0 0 81.98.165.128.3528 81.98.165.128.64161
>>>> ESTABLISHED
>>>> tcp4 0 0 81.98.165.128.64161 81.98.165.128.3528
>>>> ESTABLISHED
>>>> tcp46 0 0 *.3528 *.*
>>>> LISTEN
>>>> tcp46 0 0 *.8080 *.*
>>>> LISTEN
>>>> tcp46 0 0 *.4445 *.*
>>>> LISTEN
>>>> tcp46 0 0 *.4444 *.*
>>>> LISTEN
>>>> tcp46 0 0 *.8083 *.*
>>>> LISTEN
>>>> tcp46 0 0 *.1099 *.*
>>>> LISTEN
>>>> tcp46 0 0 *.1098 *.*
>>>> LISTEN
>>>> tcp4 0 0 81.98.165.128.50438 205.188.8.138.5190
>>>> ESTABLISHED
>>>> tcp4 0 0 *.* *.*
>>>> CLOSED
>>>> tcp4 0 0 *.5432 *.*
>>>> LISTEN
>>>> tcp6 0 0 *.5432 *.*
>>>> LISTEN
>>>> tcp4 0 0 *.* *.*
>>>> CLOSED
>>>> tcp4 0 0 *.* *.*
>>>> CLOSED
>>>> tcp4 0 0 *.139 *.*
>>>> LISTEN
>>>> tcp4 0 0 127.0.0.1.631 *.*
>>>> LISTEN
>>>> tcp4 0 0 127.0.0.1.1033 127.0.0.1.916
>>>> ESTABLISHED
>>>> tcp4 0 0 127.0.0.1.916 127.0.0.1.1033
>>>> ESTABLISHED
>>>> tcp4 0 0 127.0.0.1.1033 *.*
>>>> LISTEN
>>>> udp4 0 0 127.0.0.1.49814 127.0.0.1.49814
>>>> udp4 0 0 81.98.165.128.49810 *.*
>>>> udp6 0 0 ::1.49242 ::1.49242
>>>> udp4 0 0 81.98.165.128.138 *.*
>>>> udp4 0 0 81.98.165.128.137 *.*
>>>> udp4 0 0 *.138 *.*
>>>> udp4 0 0 *.* *.*
>>>> udp4 0 0 *.* *.*
>>>> udp4 0 0 *.137 *.*
>>>> udp4 0 0 *.631 *.*
>>>> udp4 0 0 127.0.0.1.49159 127.0.0.1.1022
>>>> udp4 0 0 127.0.0.1.49158 127.0.0.1.1022
>>>> udp4 0 0 127.0.0.1.1022 *.*
>>>> udp4 0 0 127.0.0.1.49156 127.0.0.1.1023
>>>> udp4 0 0 127.0.0.1.1023 *.*
>>>> udp4 0 0 81.98.165.128.123 *.*
>>>> udp4 0 0 127.0.0.1.123 *.*
>>>> udp4 0 0 *.123 *.*
>>>> udp4 0 0 *.5353 *.*
>>>> udp4 0 0 *.68 *.*
>>>> udp4 0 0 127.0.0.1.1033 *.*
>>>> udp4 0 0 *.514 *.*
>>>> udp6 0 0 *.514 *.*
>>>> icm6 0 0 *.* *.*
>>>> icm6 0 0 *.* *.*
>>>>
>>>> regards
>>>>
>>>> Andrew
>>>> On 1 Dec 2004, at 09:22, parviz wrote:
>>>>
>>>> can you run "netstat -an". There are just lines that are
>>>> toolong and I
>>>> dont see the port number.
>>>>
>>>> Parviz
>>>> On Wed, 2004-12-01 at 01:14, Andrew M wrote:
>>>> Parviz,
>>>> I ran netstat and got the following output:
>>>>
>>>> Active Internet connections
>>>> Proto Recv-Q Send-Q Local Address Foreign
>>>> Address
>>>> (state)
>>>> tcp4 0 0 localhost.57474
>>>> localhost.ipp
>>>> CLOSE_WAIT
>>>> tcp4 0 0 localhost.57473
>>>> localhost.ipp
>>>> CLOSE_WAIT
>>>> tcp4 0 0 cpc3-nott2-5-0-c.53524
>>>> baym-cs269.msgr..msnp
>>>> ESTABLISHED
>>>> tcp4 0 0 cpc3-nott2-5-0-c.jboss
>>>> cpc3-nott2-5-0-c.64161ESTABLISHED
>>>> tcp4 0 0 cpc3-nott2-5-0-c.64161
>>>> cpc3-nott2-5-0-c.jbossESTABLISHED
>>>> tcp4 0 0 cpc3-nott2-5-0-c.50438
>>>> 205.188.8.138.aol
>>>> ESTABLISHED
>>>> tcp4 0 0 localhost.netinfo-loca
>>>> localhost.916
>>>> ESTABLISHED
>>>> tcp4 0 0 localhost.916
>>>> localhost.netinfo-locaESTABLISHED
>>>> udp4 0 0 localhost.49814
>>>> localhost.49814
>>>> udp4 0 0 cpc3-nott2-5-0-c.49810
>>>> *.*
>>>> udp6 0 0 localhost.49242
>>>> localhost.49242
>>>> udp4 0 0 cpc3-nott2-5-0-c.netbi
>>>> *.*
>>>> udp4 0 0 cpc3-nott2-5-0-c.netbi
>>>> *.*
>>>> udp4 0 0 *.netbios-dgm
>>>> *.*
>>>> udp4 0 0 *.*
>>>> *.*
>>>> udp4 0 0 *.*
>>>> *.*
>>>> udp4 0 0 *.netbios-ns
>>>> *.*
>>>> udp4 0 0 *.ipp
>>>> *.*
>>>> udp4 0 0 localhost.49159
>>>> localhost.1022
>>>> udp4 0 0 localhost.49158
>>>> localhost.1022
>>>> udp4 0 0 localhost.1022
>>>> *.*
>>>> udp4 0 0 localhost.49156
>>>> localhost.1023
>>>> udp4 0 0 localhost.1023
>>>> *.*
>>>> udp4 0 0 cpc3-nott2-5-0-c.ntp
>>>> *.*
>>>> udp4 0 0 localhost.ntp
>>>> *.*
>>>> udp4 0 0 *.ntp
>>>> *.*
>>>> udp4 0 0 *.mdns
>>>> *.*
>>>> udp4 0 0 *.bootpc
>>>> *.*
>>>> udp4 0 0 localhost.netinfo-loca
>>>> *.*
>>>> udp4 0 0 *.syslog
>>>> *.*
>>>> udp6 0 0 *.514
>>>> *.*
>>>> icm6 0 0 *.*
>>>> *.*
>>>> icm6 0 0 *.*
>>>> *.*
>>>> Active LOCAL (UNIX) domain sockets
>>>> Address Type Recv-Q Send-Q Inode Conn
>>>> Refs Nextref Addr
>>>> 1d9b118 stream 296 0 0 0
>>>> 0 0
>>>> 1d9b310 stream 0 0 0 1d9b5e8
>>>> 0 0
>>>> 1d9b5e8 stream 0 0 0 1d9b310
>>>> 0 0
>>>> 1d9b460 stream 0 0 0 1d9b5b0
>>>> 0 0
>>>> 1d9b5b0 stream 0 0 0 1d9b460
>>>> 0 0
>>>> 1d9b348 stream 0 0 0 0
>>>> 0 0
>>>> 1d9b070 stream 0 0 0 0
>>>> 0 0
>>>> 1d9b1c0 stream 0 0 2560e40 0
>>>> 0
>>>> 0/tmp/icssuis501
>>>> 1d9b1f8 stream 0 0 0 1d9b2a0
>>>> 0 0
>>>> 1d9b2a0 stream 0 0 0 1d9b1f8
>>>> 0 0
>>>> 1d9b268 stream 0 0 0 1d9b2d8
>>>> 0 0
>>>> 1d9b2d8 stream 0 0 0 1d9b268
>>>> 0 0
>>>> 1d9b738 stream 0 0 0 1d9b700
>>>> 0 0
>>>> 1d9b700 stream 0 0 0 1d9b738
>>>> 0 0
>>>> 1d9b7a8 stream 0 0 2597b58 0
>>>> 0
>>>> 0/tmp/.s.PGSQL.5432
>>>> 1d9b818 stream 0 0 0 1d9ba10
>>>> 0 0
>>>> 1d9ba10 stream 0 0 0 1d9b818
>>>> 0 0
>>>> 1d9b9a0 stream 0 0 0 1d9b7e0
>>>> 0 0
>>>> 1d9b7e0 stream 0 0 0 1d9b9a0
>>>> 0 0
>>>> 1d9b968 stream 0 0 0 1d9ba80
>>>> 0 0
>>>> 1d9ba80 stream 0 0 0 1d9b968
>>>> 0 0
>>>> 1d9baf0 stream 0 0 0 1d9ba48
>>>> 0 0
>>>> 1d9ba48 stream 0 0 0 1d9baf0
>>>> 0 0
>>>> 1d9b850 stream 0 0 0 1d9b888
>>>> 0 0
>>>> 1d9b888 stream 0 0 0 1d9b850
>>>> 0 0
>>>> 1d9b8c0 stream 0 0 0 1d9bb98
>>>> 0 0
>>>> 1d9bb98 stream 0 0 0 1d9b8c0
>>>> 0 0
>>>> 1d9bee0 stream 0 0 1fa27b8 0
>>>> 0
>>>> 0/var/run/mDNSResponder
>>>> 1d9bf18 stream 0 0 1f4a428 0
>>>> 0
>>>> 0/var/run/pppconfd
>>>> 1d9bc08 dgram 0 0 0 1d9bfc0
>>>> 0 1d9bbd0
>>>> 1d9b188 dgram 0 0 0 1d9b658
>>>> 1d9b658 0
>>>> 1d9b658 dgram 0 0 0 1d9b188
>>>> 1d9b188 0
>>>> 1d9b3b8 dgram 0 0 0 1d9b230
>>>> 1d9b230 0
>>>> 1d9b230 dgram 0 0 0 1d9b3b8
>>>> 1d9b3b8 0
>>>> 1d9b540 dgram 0 0 0 1d9b498
>>>> 1d9b498 0
>>>> 1d9b498 dgram 0 0 0 1d9b540
>>>> 1d9b540 0
>>>> 1d9b578 dgram 0 0 0 1d9b4d0
>>>> 1d9b4d0 0
>>>> 1d9b4d0 dgram 0 0 0 1d9b578
>>>> 1d9b578 0
>>>> 1d9bbd0 dgram 0 0 0 1d9bfc0
>>>> 0 1d9bab8
>>>> 1d9bab8 dgram 0 0 0 1d9bfc0
>>>> 0 1d9b930
>>>> 1d9b930 dgram 0 0 0 1d9bfc0
>>>> 0 1d9b9d8
>>>> 1d9b9d8 dgram 0 0 0 1d9bfc0
>>>> 0 1d9bd90
>>>> 1d9bd90 dgram 0 0 0 1d9bfc0
>>>> 0 1d9bb28
>>>> 1d9bb28 dgram 0 0 0 1d9bfc0
>>>> 0 1d9bb60
>>>> 1d9bb60 dgram 0 0 0 1d9bfc0
>>>> 0 1d9bcb0
>>>> 1d9bcb0 dgram 0 0 0 1d9bfc0
>>>> 0 1d9bd20
>>>> 1d9bd20 dgram 0 0 0 1d9bfc0
>>>> 0 1d9bce8
>>>> 1d9bce8 dgram 0 0 0 1d9bfc0
>>>> 0 1d9bea8
>>>> 1d9bd58 dgram 0 0 0 1d9bc40
>>>> 1d9bc40 0
>>>> 1d9bc40 dgram 0 0 0 1d9bd58
>>>> 1d9bd58 0
>>>> 1d9bea8 dgram 0 0 0 1d9bfc0
>>>> 0 1d9bc78
>>>> 1d9bc78 dgram 0 0 0 1d9bfc0
>>>> 0 1d9bf88
>>>> 1d9bf88 dgram 0 0 0 1d9bfc0
>>>> 0 1d9be38
>>>> 1d9bdc8 dgram 0 0 0 1d9be00
>>>> 1d9be00 0
>>>> 1d9be00 dgram 0 0 0 1d9bdc8
>>>> 1d9bdc8 0
>>>> 1d9be38 dgram 0 0 0 1d9bfc0
>>>> 0 1d9be70
>>>> 1d9be70 dgram 0 0 0 1d9bfc0
>>>> 0 1d9bf50
>>>> 1d9bf50 dgram 0 0 0 1d9bfc0
>>>> 0 0
>>>> 1d9bfc0 dgram 0 0 1dd5610 0
>>>> 1d9bc08
>>>> 0/var/run/syslog
>>>>
>>>> Andrew
>>>> On 1 Dec 2004, at 08:53, parviz wrote:
>>>>
>>>> I didnt look at your config in detail. But
>>>> that error
>>>> messagealone
>>>> makes me think that either your tomcat(port
>>>> 8080) or port 443
>>>> is not
>>>> listening on the right socket. for example
>>>> tomcat is listening
>>>> on
>>>> 127.0.0.1:8080 but your trying to go
>>>> www.mysite.com:8080 (
>>>> which
>>>> resolves to some pulicIp:8080). Or something
>>>> similar. Lets run
>>>> netstat
>>>> and make sure port 443 and 8080 is listening
>>>> where they
>>>> should.
>>>>
>>>> Parviz
>>>>
>>>> On Tue, 2004-11-30 at 16:30, Andrew M wrote:
>>>> Ralph,
>>>> I am using Apache 2.0.52 and have
>>>> made
>>>> the following
>>>> amendments:
>>>>
>>>> 1. create a certificate file :
>>>> /library/Apache2/conf/mysiteNew.crt
>>>> 2. create a key file:
>>>>
>>>> /library/Apache2/conf/www.mysite.com.key
>>>> 3. Amend the ssl.conf file:
>>>>
>>>> <IfDefine SSL>
>>>> <VirtualHost 127.0.0.1:443>
>>>> ......
>>>> SSLCertificateFile
>>>> /Library/Apache2/conf/mysiteNew.crt
>>>> SSLCertificateKeyFile
>>>>
>>>> /Library/Apache2/conf/www.mysite.com.key
>>>>
>>>> ****** Start Note ***
>>>> RewriteEngine on
>>>>
>>>> RewriteRule "^/WEB-INF/?(.*)" "$0"
>>>> [L,F,NC]
>>>> RewriteRule "^/(.*)\.gif$" "$0" [L]
>>>> RewriteRule "^/(.*)\.jpg$" "$0" [L]
>>>> RewriteRule "^/(.*)\.swf$" "$0" [L]
>>>> RewriteRule "^/(.*)\.php$" "$0" [L]
>>>> RewriteRule "^/(.*)\.m3u$" "$0" [L]
>>>> RewriteRule "^/(.*)\.mp3$" "$0" [L]
>>>> RewriteRule "^/(.*)\.html$" "$0" [L]
>>>> RewriteRule
>>>>
>>>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$https://localhost:8080/
>>>> mysite/ $1.$2[P,L]
>>>> RewriteRule "^/(.*)"
>>>> "https://localhost:8080/$1" [P]
>>>> ProxyPassReverse /
>>>> https://localhost:8080/
>>>> ***End Note ***
>>>> </virtualHost>
>>>> </IfDefine>
>>>>
>>>> Note: Not sure about the rewrite
>>>> code
>>>> in the virtual
>>>> host. Thethinking
>>>> behind this is to be able to do
>>>> https://www.mysite.com
>>>> in theurl and
>>>> be directed to port 8080!!!
>>>> http://www.mysite.com
>>>> works fine.
>>>>
>>>> Suffice to say, when I enter
>>>> https://www.mysite.com
>>>> into the url I
>>>> get'the connection was refused when
>>>> attempting to
>>>> contactwww.mysite.com'. What am I
>>>> doing wrong???
>>>>
>>>> many thanks
>>>>
>>>> Andrew
>>>>
>>>> p.s. I have enabled port 443 in the
>>>> firewall as well.
>>>>
>>>>
>>>> On 30 Nov 2004, at 22:10, Ralf
>>>> Glauberman wrote:
>>>>
>>>> plain text please!
>>>>
>>>> did you have a look at the
>>>> general https
>>>> documentation. i
>>>> think youwill have to set up
>>>> ssl as described
>>>> there. try it,
>>>> if you are havingproblems,
>>>> ask
>>>> again.
>>>>
>>>> ----- Original Message -----
>>>> From: Andrew M
>>>> To: users@httpd.apache.org
>>>> Sent: Tuesday, November 30,
>>>> 2004 7:56 PM
>>>> Subject: [users@httpd]
>>>> mod_jk2
>>>> https
>>>>
>>>>
>>>> Hi,
>>>> I currently have apache
>>>> sitting at the front
>>>> end passing
>>>> requests tojboss on port
>>>> 8080
>>>> like so in my
>>>> http.conf:
>>>>
>>>> # mod_jk2 configuration
>>>> LoadModule jk2_module
>>>> modules/mod_jk2.so
>>>>
>>>> # for jboss
>>>> RewriteEngine on
>>>>
>>>> RewriteRule
>>>> "^/WEB-INF/?(.*)"
>>>> "$0" [L,F,NC]
>>>> RewriteRule "^/(.*)\.gif$"
>>>> "$0" [L]
>>>> RewriteRule "^/(.*)\.jpg$"
>>>> "$0" [L]
>>>> RewriteRule "^/(.*)\.swf$"
>>>> "$0" [L]
>>>> RewriteRule "^/(.*)\.php$"
>>>> "$0" [L]
>>>> RewriteRule "^/(.*)\.m3u$"
>>>> "$0" [L]
>>>> RewriteRule "^/(.*)\.mp3$"
>>>> "$0" [L]
>>>> RewriteRule "^/(.*)\.html$"
>>>> "$0" [L]
>>>> RewriteRule
>>>>
>>>>
>>>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$http://localhost:8080/
>>>> mysite/ $1.$2[P,L]
>>>> RewriteRule "^/(.*)"
>>>> "http://localhost:8080/$1" [P]
>>>> ProxyPassReverse /
>>>> http://localhost:8080/
>>>>
>>>> How would I, in this
>>>> instance,
>>>> setup https?
>>>> Bare with me if
>>>> this seemsfairly obvious as
>>>> I
>>>> have never
>>>> worked with https
>>>> before.
>>>>
>>>> many thanks
>>>>
>>>> p.s. How do I then go about
>>>> creating/obtaining
>>>> a certificate
>>>> to sit inapache to make the
>>>> whole ssl thing
>>>> work?
>>>> Andrew
>>>>
>>>>
>>>>
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> The official User-To-User
>>>> support forum of the
>>>> Apache HTTP
>>>> ServerProject.
>>>> See
>>>>
>>>> <URL:http://httpd.apache.org/userslist.html> for
>>>> more
>>>> info.
>>>> To unsubscribe, e-mail:
>>>> users-unsubscribe@httpd.apache.org
>>>> " from the digest:
>>>>
>>>> users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands,
>>>> e-mail:
>>>> users-help@httpd.apache.org
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ____________________________________________________________________
>>>> __
>>>>
>>>> +Thehome of urban music
>>>> + http://www.beyarecords.com
>>>>
>>>>
>>>>
>>>>
>>>> ____________________________________________________________________
>>>> __
>>>>
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> The official User-To-User support
>>>> forum of the Apache
>>>> HTTP ServerProject.
>>>> See
>>>> <URL:http://httpd.apache.org/userslist.html> for
>>>> more info.
>>>> To unsubscribe, e-mail:
>>>> users-unsubscribe@httpd.apache.org
>>>> " from the digest:
>>>>
>>>> users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail:
>>>> users-help@httpd.apache.org
>>>>
>>>>
>>>>
>>>> ____________________________________________________________________
>>>> __
>>>>
>>>> +Thehome of urban music
>>>> + http://www.beyarecords.com
>>>>
>>>>
>>>>
>>>> ____________________________________________________________________
>>>> __
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> The official User-To-User support forum of the
>>>> Apache
>>>> HTTP ServerProject.
>>>> See <URL:http://httpd.apache.org/userslist.html> for
>>>> more info.
>>>> To unsubscribe, e-mail:
>>>> users-unsubscribe@httpd.apache.org
>>>> " from the digest:
>>>> users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail:
>>>> users-help@httpd.apache.org
>>>>
>>>>
>>>>
>>>> ____________________________________________________________________
>>>> __
>>>>
>>>> +Thehome of urban music
>>>> + http://www.beyarecords.com
>>>>
>>>>
>>>>
>>>> ____________________________________________________________________
>>>> __
>>>> --------------------------------------------------------------------
>>>> -
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users@httpd] mod_jk2 https
Posted by Ralf Glauberman <rg...@michaeli-gymnasium.de>.
apache has nothing to do with ping!
the message in your log doesn't say anything about mod_ssl, its about
mod_auth_ldap which can't comunicate with an ldap-server over ssl. try lynx
http://localhost/ and lynx https://localhost/, if lynx can't connect, your
apache isn't running. if you don't have lynx, try telnet localhost 80.
what do you get?
ralf
----- Original Message -----
From: "Andrew M" <an...@jibeya.com>
To: <us...@httpd.apache.org>
Sent: Wednesday, December 01, 2004 11:05 AM
Subject: Re: [users@httpd] mod_jk2 https
> Parviz,
> yes apache is up and running, you can see this if you ping
> www.beyarecords.com. You are right though, I can't see port 80 or 443
> either! HELP!!!!
>
> Andrew
> On 1 Dec 2004, at 09:45, parviz wrote:
>
>> I cant see you listening on port 80 or 443. Is your apache up?
>>
>> Parviz
>>
>>
>> On Wed, 2004-12-01 at 01:28, Andrew M wrote:
>>> Parviz,
>>> here is part of the output generated from netstat -an:
>>>
>>> tcp4 0 0 81.98.165.128.4444 81.98.165.128.54548
>>> ESTABLISHED
>>> tcp4 0 0 81.98.165.128.54548 81.98.165.128.4444
>>> ESTABLISHED
>>> tcp4 0 0 127.0.0.1.57474 127.0.0.1.631
>>> CLOSE_WAIT
>>> tcp4 0 0 127.0.0.1.57473 127.0.0.1.631
>>> CLOSE_WAIT
>>> tcp4 0 0 81.98.165.128.53524 207.46.107.69.1863
>>> ESTABLISHED
>>> tcp46 0 0 *.8009 *.*
>>> LISTEN
>>> tcp46 0 0 *.8093 *.*
>>> LISTEN
>>> tcp4 0 0 81.98.165.128.3528 81.98.165.128.64161
>>> ESTABLISHED
>>> tcp4 0 0 81.98.165.128.64161 81.98.165.128.3528
>>> ESTABLISHED
>>> tcp46 0 0 *.3528 *.*
>>> LISTEN
>>> tcp46 0 0 *.8080 *.*
>>> LISTEN
>>> tcp46 0 0 *.4445 *.*
>>> LISTEN
>>> tcp46 0 0 *.4444 *.*
>>> LISTEN
>>> tcp46 0 0 *.8083 *.*
>>> LISTEN
>>> tcp46 0 0 *.1099 *.*
>>> LISTEN
>>> tcp46 0 0 *.1098 *.*
>>> LISTEN
>>> tcp4 0 0 81.98.165.128.50438 205.188.8.138.5190
>>> ESTABLISHED
>>> tcp4 0 0 *.* *.*
>>> CLOSED
>>> tcp4 0 0 *.5432 *.*
>>> LISTEN
>>> tcp6 0 0 *.5432 *.*
>>> LISTEN
>>> tcp4 0 0 *.* *.*
>>> CLOSED
>>> tcp4 0 0 *.* *.*
>>> CLOSED
>>> tcp4 0 0 *.139 *.*
>>> LISTEN
>>> tcp4 0 0 127.0.0.1.631 *.*
>>> LISTEN
>>> tcp4 0 0 127.0.0.1.1033 127.0.0.1.916
>>> ESTABLISHED
>>> tcp4 0 0 127.0.0.1.916 127.0.0.1.1033
>>> ESTABLISHED
>>> tcp4 0 0 127.0.0.1.1033 *.*
>>> LISTEN
>>> udp4 0 0 127.0.0.1.49814 127.0.0.1.49814
>>> udp4 0 0 81.98.165.128.49810 *.*
>>> udp6 0 0 ::1.49242 ::1.49242
>>> udp4 0 0 81.98.165.128.138 *.*
>>> udp4 0 0 81.98.165.128.137 *.*
>>> udp4 0 0 *.138 *.*
>>> udp4 0 0 *.* *.*
>>> udp4 0 0 *.* *.*
>>> udp4 0 0 *.137 *.*
>>> udp4 0 0 *.631 *.*
>>> udp4 0 0 127.0.0.1.49159 127.0.0.1.1022
>>> udp4 0 0 127.0.0.1.49158 127.0.0.1.1022
>>> udp4 0 0 127.0.0.1.1022 *.*
>>> udp4 0 0 127.0.0.1.49156 127.0.0.1.1023
>>> udp4 0 0 127.0.0.1.1023 *.*
>>> udp4 0 0 81.98.165.128.123 *.*
>>> udp4 0 0 127.0.0.1.123 *.*
>>> udp4 0 0 *.123 *.*
>>> udp4 0 0 *.5353 *.*
>>> udp4 0 0 *.68 *.*
>>> udp4 0 0 127.0.0.1.1033 *.*
>>> udp4 0 0 *.514 *.*
>>> udp6 0 0 *.514 *.*
>>> icm6 0 0 *.* *.*
>>> icm6 0 0 *.* *.*
>>>
>>> regards
>>>
>>> Andrew
>>> On 1 Dec 2004, at 09:22, parviz wrote:
>>>
>>> can you run "netstat -an". There are just lines that are
>>> toolong and I
>>> dont see the port number.
>>>
>>> Parviz
>>> On Wed, 2004-12-01 at 01:14, Andrew M wrote:
>>> Parviz,
>>> I ran netstat and got the following output:
>>>
>>> Active Internet connections
>>> Proto Recv-Q Send-Q Local Address Foreign
>>> Address
>>> (state)
>>> tcp4 0 0 localhost.57474
>>> localhost.ipp
>>> CLOSE_WAIT
>>> tcp4 0 0 localhost.57473
>>> localhost.ipp
>>> CLOSE_WAIT
>>> tcp4 0 0 cpc3-nott2-5-0-c.53524
>>> baym-cs269.msgr..msnp
>>> ESTABLISHED
>>> tcp4 0 0 cpc3-nott2-5-0-c.jboss
>>> cpc3-nott2-5-0-c.64161ESTABLISHED
>>> tcp4 0 0 cpc3-nott2-5-0-c.64161
>>> cpc3-nott2-5-0-c.jbossESTABLISHED
>>> tcp4 0 0 cpc3-nott2-5-0-c.50438
>>> 205.188.8.138.aol
>>> ESTABLISHED
>>> tcp4 0 0 localhost.netinfo-loca
>>> localhost.916
>>> ESTABLISHED
>>> tcp4 0 0 localhost.916
>>> localhost.netinfo-locaESTABLISHED
>>> udp4 0 0 localhost.49814
>>> localhost.49814
>>> udp4 0 0 cpc3-nott2-5-0-c.49810
>>> *.*
>>> udp6 0 0 localhost.49242
>>> localhost.49242
>>> udp4 0 0 cpc3-nott2-5-0-c.netbi
>>> *.*
>>> udp4 0 0 cpc3-nott2-5-0-c.netbi
>>> *.*
>>> udp4 0 0 *.netbios-dgm
>>> *.*
>>> udp4 0 0 *.*
>>> *.*
>>> udp4 0 0 *.*
>>> *.*
>>> udp4 0 0 *.netbios-ns
>>> *.*
>>> udp4 0 0 *.ipp
>>> *.*
>>> udp4 0 0 localhost.49159
>>> localhost.1022
>>> udp4 0 0 localhost.49158
>>> localhost.1022
>>> udp4 0 0 localhost.1022
>>> *.*
>>> udp4 0 0 localhost.49156
>>> localhost.1023
>>> udp4 0 0 localhost.1023
>>> *.*
>>> udp4 0 0 cpc3-nott2-5-0-c.ntp
>>> *.*
>>> udp4 0 0 localhost.ntp
>>> *.*
>>> udp4 0 0 *.ntp
>>> *.*
>>> udp4 0 0 *.mdns
>>> *.*
>>> udp4 0 0 *.bootpc
>>> *.*
>>> udp4 0 0 localhost.netinfo-loca
>>> *.*
>>> udp4 0 0 *.syslog
>>> *.*
>>> udp6 0 0 *.514
>>> *.*
>>> icm6 0 0 *.*
>>> *.*
>>> icm6 0 0 *.*
>>> *.*
>>> Active LOCAL (UNIX) domain sockets
>>> Address Type Recv-Q Send-Q Inode Conn
>>> Refs Nextref Addr
>>> 1d9b118 stream 296 0 0 0
>>> 0 0
>>> 1d9b310 stream 0 0 0 1d9b5e8
>>> 0 0
>>> 1d9b5e8 stream 0 0 0 1d9b310
>>> 0 0
>>> 1d9b460 stream 0 0 0 1d9b5b0
>>> 0 0
>>> 1d9b5b0 stream 0 0 0 1d9b460
>>> 0 0
>>> 1d9b348 stream 0 0 0 0
>>> 0 0
>>> 1d9b070 stream 0 0 0 0
>>> 0 0
>>> 1d9b1c0 stream 0 0 2560e40 0
>>> 0
>>> 0/tmp/icssuis501
>>> 1d9b1f8 stream 0 0 0 1d9b2a0
>>> 0 0
>>> 1d9b2a0 stream 0 0 0 1d9b1f8
>>> 0 0
>>> 1d9b268 stream 0 0 0 1d9b2d8
>>> 0 0
>>> 1d9b2d8 stream 0 0 0 1d9b268
>>> 0 0
>>> 1d9b738 stream 0 0 0 1d9b700
>>> 0 0
>>> 1d9b700 stream 0 0 0 1d9b738
>>> 0 0
>>> 1d9b7a8 stream 0 0 2597b58 0
>>> 0
>>> 0/tmp/.s.PGSQL.5432
>>> 1d9b818 stream 0 0 0 1d9ba10
>>> 0 0
>>> 1d9ba10 stream 0 0 0 1d9b818
>>> 0 0
>>> 1d9b9a0 stream 0 0 0 1d9b7e0
>>> 0 0
>>> 1d9b7e0 stream 0 0 0 1d9b9a0
>>> 0 0
>>> 1d9b968 stream 0 0 0 1d9ba80
>>> 0 0
>>> 1d9ba80 stream 0 0 0 1d9b968
>>> 0 0
>>> 1d9baf0 stream 0 0 0 1d9ba48
>>> 0 0
>>> 1d9ba48 stream 0 0 0 1d9baf0
>>> 0 0
>>> 1d9b850 stream 0 0 0 1d9b888
>>> 0 0
>>> 1d9b888 stream 0 0 0 1d9b850
>>> 0 0
>>> 1d9b8c0 stream 0 0 0 1d9bb98
>>> 0 0
>>> 1d9bb98 stream 0 0 0 1d9b8c0
>>> 0 0
>>> 1d9bee0 stream 0 0 1fa27b8 0
>>> 0
>>> 0/var/run/mDNSResponder
>>> 1d9bf18 stream 0 0 1f4a428 0
>>> 0
>>> 0/var/run/pppconfd
>>> 1d9bc08 dgram 0 0 0 1d9bfc0
>>> 0 1d9bbd0
>>> 1d9b188 dgram 0 0 0 1d9b658
>>> 1d9b658 0
>>> 1d9b658 dgram 0 0 0 1d9b188
>>> 1d9b188 0
>>> 1d9b3b8 dgram 0 0 0 1d9b230
>>> 1d9b230 0
>>> 1d9b230 dgram 0 0 0 1d9b3b8
>>> 1d9b3b8 0
>>> 1d9b540 dgram 0 0 0 1d9b498
>>> 1d9b498 0
>>> 1d9b498 dgram 0 0 0 1d9b540
>>> 1d9b540 0
>>> 1d9b578 dgram 0 0 0 1d9b4d0
>>> 1d9b4d0 0
>>> 1d9b4d0 dgram 0 0 0 1d9b578
>>> 1d9b578 0
>>> 1d9bbd0 dgram 0 0 0 1d9bfc0
>>> 0 1d9bab8
>>> 1d9bab8 dgram 0 0 0 1d9bfc0
>>> 0 1d9b930
>>> 1d9b930 dgram 0 0 0 1d9bfc0
>>> 0 1d9b9d8
>>> 1d9b9d8 dgram 0 0 0 1d9bfc0
>>> 0 1d9bd90
>>> 1d9bd90 dgram 0 0 0 1d9bfc0
>>> 0 1d9bb28
>>> 1d9bb28 dgram 0 0 0 1d9bfc0
>>> 0 1d9bb60
>>> 1d9bb60 dgram 0 0 0 1d9bfc0
>>> 0 1d9bcb0
>>> 1d9bcb0 dgram 0 0 0 1d9bfc0
>>> 0 1d9bd20
>>> 1d9bd20 dgram 0 0 0 1d9bfc0
>>> 0 1d9bce8
>>> 1d9bce8 dgram 0 0 0 1d9bfc0
>>> 0 1d9bea8
>>> 1d9bd58 dgram 0 0 0 1d9bc40
>>> 1d9bc40 0
>>> 1d9bc40 dgram 0 0 0 1d9bd58
>>> 1d9bd58 0
>>> 1d9bea8 dgram 0 0 0 1d9bfc0
>>> 0 1d9bc78
>>> 1d9bc78 dgram 0 0 0 1d9bfc0
>>> 0 1d9bf88
>>> 1d9bf88 dgram 0 0 0 1d9bfc0
>>> 0 1d9be38
>>> 1d9bdc8 dgram 0 0 0 1d9be00
>>> 1d9be00 0
>>> 1d9be00 dgram 0 0 0 1d9bdc8
>>> 1d9bdc8 0
>>> 1d9be38 dgram 0 0 0 1d9bfc0
>>> 0 1d9be70
>>> 1d9be70 dgram 0 0 0 1d9bfc0
>>> 0 1d9bf50
>>> 1d9bf50 dgram 0 0 0 1d9bfc0
>>> 0 0
>>> 1d9bfc0 dgram 0 0 1dd5610 0
>>> 1d9bc08
>>> 0/var/run/syslog
>>>
>>> Andrew
>>> On 1 Dec 2004, at 08:53, parviz wrote:
>>>
>>> I didnt look at your config in detail. But
>>> that error
>>> messagealone
>>> makes me think that either your tomcat(port
>>> 8080) or port 443
>>> is not
>>> listening on the right socket. for example
>>> tomcat is listening
>>> on
>>> 127.0.0.1:8080 but your trying to go
>>> www.mysite.com:8080 (
>>> which
>>> resolves to some pulicIp:8080). Or something
>>> similar. Lets run
>>> netstat
>>> and make sure port 443 and 8080 is listening
>>> where they
>>> should.
>>>
>>> Parviz
>>>
>>> On Tue, 2004-11-30 at 16:30, Andrew M wrote:
>>> Ralph,
>>> I am using Apache 2.0.52 and have made
>>> the following
>>> amendments:
>>>
>>> 1. create a certificate file :
>>> /library/Apache2/conf/mysiteNew.crt
>>> 2. create a key file:
>>>
>>> /library/Apache2/conf/www.mysite.com.key
>>> 3. Amend the ssl.conf file:
>>>
>>> <IfDefine SSL>
>>> <VirtualHost 127.0.0.1:443>
>>> ......
>>> SSLCertificateFile
>>> /Library/Apache2/conf/mysiteNew.crt
>>> SSLCertificateKeyFile
>>>
>>> /Library/Apache2/conf/www.mysite.com.key
>>>
>>> ****** Start Note ***
>>> RewriteEngine on
>>>
>>> RewriteRule "^/WEB-INF/?(.*)" "$0"
>>> [L,F,NC]
>>> RewriteRule "^/(.*)\.gif$" "$0" [L]
>>> RewriteRule "^/(.*)\.jpg$" "$0" [L]
>>> RewriteRule "^/(.*)\.swf$" "$0" [L]
>>> RewriteRule "^/(.*)\.php$" "$0" [L]
>>> RewriteRule "^/(.*)\.m3u$" "$0" [L]
>>> RewriteRule "^/(.*)\.mp3$" "$0" [L]
>>> RewriteRule "^/(.*)\.html$" "$0" [L]
>>> RewriteRule
>>>
>>>
>>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$https://localhost:8080/mysite/
>>> $1.$2[P,L]
>>> RewriteRule "^/(.*)"
>>> "https://localhost:8080/$1" [P]
>>> ProxyPassReverse /
>>> https://localhost:8080/
>>> ***End Note ***
>>> </virtualHost>
>>> </IfDefine>
>>>
>>> Note: Not sure about the rewrite code
>>> in the virtual
>>> host. Thethinking
>>> behind this is to be able to do
>>> https://www.mysite.com
>>> in theurl and
>>> be directed to port 8080!!!
>>> http://www.mysite.com
>>> works fine.
>>>
>>> Suffice to say, when I enter
>>> https://www.mysite.com
>>> into the url I
>>> get'the connection was refused when
>>> attempting to
>>> contactwww.mysite.com'. What am I
>>> doing wrong???
>>>
>>> many thanks
>>>
>>> Andrew
>>>
>>> p.s. I have enabled port 443 in the
>>> firewall as well.
>>>
>>>
>>> On 30 Nov 2004, at 22:10, Ralf
>>> Glauberman wrote:
>>>
>>> plain text please!
>>>
>>> did you have a look at the
>>> general https
>>> documentation. i
>>> think youwill have to set up
>>> ssl as described
>>> there. try it,
>>> if you are havingproblems, ask
>>> again.
>>>
>>> ----- Original Message -----
>>> From: Andrew M
>>> To: users@httpd.apache.org
>>> Sent: Tuesday, November 30,
>>> 2004 7:56 PM
>>> Subject: [users@httpd] mod_jk2
>>> https
>>>
>>>
>>> Hi,
>>> I currently have apache
>>> sitting at the front
>>> end passing
>>> requests tojboss on port 8080
>>> like so in my
>>> http.conf:
>>>
>>> # mod_jk2 configuration
>>> LoadModule jk2_module
>>> modules/mod_jk2.so
>>>
>>> # for jboss
>>> RewriteEngine on
>>>
>>> RewriteRule "^/WEB-INF/?(.*)"
>>> "$0" [L,F,NC]
>>> RewriteRule "^/(.*)\.gif$"
>>> "$0" [L]
>>> RewriteRule "^/(.*)\.jpg$"
>>> "$0" [L]
>>> RewriteRule "^/(.*)\.swf$"
>>> "$0" [L]
>>> RewriteRule "^/(.*)\.php$"
>>> "$0" [L]
>>> RewriteRule "^/(.*)\.m3u$"
>>> "$0" [L]
>>> RewriteRule "^/(.*)\.mp3$"
>>> "$0" [L]
>>> RewriteRule "^/(.*)\.html$"
>>> "$0" [L]
>>> RewriteRule
>>>
>>>
>>>
>>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$http://localhost:8080/mysite/
>>> $1.$2[P,L]
>>> RewriteRule "^/(.*)"
>>> "http://localhost:8080/$1" [P]
>>> ProxyPassReverse /
>>> http://localhost:8080/
>>>
>>> How would I, in this instance,
>>> setup https?
>>> Bare with me if
>>> this seemsfairly obvious as I
>>> have never
>>> worked with https
>>> before.
>>>
>>> many thanks
>>>
>>> p.s. How do I then go about
>>> creating/obtaining
>>> a certificate
>>> to sit inapache to make the
>>> whole ssl thing
>>> work?
>>> Andrew
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> The official User-To-User
>>> support forum of the
>>> Apache HTTP
>>> ServerProject.
>>> See
>>>
>>> <URL:http://httpd.apache.org/userslist.html> for more
>>> info.
>>> To unsubscribe, e-mail:
>>> users-unsubscribe@httpd.apache.org
>>> " from the digest:
>>>
>>> users-digest-unsubscribe@httpd.apache.org
>>> For additional commands,
>>> e-mail:
>>> users-help@httpd.apache.org
>>>
>>>
>>>
>>>
>>>
>>>
>>> ______________________________________________________________________
>>>
>>> +Thehome of urban music
>>> + http://www.beyarecords.com
>>>
>>>
>>>
>>>
>>>
>>> ______________________________________________________________________
>>>
>>> ---------------------------------------------------------------------
>>> The official User-To-User support
>>> forum of the Apache
>>> HTTP ServerProject.
>>> See
>>> <URL:http://httpd.apache.org/userslist.html> for
>>> more info.
>>> To unsubscribe, e-mail:
>>> users-unsubscribe@httpd.apache.org
>>> " from the digest:
>>>
>>> users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail:
>>> users-help@httpd.apache.org
>>>
>>>
>>>
>>>
>>> ______________________________________________________________________
>>>
>>> +Thehome of urban music
>>> + http://www.beyarecords.com
>>>
>>>
>>>
>>>
>>> ______________________________________________________________________
>>> ---------------------------------------------------------------------
>>> The official User-To-User support forum of the Apache
>>> HTTP ServerProject.
>>> See <URL:http://httpd.apache.org/userslist.html> for
>>> more info.
>>> To unsubscribe, e-mail:
>>> users-unsubscribe@httpd.apache.org
>>> " from the digest:
>>> users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail:
>>> users-help@httpd.apache.org
>>>
>>>
>>>
>>> ______________________________________________________________________
>>>
>>> +Thehome of urban music
>>> + http://www.beyarecords.com
>>>
>>>
>>>
>>> ______________________________________________________________________
>>> ---------------------------------------------------------------------
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project.
>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: AW: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Stefan,
I entered the line as you mention but am being asked to specify p:
option requires an argument -- p
usage: netstat [-Aan] [-f address_family] [-M core] [-N system]
netstat [-bdghimnrs] [-f address_family] [-M core] [-N system]
netstat [-bdn] [-I interface] [-M core] [-N system] [-w wait]
netstat -m [-M core] [-N system]
I am using mac os x version of unix, if that helps any, version 10.3.6.
regards
Andrew
On 1 Dec 2004, at 13:52, Steffen Heil wrote:
> Hi
>
> Please post the results of
> netstat -nlp | grep apache
>
> They should look somehow like:
> tcp 0 0 80.190.243.78:80 0.0.0.0:*
> LISTEN
> 6769/apache2
> tcp 0 0 80.190.242.152:80 0.0.0.0:*
> LISTEN
> 6769/apache2
> tcp 0 0 80.190.243.78:443 0.0.0.0:*
> LISTEN
> 6769/apache2
> tcp 0 0 80.190.242.152:443 0.0.0.0:*
> LISTEN
> 6769/apache2
>
> Regards,
> Steffen
>
>
> -----Ursprüngliche Nachricht-----
> Von: Andrew M [mailto:andrew@jibeya.com]
> Gesendet: Mittwoch, 1. Dezember 2004 11:06
> An: users@httpd.apache.org
> Betreff: Re: [users@httpd] mod_jk2 https
>
> Parviz,
> yes apache is up and running, you can see this if you ping
> www.beyarecords.com. You are right though, I can't see port 80 or 443
> either! HELP!!!!
>
> Andrew
> On 1 Dec 2004, at 09:45, parviz wrote:
>
>> I cant see you listening on port 80 or 443. Is your apache up?
>>
>> Parviz
>>
>>
>> On Wed, 2004-12-01 at 01:28, Andrew M wrote:
>>> Parviz,
>>> here is part of the output generated from netstat -an:
>>>
>>> tcp4 0 0 81.98.165.128.4444 81.98.165.128.54548
>>> ESTABLISHED
>>> tcp4 0 0 81.98.165.128.54548 81.98.165.128.4444
>>> ESTABLISHED
>>> tcp4 0 0 127.0.0.1.57474 127.0.0.1.631
>>> CLOSE_WAIT
>>> tcp4 0 0 127.0.0.1.57473 127.0.0.1.631
>>> CLOSE_WAIT
>>> tcp4 0 0 81.98.165.128.53524 207.46.107.69.1863
>>> ESTABLISHED
>>> tcp46 0 0 *.8009 *.*
>>> LISTEN
>>> tcp46 0 0 *.8093 *.*
>>> LISTEN
>>> tcp4 0 0 81.98.165.128.3528 81.98.165.128.64161
>>> ESTABLISHED
>>> tcp4 0 0 81.98.165.128.64161 81.98.165.128.3528
>>> ESTABLISHED
>>> tcp46 0 0 *.3528 *.*
>>> LISTEN
>>> tcp46 0 0 *.8080 *.*
>>> LISTEN
>>> tcp46 0 0 *.4445 *.*
>>> LISTEN
>>> tcp46 0 0 *.4444 *.*
>>> LISTEN
>>> tcp46 0 0 *.8083 *.*
>>> LISTEN
>>> tcp46 0 0 *.1099 *.*
>>> LISTEN
>>> tcp46 0 0 *.1098 *.*
>>> LISTEN
>>> tcp4 0 0 81.98.165.128.50438 205.188.8.138.5190
>>> ESTABLISHED
>>> tcp4 0 0 *.* *.*
>>> CLOSED
>>> tcp4 0 0 *.5432 *.*
>>> LISTEN
>>> tcp6 0 0 *.5432 *.*
>>> LISTEN
>>> tcp4 0 0 *.* *.*
>>> CLOSED
>>> tcp4 0 0 *.* *.*
>>> CLOSED
>>> tcp4 0 0 *.139 *.*
>>> LISTEN
>>> tcp4 0 0 127.0.0.1.631 *.*
>>> LISTEN
>>> tcp4 0 0 127.0.0.1.1033 127.0.0.1.916
>>> ESTABLISHED
>>> tcp4 0 0 127.0.0.1.916 127.0.0.1.1033
>>> ESTABLISHED
>>> tcp4 0 0 127.0.0.1.1033 *.*
>>> LISTEN
>>> udp4 0 0 127.0.0.1.49814 127.0.0.1.49814
>>> udp4 0 0 81.98.165.128.49810 *.*
>>> udp6 0 0 ::1.49242 ::1.49242
>>> udp4 0 0 81.98.165.128.138 *.*
>>> udp4 0 0 81.98.165.128.137 *.*
>>> udp4 0 0 *.138 *.*
>>> udp4 0 0 *.* *.*
>>> udp4 0 0 *.* *.*
>>> udp4 0 0 *.137 *.*
>>> udp4 0 0 *.631 *.*
>>> udp4 0 0 127.0.0.1.49159 127.0.0.1.1022
>>> udp4 0 0 127.0.0.1.49158 127.0.0.1.1022
>>> udp4 0 0 127.0.0.1.1022 *.*
>>> udp4 0 0 127.0.0.1.49156 127.0.0.1.1023
>>> udp4 0 0 127.0.0.1.1023 *.*
>>> udp4 0 0 81.98.165.128.123 *.*
>>> udp4 0 0 127.0.0.1.123 *.*
>>> udp4 0 0 *.123 *.*
>>> udp4 0 0 *.5353 *.*
>>> udp4 0 0 *.68 *.*
>>> udp4 0 0 127.0.0.1.1033 *.*
>>> udp4 0 0 *.514 *.*
>>> udp6 0 0 *.514 *.*
>>> icm6 0 0 *.* *.*
>>> icm6 0 0 *.* *.*
>>>
>>> regards
>>>
>>> Andrew
>>> On 1 Dec 2004, at 09:22, parviz wrote:
>>>
>>> can you run "netstat -an". There are just lines that are
>>> toolong and I
>>> dont see the port number.
>>>
>>> Parviz
>>> On Wed, 2004-12-01 at 01:14, Andrew M wrote:
>>> Parviz,
>>> I ran netstat and got the following output:
>>>
>>> Active Internet connections
>>> Proto Recv-Q Send-Q Local Address Foreign
>>> Address
>>> (state)
>>> tcp4 0 0 localhost.57474
>>> localhost.ipp
>>> CLOSE_WAIT
>>> tcp4 0 0 localhost.57473
>>> localhost.ipp
>>> CLOSE_WAIT
>>> tcp4 0 0 cpc3-nott2-5-0-c.53524
>>> baym-cs269.msgr..msnp
>>> ESTABLISHED
>>> tcp4 0 0 cpc3-nott2-5-0-c.jboss
>>> cpc3-nott2-5-0-c.64161ESTABLISHED
>>> tcp4 0 0 cpc3-nott2-5-0-c.64161
>>> cpc3-nott2-5-0-c.jbossESTABLISHED
>>> tcp4 0 0 cpc3-nott2-5-0-c.50438
>>> 205.188.8.138.aol
>>> ESTABLISHED
>>> tcp4 0 0 localhost.netinfo-loca
>>> localhost.916
>>> ESTABLISHED
>>> tcp4 0 0 localhost.916
>>> localhost.netinfo-locaESTABLISHED
>>> udp4 0 0 localhost.49814
>>> localhost.49814
>>> udp4 0 0 cpc3-nott2-5-0-c.49810
>>> *.*
>>> udp6 0 0 localhost.49242
>>> localhost.49242
>>> udp4 0 0 cpc3-nott2-5-0-c.netbi
>>> *.*
>>> udp4 0 0 cpc3-nott2-5-0-c.netbi
>>> *.*
>>> udp4 0 0 *.netbios-dgm
>>> *.*
>>> udp4 0 0 *.*
>>> *.*
>>> udp4 0 0 *.*
>>> *.*
>>> udp4 0 0 *.netbios-ns
>>> *.*
>>> udp4 0 0 *.ipp
>>> *.*
>>> udp4 0 0 localhost.49159
>>> localhost.1022
>>> udp4 0 0 localhost.49158
>>> localhost.1022
>>> udp4 0 0 localhost.1022
>>> *.*
>>> udp4 0 0 localhost.49156
>>> localhost.1023
>>> udp4 0 0 localhost.1023
>>> *.*
>>> udp4 0 0 cpc3-nott2-5-0-c.ntp
>>> *.*
>>> udp4 0 0 localhost.ntp
>>> *.*
>>> udp4 0 0 *.ntp
>>> *.*
>>> udp4 0 0 *.mdns
>>> *.*
>>> udp4 0 0 *.bootpc
>>> *.*
>>> udp4 0 0 localhost.netinfo-loca
>>> *.*
>>> udp4 0 0 *.syslog
>>> *.*
>>> udp6 0 0 *.514
>>> *.*
>>> icm6 0 0 *.*
>>> *.*
>>> icm6 0 0 *.*
>>> *.*
>>> Active LOCAL (UNIX) domain sockets
>>> Address Type Recv-Q Send-Q Inode Conn
>>> Refs Nextref Addr
>>> 1d9b118 stream 296 0 0 0
>>> 0 0
>>> 1d9b310 stream 0 0 0 1d9b5e8
>>> 0 0
>>> 1d9b5e8 stream 0 0 0 1d9b310
>>> 0 0
>>> 1d9b460 stream 0 0 0 1d9b5b0
>>> 0 0
>>> 1d9b5b0 stream 0 0 0 1d9b460
>>> 0 0
>>> 1d9b348 stream 0 0 0 0
>>> 0 0
>>> 1d9b070 stream 0 0 0 0
>>> 0 0
>>> 1d9b1c0 stream 0 0 2560e40 0
>>> 0
>>> 0/tmp/icssuis501
>>> 1d9b1f8 stream 0 0 0 1d9b2a0
>>> 0 0
>>> 1d9b2a0 stream 0 0 0 1d9b1f8
>>> 0 0
>>> 1d9b268 stream 0 0 0 1d9b2d8
>>> 0 0
>>> 1d9b2d8 stream 0 0 0 1d9b268
>>> 0 0
>>> 1d9b738 stream 0 0 0 1d9b700
>>> 0 0
>>> 1d9b700 stream 0 0 0 1d9b738
>>> 0 0
>>> 1d9b7a8 stream 0 0 2597b58 0
>>> 0
>>> 0/tmp/.s.PGSQL.5432
>>> 1d9b818 stream 0 0 0 1d9ba10
>>> 0 0
>>> 1d9ba10 stream 0 0 0 1d9b818
>>> 0 0
>>> 1d9b9a0 stream 0 0 0 1d9b7e0
>>> 0 0
>>> 1d9b7e0 stream 0 0 0 1d9b9a0
>>> 0 0
>>> 1d9b968 stream 0 0 0 1d9ba80
>>> 0 0
>>> 1d9ba80 stream 0 0 0 1d9b968
>>> 0 0
>>> 1d9baf0 stream 0 0 0 1d9ba48
>>> 0 0
>>> 1d9ba48 stream 0 0 0 1d9baf0
>>> 0 0
>>> 1d9b850 stream 0 0 0 1d9b888
>>> 0 0
>>> 1d9b888 stream 0 0 0 1d9b850
>>> 0 0
>>> 1d9b8c0 stream 0 0 0 1d9bb98
>>> 0 0
>>> 1d9bb98 stream 0 0 0 1d9b8c0
>>> 0 0
>>> 1d9bee0 stream 0 0 1fa27b8 0
>>> 0
>>> 0/var/run/mDNSResponder
>>> 1d9bf18 stream 0 0 1f4a428 0
>>> 0
>>> 0/var/run/pppconfd
>>> 1d9bc08 dgram 0 0 0 1d9bfc0
>>> 0 1d9bbd0
>>> 1d9b188 dgram 0 0 0 1d9b658
>>> 1d9b658 0
>>> 1d9b658 dgram 0 0 0 1d9b188
>>> 1d9b188 0
>>> 1d9b3b8 dgram 0 0 0 1d9b230
>>> 1d9b230 0
>>> 1d9b230 dgram 0 0 0 1d9b3b8
>>> 1d9b3b8 0
>>> 1d9b540 dgram 0 0 0 1d9b498
>>> 1d9b498 0
>>> 1d9b498 dgram 0 0 0 1d9b540
>>> 1d9b540 0
>>> 1d9b578 dgram 0 0 0 1d9b4d0
>>> 1d9b4d0 0
>>> 1d9b4d0 dgram 0 0 0 1d9b578
>>> 1d9b578 0
>>> 1d9bbd0 dgram 0 0 0 1d9bfc0
>>> 0 1d9bab8
>>> 1d9bab8 dgram 0 0 0 1d9bfc0
>>> 0 1d9b930
>>> 1d9b930 dgram 0 0 0 1d9bfc0
>>> 0 1d9b9d8
>>> 1d9b9d8 dgram 0 0 0 1d9bfc0
>>> 0 1d9bd90
>>> 1d9bd90 dgram 0 0 0 1d9bfc0
>>> 0 1d9bb28
>>> 1d9bb28 dgram 0 0 0 1d9bfc0
>>> 0 1d9bb60
>>> 1d9bb60 dgram 0 0 0 1d9bfc0
>>> 0 1d9bcb0
>>> 1d9bcb0 dgram 0 0 0 1d9bfc0
>>> 0 1d9bd20
>>> 1d9bd20 dgram 0 0 0 1d9bfc0
>>> 0 1d9bce8
>>> 1d9bce8 dgram 0 0 0 1d9bfc0
>>> 0 1d9bea8
>>> 1d9bd58 dgram 0 0 0 1d9bc40
>>> 1d9bc40 0
>>> 1d9bc40 dgram 0 0 0 1d9bd58
>>> 1d9bd58 0
>>> 1d9bea8 dgram 0 0 0 1d9bfc0
>>> 0 1d9bc78
>>> 1d9bc78 dgram 0 0 0 1d9bfc0
>>> 0 1d9bf88
>>> 1d9bf88 dgram 0 0 0 1d9bfc0
>>> 0 1d9be38
>>> 1d9bdc8 dgram 0 0 0 1d9be00
>>> 1d9be00 0
>>> 1d9be00 dgram 0 0 0 1d9bdc8
>>> 1d9bdc8 0
>>> 1d9be38 dgram 0 0 0 1d9bfc0
>>> 0 1d9be70
>>> 1d9be70 dgram 0 0 0 1d9bfc0
>>> 0 1d9bf50
>>> 1d9bf50 dgram 0 0 0 1d9bfc0
>>> 0 0
>>> 1d9bfc0 dgram 0 0 1dd5610 0
>>> 1d9bc08
>>> 0/var/run/syslog
>>>
>>> Andrew
>>> On 1 Dec 2004, at 08:53, parviz wrote:
>>>
>>> I didnt look at your config in detail. But
>>> that error
>>> messagealone
>>> makes me think that either your tomcat(port
>>> 8080) or port 443
>>> is not
>>> listening on the right socket. for example
>>> tomcat is listening
>>> on
>>> 127.0.0.1:8080 but your trying to go
>>> www.mysite.com:8080 (
>>> which
>>> resolves to some pulicIp:8080). Or something
>>> similar. Lets run
>>> netstat
>>> and make sure port 443 and 8080 is listening
>>> where they
>>> should.
>>>
>>> Parviz
>>>
>>> On Tue, 2004-11-30 at 16:30, Andrew M wrote:
>>> Ralph,
>>> I am using Apache 2.0.52 and have
>>> made
>>> the following
>>> amendments:
>>>
>>> 1. create a certificate file :
>>> /library/Apache2/conf/mysiteNew.crt
>>> 2. create a key file:
>>>
>>> /library/Apache2/conf/www.mysite.com.key
>>> 3. Amend the ssl.conf file:
>>>
>>> <IfDefine SSL>
>>> <VirtualHost 127.0.0.1:443>
>>> ......
>>> SSLCertificateFile
>>> /Library/Apache2/conf/mysiteNew.crt
>>> SSLCertificateKeyFile
>>>
>>> /Library/Apache2/conf/www.mysite.com.key
>>>
>>> ****** Start Note ***
>>> RewriteEngine on
>>>
>>> RewriteRule "^/WEB-INF/?(.*)" "$0"
>>> [L,F,NC]
>>> RewriteRule "^/(.*)\.gif$" "$0" [L]
>>> RewriteRule "^/(.*)\.jpg$" "$0" [L]
>>> RewriteRule "^/(.*)\.swf$" "$0" [L]
>>> RewriteRule "^/(.*)\.php$" "$0" [L]
>>> RewriteRule "^/(.*)\.m3u$" "$0" [L]
>>> RewriteRule "^/(.*)\.mp3$" "$0" [L]
>>> RewriteRule "^/(.*)\.html$" "$0" [L]
>>> RewriteRule
>>>
>>>
>>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$https://localhost:8080/mysite/
>>> $1.$2[P,L]
>>> RewriteRule "^/(.*)"
>>> "https://localhost:8080/$1" [P]
>>> ProxyPassReverse /
>>> https://localhost:8080/
>>> ***End Note ***
>>> </virtualHost>
>>> </IfDefine>
>>>
>>> Note: Not sure about the rewrite code
>>> in the virtual
>>> host. Thethinking
>>> behind this is to be able to do
>>> https://www.mysite.com
>>> in theurl and
>>> be directed to port 8080!!!
>>> http://www.mysite.com
>>> works fine.
>>>
>>> Suffice to say, when I enter
>>> https://www.mysite.com
>>> into the url I
>>> get'the connection was refused when
>>> attempting to
>>> contactwww.mysite.com'. What am I
>>> doing wrong???
>>>
>>> many thanks
>>>
>>> Andrew
>>>
>>> p.s. I have enabled port 443 in the
>>> firewall as well.
>>>
>>>
>>> On 30 Nov 2004, at 22:10, Ralf
>>> Glauberman wrote:
>>>
>>> plain text please!
>>>
>>> did you have a look at the
>>> general https
>>> documentation. i
>>> think youwill have to set up
>>> ssl as described
>>> there. try it,
>>> if you are havingproblems,
>>> ask
>>> again.
>>>
>>> ----- Original Message -----
>>> From: Andrew M
>>> To: users@httpd.apache.org
>>> Sent: Tuesday, November 30,
>>> 2004 7:56 PM
>>> Subject: [users@httpd]
>>> mod_jk2
>>> https
>>>
>>>
>>> Hi,
>>> I currently have apache
>>> sitting at the front
>>> end passing
>>> requests tojboss on port 8080
>>> like so in my
>>> http.conf:
>>>
>>> # mod_jk2 configuration
>>> LoadModule jk2_module
>>> modules/mod_jk2.so
>>>
>>> # for jboss
>>> RewriteEngine on
>>>
>>> RewriteRule "^/WEB-INF/?(.*)"
>>> "$0" [L,F,NC]
>>> RewriteRule "^/(.*)\.gif$"
>>> "$0" [L]
>>> RewriteRule "^/(.*)\.jpg$"
>>> "$0" [L]
>>> RewriteRule "^/(.*)\.swf$"
>>> "$0" [L]
>>> RewriteRule "^/(.*)\.php$"
>>> "$0" [L]
>>> RewriteRule "^/(.*)\.m3u$"
>>> "$0" [L]
>>> RewriteRule "^/(.*)\.mp3$"
>>> "$0" [L]
>>> RewriteRule "^/(.*)\.html$"
>>> "$0" [L]
>>> RewriteRule
>>>
>>>
>>>
>>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$http://localhost:8080/mysite/
>>> $1.$2[P,L]
>>> RewriteRule "^/(.*)"
>>> "http://localhost:8080/$1" [P]
>>> ProxyPassReverse /
>>> http://localhost:8080/
>>>
>>> How would I, in this
>>> instance,
>>> setup https?
>>> Bare with me if
>>> this seemsfairly obvious as I
>>> have never
>>> worked with https
>>> before.
>>>
>>> many thanks
>>>
>>> p.s. How do I then go about
>>> creating/obtaining
>>> a certificate
>>> to sit inapache to make the
>>> whole ssl thing
>>> work?
>>> Andrew
>>>
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> The official User-To-User
>>> support forum of the
>>> Apache HTTP
>>> ServerProject.
>>> See
>>>
>>> <URL:http://httpd.apache.org/userslist.html> for more
>>> info.
>>> To unsubscribe, e-mail:
>>> users-unsubscribe@httpd.apache.org
>>> " from the digest:
>>>
>>> users-digest-unsubscribe@httpd.apache.org
>>> For additional commands,
>>> e-mail:
>>> users-help@httpd.apache.org
>>>
>>>
>>>
>>>
>>>
>>>
>>> _____________________________________________________________________
>>> _
>>>
>>> +Thehome of urban music
>>> + http://www.beyarecords.com
>>>
>>>
>>>
>>>
>>>
>>> _____________________________________________________________________
>>> _
>>>
>>>
>>> ---------------------------------------------------------------------
>>> The official User-To-User support
>>> forum of the Apache
>>> HTTP ServerProject.
>>> See
>>> <URL:http://httpd.apache.org/userslist.html> for
>>> more info.
>>> To unsubscribe, e-mail:
>>> users-unsubscribe@httpd.apache.org
>>> " from the digest:
>>>
>>> users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail:
>>> users-help@httpd.apache.org
>>>
>>>
>>>
>>>
>>> _____________________________________________________________________
>>> _
>>>
>>> +Thehome of urban music
>>> + http://www.beyarecords.com
>>>
>>>
>>>
>>>
>>> _____________________________________________________________________
>>> _
>>>
>>> ---------------------------------------------------------------------
>>> The official User-To-User support forum of the Apache
>>> HTTP ServerProject.
>>> See <URL:http://httpd.apache.org/userslist.html> for
>>> more info.
>>> To unsubscribe, e-mail:
>>> users-unsubscribe@httpd.apache.org
>>> " from the digest:
>>> users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail:
>>> users-help@httpd.apache.org
>>>
>>>
>>>
>>> _____________________________________________________________________
>>> _
>>>
>>> +Thehome of urban music
>>> + http://www.beyarecords.com
>>>
>>>
>>>
>>> _____________________________________________________________________
>>> _
>>> ---------------------------------------------------------------------
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project.
>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
AW: [users@httpd] mod_jk2 https
Posted by Steffen Heil <li...@steffen-heil.de>.
Hi
Please post the results of
netstat -nlp | grep apache
They should look somehow like:
tcp 0 0 80.190.243.78:80 0.0.0.0:* LISTEN
6769/apache2
tcp 0 0 80.190.242.152:80 0.0.0.0:* LISTEN
6769/apache2
tcp 0 0 80.190.243.78:443 0.0.0.0:* LISTEN
6769/apache2
tcp 0 0 80.190.242.152:443 0.0.0.0:* LISTEN
6769/apache2
Regards,
Steffen
-----Ursprüngliche Nachricht-----
Von: Andrew M [mailto:andrew@jibeya.com]
Gesendet: Mittwoch, 1. Dezember 2004 11:06
An: users@httpd.apache.org
Betreff: Re: [users@httpd] mod_jk2 https
Parviz,
yes apache is up and running, you can see this if you ping
www.beyarecords.com. You are right though, I can't see port 80 or 443
either! HELP!!!!
Andrew
On 1 Dec 2004, at 09:45, parviz wrote:
> I cant see you listening on port 80 or 443. Is your apache up?
>
> Parviz
>
>
> On Wed, 2004-12-01 at 01:28, Andrew M wrote:
>> Parviz,
>> here is part of the output generated from netstat -an:
>>
>> tcp4 0 0 81.98.165.128.4444 81.98.165.128.54548
>> ESTABLISHED
>> tcp4 0 0 81.98.165.128.54548 81.98.165.128.4444
>> ESTABLISHED
>> tcp4 0 0 127.0.0.1.57474 127.0.0.1.631
>> CLOSE_WAIT
>> tcp4 0 0 127.0.0.1.57473 127.0.0.1.631
>> CLOSE_WAIT
>> tcp4 0 0 81.98.165.128.53524 207.46.107.69.1863
>> ESTABLISHED
>> tcp46 0 0 *.8009 *.*
>> LISTEN
>> tcp46 0 0 *.8093 *.*
>> LISTEN
>> tcp4 0 0 81.98.165.128.3528 81.98.165.128.64161
>> ESTABLISHED
>> tcp4 0 0 81.98.165.128.64161 81.98.165.128.3528
>> ESTABLISHED
>> tcp46 0 0 *.3528 *.*
>> LISTEN
>> tcp46 0 0 *.8080 *.*
>> LISTEN
>> tcp46 0 0 *.4445 *.*
>> LISTEN
>> tcp46 0 0 *.4444 *.*
>> LISTEN
>> tcp46 0 0 *.8083 *.*
>> LISTEN
>> tcp46 0 0 *.1099 *.*
>> LISTEN
>> tcp46 0 0 *.1098 *.*
>> LISTEN
>> tcp4 0 0 81.98.165.128.50438 205.188.8.138.5190
>> ESTABLISHED
>> tcp4 0 0 *.* *.*
>> CLOSED
>> tcp4 0 0 *.5432 *.*
>> LISTEN
>> tcp6 0 0 *.5432 *.*
>> LISTEN
>> tcp4 0 0 *.* *.*
>> CLOSED
>> tcp4 0 0 *.* *.*
>> CLOSED
>> tcp4 0 0 *.139 *.*
>> LISTEN
>> tcp4 0 0 127.0.0.1.631 *.*
>> LISTEN
>> tcp4 0 0 127.0.0.1.1033 127.0.0.1.916
>> ESTABLISHED
>> tcp4 0 0 127.0.0.1.916 127.0.0.1.1033
>> ESTABLISHED
>> tcp4 0 0 127.0.0.1.1033 *.*
>> LISTEN
>> udp4 0 0 127.0.0.1.49814 127.0.0.1.49814
>> udp4 0 0 81.98.165.128.49810 *.*
>> udp6 0 0 ::1.49242 ::1.49242
>> udp4 0 0 81.98.165.128.138 *.*
>> udp4 0 0 81.98.165.128.137 *.*
>> udp4 0 0 *.138 *.*
>> udp4 0 0 *.* *.*
>> udp4 0 0 *.* *.*
>> udp4 0 0 *.137 *.*
>> udp4 0 0 *.631 *.*
>> udp4 0 0 127.0.0.1.49159 127.0.0.1.1022
>> udp4 0 0 127.0.0.1.49158 127.0.0.1.1022
>> udp4 0 0 127.0.0.1.1022 *.*
>> udp4 0 0 127.0.0.1.49156 127.0.0.1.1023
>> udp4 0 0 127.0.0.1.1023 *.*
>> udp4 0 0 81.98.165.128.123 *.*
>> udp4 0 0 127.0.0.1.123 *.*
>> udp4 0 0 *.123 *.*
>> udp4 0 0 *.5353 *.*
>> udp4 0 0 *.68 *.*
>> udp4 0 0 127.0.0.1.1033 *.*
>> udp4 0 0 *.514 *.*
>> udp6 0 0 *.514 *.*
>> icm6 0 0 *.* *.*
>> icm6 0 0 *.* *.*
>>
>> regards
>>
>> Andrew
>> On 1 Dec 2004, at 09:22, parviz wrote:
>>
>> can you run "netstat -an". There are just lines that are
>> toolong and I
>> dont see the port number.
>>
>> Parviz
>> On Wed, 2004-12-01 at 01:14, Andrew M wrote:
>> Parviz,
>> I ran netstat and got the following output:
>>
>> Active Internet connections
>> Proto Recv-Q Send-Q Local Address Foreign
>> Address
>> (state)
>> tcp4 0 0 localhost.57474
>> localhost.ipp
>> CLOSE_WAIT
>> tcp4 0 0 localhost.57473
>> localhost.ipp
>> CLOSE_WAIT
>> tcp4 0 0 cpc3-nott2-5-0-c.53524
>> baym-cs269.msgr..msnp
>> ESTABLISHED
>> tcp4 0 0 cpc3-nott2-5-0-c.jboss
>> cpc3-nott2-5-0-c.64161ESTABLISHED
>> tcp4 0 0 cpc3-nott2-5-0-c.64161
>> cpc3-nott2-5-0-c.jbossESTABLISHED
>> tcp4 0 0 cpc3-nott2-5-0-c.50438
>> 205.188.8.138.aol
>> ESTABLISHED
>> tcp4 0 0 localhost.netinfo-loca
>> localhost.916
>> ESTABLISHED
>> tcp4 0 0 localhost.916
>> localhost.netinfo-locaESTABLISHED
>> udp4 0 0 localhost.49814
>> localhost.49814
>> udp4 0 0 cpc3-nott2-5-0-c.49810
>> *.*
>> udp6 0 0 localhost.49242
>> localhost.49242
>> udp4 0 0 cpc3-nott2-5-0-c.netbi
>> *.*
>> udp4 0 0 cpc3-nott2-5-0-c.netbi
>> *.*
>> udp4 0 0 *.netbios-dgm
>> *.*
>> udp4 0 0 *.*
>> *.*
>> udp4 0 0 *.*
>> *.*
>> udp4 0 0 *.netbios-ns
>> *.*
>> udp4 0 0 *.ipp
>> *.*
>> udp4 0 0 localhost.49159
>> localhost.1022
>> udp4 0 0 localhost.49158
>> localhost.1022
>> udp4 0 0 localhost.1022
>> *.*
>> udp4 0 0 localhost.49156
>> localhost.1023
>> udp4 0 0 localhost.1023
>> *.*
>> udp4 0 0 cpc3-nott2-5-0-c.ntp
>> *.*
>> udp4 0 0 localhost.ntp
>> *.*
>> udp4 0 0 *.ntp
>> *.*
>> udp4 0 0 *.mdns
>> *.*
>> udp4 0 0 *.bootpc
>> *.*
>> udp4 0 0 localhost.netinfo-loca
>> *.*
>> udp4 0 0 *.syslog
>> *.*
>> udp6 0 0 *.514
>> *.*
>> icm6 0 0 *.*
>> *.*
>> icm6 0 0 *.*
>> *.*
>> Active LOCAL (UNIX) domain sockets
>> Address Type Recv-Q Send-Q Inode Conn
>> Refs Nextref Addr
>> 1d9b118 stream 296 0 0 0
>> 0 0
>> 1d9b310 stream 0 0 0 1d9b5e8
>> 0 0
>> 1d9b5e8 stream 0 0 0 1d9b310
>> 0 0
>> 1d9b460 stream 0 0 0 1d9b5b0
>> 0 0
>> 1d9b5b0 stream 0 0 0 1d9b460
>> 0 0
>> 1d9b348 stream 0 0 0 0
>> 0 0
>> 1d9b070 stream 0 0 0 0
>> 0 0
>> 1d9b1c0 stream 0 0 2560e40 0
>> 0
>> 0/tmp/icssuis501
>> 1d9b1f8 stream 0 0 0 1d9b2a0
>> 0 0
>> 1d9b2a0 stream 0 0 0 1d9b1f8
>> 0 0
>> 1d9b268 stream 0 0 0 1d9b2d8
>> 0 0
>> 1d9b2d8 stream 0 0 0 1d9b268
>> 0 0
>> 1d9b738 stream 0 0 0 1d9b700
>> 0 0
>> 1d9b700 stream 0 0 0 1d9b738
>> 0 0
>> 1d9b7a8 stream 0 0 2597b58 0
>> 0
>> 0/tmp/.s.PGSQL.5432
>> 1d9b818 stream 0 0 0 1d9ba10
>> 0 0
>> 1d9ba10 stream 0 0 0 1d9b818
>> 0 0
>> 1d9b9a0 stream 0 0 0 1d9b7e0
>> 0 0
>> 1d9b7e0 stream 0 0 0 1d9b9a0
>> 0 0
>> 1d9b968 stream 0 0 0 1d9ba80
>> 0 0
>> 1d9ba80 stream 0 0 0 1d9b968
>> 0 0
>> 1d9baf0 stream 0 0 0 1d9ba48
>> 0 0
>> 1d9ba48 stream 0 0 0 1d9baf0
>> 0 0
>> 1d9b850 stream 0 0 0 1d9b888
>> 0 0
>> 1d9b888 stream 0 0 0 1d9b850
>> 0 0
>> 1d9b8c0 stream 0 0 0 1d9bb98
>> 0 0
>> 1d9bb98 stream 0 0 0 1d9b8c0
>> 0 0
>> 1d9bee0 stream 0 0 1fa27b8 0
>> 0
>> 0/var/run/mDNSResponder
>> 1d9bf18 stream 0 0 1f4a428 0
>> 0
>> 0/var/run/pppconfd
>> 1d9bc08 dgram 0 0 0 1d9bfc0
>> 0 1d9bbd0
>> 1d9b188 dgram 0 0 0 1d9b658
>> 1d9b658 0
>> 1d9b658 dgram 0 0 0 1d9b188
>> 1d9b188 0
>> 1d9b3b8 dgram 0 0 0 1d9b230
>> 1d9b230 0
>> 1d9b230 dgram 0 0 0 1d9b3b8
>> 1d9b3b8 0
>> 1d9b540 dgram 0 0 0 1d9b498
>> 1d9b498 0
>> 1d9b498 dgram 0 0 0 1d9b540
>> 1d9b540 0
>> 1d9b578 dgram 0 0 0 1d9b4d0
>> 1d9b4d0 0
>> 1d9b4d0 dgram 0 0 0 1d9b578
>> 1d9b578 0
>> 1d9bbd0 dgram 0 0 0 1d9bfc0
>> 0 1d9bab8
>> 1d9bab8 dgram 0 0 0 1d9bfc0
>> 0 1d9b930
>> 1d9b930 dgram 0 0 0 1d9bfc0
>> 0 1d9b9d8
>> 1d9b9d8 dgram 0 0 0 1d9bfc0
>> 0 1d9bd90
>> 1d9bd90 dgram 0 0 0 1d9bfc0
>> 0 1d9bb28
>> 1d9bb28 dgram 0 0 0 1d9bfc0
>> 0 1d9bb60
>> 1d9bb60 dgram 0 0 0 1d9bfc0
>> 0 1d9bcb0
>> 1d9bcb0 dgram 0 0 0 1d9bfc0
>> 0 1d9bd20
>> 1d9bd20 dgram 0 0 0 1d9bfc0
>> 0 1d9bce8
>> 1d9bce8 dgram 0 0 0 1d9bfc0
>> 0 1d9bea8
>> 1d9bd58 dgram 0 0 0 1d9bc40
>> 1d9bc40 0
>> 1d9bc40 dgram 0 0 0 1d9bd58
>> 1d9bd58 0
>> 1d9bea8 dgram 0 0 0 1d9bfc0
>> 0 1d9bc78
>> 1d9bc78 dgram 0 0 0 1d9bfc0
>> 0 1d9bf88
>> 1d9bf88 dgram 0 0 0 1d9bfc0
>> 0 1d9be38
>> 1d9bdc8 dgram 0 0 0 1d9be00
>> 1d9be00 0
>> 1d9be00 dgram 0 0 0 1d9bdc8
>> 1d9bdc8 0
>> 1d9be38 dgram 0 0 0 1d9bfc0
>> 0 1d9be70
>> 1d9be70 dgram 0 0 0 1d9bfc0
>> 0 1d9bf50
>> 1d9bf50 dgram 0 0 0 1d9bfc0
>> 0 0
>> 1d9bfc0 dgram 0 0 1dd5610 0
>> 1d9bc08
>> 0/var/run/syslog
>>
>> Andrew
>> On 1 Dec 2004, at 08:53, parviz wrote:
>>
>> I didnt look at your config in detail. But
>> that error
>> messagealone
>> makes me think that either your tomcat(port
>> 8080) or port 443
>> is not
>> listening on the right socket. for example
>> tomcat is listening
>> on
>> 127.0.0.1:8080 but your trying to go
>> www.mysite.com:8080 (
>> which
>> resolves to some pulicIp:8080). Or something
>> similar. Lets run
>> netstat
>> and make sure port 443 and 8080 is listening
>> where they
>> should.
>>
>> Parviz
>>
>> On Tue, 2004-11-30 at 16:30, Andrew M wrote:
>> Ralph,
>> I am using Apache 2.0.52 and have made
>> the following
>> amendments:
>>
>> 1. create a certificate file :
>> /library/Apache2/conf/mysiteNew.crt
>> 2. create a key file:
>>
>> /library/Apache2/conf/www.mysite.com.key
>> 3. Amend the ssl.conf file:
>>
>> <IfDefine SSL>
>> <VirtualHost 127.0.0.1:443>
>> ......
>> SSLCertificateFile
>> /Library/Apache2/conf/mysiteNew.crt
>> SSLCertificateKeyFile
>>
>> /Library/Apache2/conf/www.mysite.com.key
>>
>> ****** Start Note ***
>> RewriteEngine on
>>
>> RewriteRule "^/WEB-INF/?(.*)" "$0"
>> [L,F,NC]
>> RewriteRule "^/(.*)\.gif$" "$0" [L]
>> RewriteRule "^/(.*)\.jpg$" "$0" [L]
>> RewriteRule "^/(.*)\.swf$" "$0" [L]
>> RewriteRule "^/(.*)\.php$" "$0" [L]
>> RewriteRule "^/(.*)\.m3u$" "$0" [L]
>> RewriteRule "^/(.*)\.mp3$" "$0" [L]
>> RewriteRule "^/(.*)\.html$" "$0" [L]
>> RewriteRule
>>
>>
>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$https://localhost:8080/mysite/
>> $1.$2[P,L]
>> RewriteRule "^/(.*)"
>> "https://localhost:8080/$1" [P]
>> ProxyPassReverse /
>> https://localhost:8080/
>> ***End Note ***
>> </virtualHost>
>> </IfDefine>
>>
>> Note: Not sure about the rewrite code
>> in the virtual
>> host. Thethinking
>> behind this is to be able to do
>> https://www.mysite.com
>> in theurl and
>> be directed to port 8080!!!
>> http://www.mysite.com
>> works fine.
>>
>> Suffice to say, when I enter
>> https://www.mysite.com
>> into the url I
>> get'the connection was refused when
>> attempting to
>> contactwww.mysite.com'. What am I
>> doing wrong???
>>
>> many thanks
>>
>> Andrew
>>
>> p.s. I have enabled port 443 in the
>> firewall as well.
>>
>>
>> On 30 Nov 2004, at 22:10, Ralf
>> Glauberman wrote:
>>
>> plain text please!
>>
>> did you have a look at the
>> general https
>> documentation. i
>> think youwill have to set up
>> ssl as described
>> there. try it,
>> if you are havingproblems, ask
>> again.
>>
>> ----- Original Message -----
>> From: Andrew M
>> To: users@httpd.apache.org
>> Sent: Tuesday, November 30,
>> 2004 7:56 PM
>> Subject: [users@httpd] mod_jk2
>> https
>>
>>
>> Hi,
>> I currently have apache
>> sitting at the front
>> end passing
>> requests tojboss on port 8080
>> like so in my
>> http.conf:
>>
>> # mod_jk2 configuration
>> LoadModule jk2_module
>> modules/mod_jk2.so
>>
>> # for jboss
>> RewriteEngine on
>>
>> RewriteRule "^/WEB-INF/?(.*)"
>> "$0" [L,F,NC]
>> RewriteRule "^/(.*)\.gif$"
>> "$0" [L]
>> RewriteRule "^/(.*)\.jpg$"
>> "$0" [L]
>> RewriteRule "^/(.*)\.swf$"
>> "$0" [L]
>> RewriteRule "^/(.*)\.php$"
>> "$0" [L]
>> RewriteRule "^/(.*)\.m3u$"
>> "$0" [L]
>> RewriteRule "^/(.*)\.mp3$"
>> "$0" [L]
>> RewriteRule "^/(.*)\.html$"
>> "$0" [L]
>> RewriteRule
>>
>>
>>
>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$http://localhost:8080/mysite/
>> $1.$2[P,L]
>> RewriteRule "^/(.*)"
>> "http://localhost:8080/$1" [P]
>> ProxyPassReverse /
>> http://localhost:8080/
>>
>> How would I, in this instance,
>> setup https?
>> Bare with me if
>> this seemsfairly obvious as I
>> have never
>> worked with https
>> before.
>>
>> many thanks
>>
>> p.s. How do I then go about
>> creating/obtaining
>> a certificate
>> to sit inapache to make the
>> whole ssl thing
>> work?
>> Andrew
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User
>> support forum of the
>> Apache HTTP
>> ServerProject.
>> See
>>
>> <URL:http://httpd.apache.org/userslist.html> for more
>> info.
>> To unsubscribe, e-mail:
>> users-unsubscribe@httpd.apache.org
>> " from the digest:
>>
>> users-digest-unsubscribe@httpd.apache.org
>> For additional commands,
>> e-mail:
>> users-help@httpd.apache.org
>>
>>
>>
>>
>>
>>
>> _____________________________________________________________________
>> _
>>
>> +Thehome of urban music
>> + http://www.beyarecords.com
>>
>>
>>
>>
>>
>> _____________________________________________________________________
>> _
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support
>> forum of the Apache
>> HTTP ServerProject.
>> See
>> <URL:http://httpd.apache.org/userslist.html> for
>> more info.
>> To unsubscribe, e-mail:
>> users-unsubscribe@httpd.apache.org
>> " from the digest:
>>
>> users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail:
>> users-help@httpd.apache.org
>>
>>
>>
>>
>> _____________________________________________________________________
>> _
>>
>> +Thehome of urban music
>> + http://www.beyarecords.com
>>
>>
>>
>>
>> _____________________________________________________________________
>> _
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache
>> HTTP ServerProject.
>> See <URL:http://httpd.apache.org/userslist.html> for
>> more info.
>> To unsubscribe, e-mail:
>> users-unsubscribe@httpd.apache.org
>> " from the digest:
>> users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail:
>> users-help@httpd.apache.org
>>
>>
>>
>> _____________________________________________________________________
>> _
>>
>> +Thehome of urban music
>> + http://www.beyarecords.com
>>
>>
>>
>> _____________________________________________________________________
>> _
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Parviz,
yes apache is up and running, you can see this if you ping
www.beyarecords.com. You are right though, I can't see port 80 or 443
either! HELP!!!!
Andrew
On 1 Dec 2004, at 09:45, parviz wrote:
> I cant see you listening on port 80 or 443. Is your apache up?
>
> Parviz
>
>
> On Wed, 2004-12-01 at 01:28, Andrew M wrote:
>> Parviz,
>> here is part of the output generated from netstat -an:
>>
>> tcp4 0 0 81.98.165.128.4444 81.98.165.128.54548
>> ESTABLISHED
>> tcp4 0 0 81.98.165.128.54548 81.98.165.128.4444
>> ESTABLISHED
>> tcp4 0 0 127.0.0.1.57474 127.0.0.1.631
>> CLOSE_WAIT
>> tcp4 0 0 127.0.0.1.57473 127.0.0.1.631
>> CLOSE_WAIT
>> tcp4 0 0 81.98.165.128.53524 207.46.107.69.1863
>> ESTABLISHED
>> tcp46 0 0 *.8009 *.*
>> LISTEN
>> tcp46 0 0 *.8093 *.*
>> LISTEN
>> tcp4 0 0 81.98.165.128.3528 81.98.165.128.64161
>> ESTABLISHED
>> tcp4 0 0 81.98.165.128.64161 81.98.165.128.3528
>> ESTABLISHED
>> tcp46 0 0 *.3528 *.*
>> LISTEN
>> tcp46 0 0 *.8080 *.*
>> LISTEN
>> tcp46 0 0 *.4445 *.*
>> LISTEN
>> tcp46 0 0 *.4444 *.*
>> LISTEN
>> tcp46 0 0 *.8083 *.*
>> LISTEN
>> tcp46 0 0 *.1099 *.*
>> LISTEN
>> tcp46 0 0 *.1098 *.*
>> LISTEN
>> tcp4 0 0 81.98.165.128.50438 205.188.8.138.5190
>> ESTABLISHED
>> tcp4 0 0 *.* *.*
>> CLOSED
>> tcp4 0 0 *.5432 *.*
>> LISTEN
>> tcp6 0 0 *.5432 *.*
>> LISTEN
>> tcp4 0 0 *.* *.*
>> CLOSED
>> tcp4 0 0 *.* *.*
>> CLOSED
>> tcp4 0 0 *.139 *.*
>> LISTEN
>> tcp4 0 0 127.0.0.1.631 *.*
>> LISTEN
>> tcp4 0 0 127.0.0.1.1033 127.0.0.1.916
>> ESTABLISHED
>> tcp4 0 0 127.0.0.1.916 127.0.0.1.1033
>> ESTABLISHED
>> tcp4 0 0 127.0.0.1.1033 *.*
>> LISTEN
>> udp4 0 0 127.0.0.1.49814 127.0.0.1.49814
>> udp4 0 0 81.98.165.128.49810 *.*
>> udp6 0 0 ::1.49242 ::1.49242
>> udp4 0 0 81.98.165.128.138 *.*
>> udp4 0 0 81.98.165.128.137 *.*
>> udp4 0 0 *.138 *.*
>> udp4 0 0 *.* *.*
>> udp4 0 0 *.* *.*
>> udp4 0 0 *.137 *.*
>> udp4 0 0 *.631 *.*
>> udp4 0 0 127.0.0.1.49159 127.0.0.1.1022
>> udp4 0 0 127.0.0.1.49158 127.0.0.1.1022
>> udp4 0 0 127.0.0.1.1022 *.*
>> udp4 0 0 127.0.0.1.49156 127.0.0.1.1023
>> udp4 0 0 127.0.0.1.1023 *.*
>> udp4 0 0 81.98.165.128.123 *.*
>> udp4 0 0 127.0.0.1.123 *.*
>> udp4 0 0 *.123 *.*
>> udp4 0 0 *.5353 *.*
>> udp4 0 0 *.68 *.*
>> udp4 0 0 127.0.0.1.1033 *.*
>> udp4 0 0 *.514 *.*
>> udp6 0 0 *.514 *.*
>> icm6 0 0 *.* *.*
>> icm6 0 0 *.* *.*
>>
>> regards
>>
>> Andrew
>> On 1 Dec 2004, at 09:22, parviz wrote:
>>
>> can you run "netstat -an". There are just lines that are
>> toolong and I
>> dont see the port number.
>>
>> Parviz
>> On Wed, 2004-12-01 at 01:14, Andrew M wrote:
>> Parviz,
>> I ran netstat and got the following output:
>>
>> Active Internet connections
>> Proto Recv-Q Send-Q Local Address Foreign
>> Address
>> (state)
>> tcp4 0 0 localhost.57474
>> localhost.ipp
>> CLOSE_WAIT
>> tcp4 0 0 localhost.57473
>> localhost.ipp
>> CLOSE_WAIT
>> tcp4 0 0 cpc3-nott2-5-0-c.53524
>> baym-cs269.msgr..msnp
>> ESTABLISHED
>> tcp4 0 0 cpc3-nott2-5-0-c.jboss
>> cpc3-nott2-5-0-c.64161ESTABLISHED
>> tcp4 0 0 cpc3-nott2-5-0-c.64161
>> cpc3-nott2-5-0-c.jbossESTABLISHED
>> tcp4 0 0 cpc3-nott2-5-0-c.50438
>> 205.188.8.138.aol
>> ESTABLISHED
>> tcp4 0 0 localhost.netinfo-loca
>> localhost.916
>> ESTABLISHED
>> tcp4 0 0 localhost.916
>> localhost.netinfo-locaESTABLISHED
>> udp4 0 0 localhost.49814
>> localhost.49814
>> udp4 0 0 cpc3-nott2-5-0-c.49810
>> *.*
>> udp6 0 0 localhost.49242
>> localhost.49242
>> udp4 0 0 cpc3-nott2-5-0-c.netbi
>> *.*
>> udp4 0 0 cpc3-nott2-5-0-c.netbi
>> *.*
>> udp4 0 0 *.netbios-dgm
>> *.*
>> udp4 0 0 *.*
>> *.*
>> udp4 0 0 *.*
>> *.*
>> udp4 0 0 *.netbios-ns
>> *.*
>> udp4 0 0 *.ipp
>> *.*
>> udp4 0 0 localhost.49159
>> localhost.1022
>> udp4 0 0 localhost.49158
>> localhost.1022
>> udp4 0 0 localhost.1022
>> *.*
>> udp4 0 0 localhost.49156
>> localhost.1023
>> udp4 0 0 localhost.1023
>> *.*
>> udp4 0 0 cpc3-nott2-5-0-c.ntp
>> *.*
>> udp4 0 0 localhost.ntp
>> *.*
>> udp4 0 0 *.ntp
>> *.*
>> udp4 0 0 *.mdns
>> *.*
>> udp4 0 0 *.bootpc
>> *.*
>> udp4 0 0 localhost.netinfo-loca
>> *.*
>> udp4 0 0 *.syslog
>> *.*
>> udp6 0 0 *.514
>> *.*
>> icm6 0 0 *.*
>> *.*
>> icm6 0 0 *.*
>> *.*
>> Active LOCAL (UNIX) domain sockets
>> Address Type Recv-Q Send-Q Inode Conn
>> Refs Nextref Addr
>> 1d9b118 stream 296 0 0 0
>> 0 0
>> 1d9b310 stream 0 0 0 1d9b5e8
>> 0 0
>> 1d9b5e8 stream 0 0 0 1d9b310
>> 0 0
>> 1d9b460 stream 0 0 0 1d9b5b0
>> 0 0
>> 1d9b5b0 stream 0 0 0 1d9b460
>> 0 0
>> 1d9b348 stream 0 0 0 0
>> 0 0
>> 1d9b070 stream 0 0 0 0
>> 0 0
>> 1d9b1c0 stream 0 0 2560e40 0
>> 0
>> 0/tmp/icssuis501
>> 1d9b1f8 stream 0 0 0 1d9b2a0
>> 0 0
>> 1d9b2a0 stream 0 0 0 1d9b1f8
>> 0 0
>> 1d9b268 stream 0 0 0 1d9b2d8
>> 0 0
>> 1d9b2d8 stream 0 0 0 1d9b268
>> 0 0
>> 1d9b738 stream 0 0 0 1d9b700
>> 0 0
>> 1d9b700 stream 0 0 0 1d9b738
>> 0 0
>> 1d9b7a8 stream 0 0 2597b58 0
>> 0
>> 0/tmp/.s.PGSQL.5432
>> 1d9b818 stream 0 0 0 1d9ba10
>> 0 0
>> 1d9ba10 stream 0 0 0 1d9b818
>> 0 0
>> 1d9b9a0 stream 0 0 0 1d9b7e0
>> 0 0
>> 1d9b7e0 stream 0 0 0 1d9b9a0
>> 0 0
>> 1d9b968 stream 0 0 0 1d9ba80
>> 0 0
>> 1d9ba80 stream 0 0 0 1d9b968
>> 0 0
>> 1d9baf0 stream 0 0 0 1d9ba48
>> 0 0
>> 1d9ba48 stream 0 0 0 1d9baf0
>> 0 0
>> 1d9b850 stream 0 0 0 1d9b888
>> 0 0
>> 1d9b888 stream 0 0 0 1d9b850
>> 0 0
>> 1d9b8c0 stream 0 0 0 1d9bb98
>> 0 0
>> 1d9bb98 stream 0 0 0 1d9b8c0
>> 0 0
>> 1d9bee0 stream 0 0 1fa27b8 0
>> 0
>> 0/var/run/mDNSResponder
>> 1d9bf18 stream 0 0 1f4a428 0
>> 0
>> 0/var/run/pppconfd
>> 1d9bc08 dgram 0 0 0 1d9bfc0
>> 0 1d9bbd0
>> 1d9b188 dgram 0 0 0 1d9b658
>> 1d9b658 0
>> 1d9b658 dgram 0 0 0 1d9b188
>> 1d9b188 0
>> 1d9b3b8 dgram 0 0 0 1d9b230
>> 1d9b230 0
>> 1d9b230 dgram 0 0 0 1d9b3b8
>> 1d9b3b8 0
>> 1d9b540 dgram 0 0 0 1d9b498
>> 1d9b498 0
>> 1d9b498 dgram 0 0 0 1d9b540
>> 1d9b540 0
>> 1d9b578 dgram 0 0 0 1d9b4d0
>> 1d9b4d0 0
>> 1d9b4d0 dgram 0 0 0 1d9b578
>> 1d9b578 0
>> 1d9bbd0 dgram 0 0 0 1d9bfc0
>> 0 1d9bab8
>> 1d9bab8 dgram 0 0 0 1d9bfc0
>> 0 1d9b930
>> 1d9b930 dgram 0 0 0 1d9bfc0
>> 0 1d9b9d8
>> 1d9b9d8 dgram 0 0 0 1d9bfc0
>> 0 1d9bd90
>> 1d9bd90 dgram 0 0 0 1d9bfc0
>> 0 1d9bb28
>> 1d9bb28 dgram 0 0 0 1d9bfc0
>> 0 1d9bb60
>> 1d9bb60 dgram 0 0 0 1d9bfc0
>> 0 1d9bcb0
>> 1d9bcb0 dgram 0 0 0 1d9bfc0
>> 0 1d9bd20
>> 1d9bd20 dgram 0 0 0 1d9bfc0
>> 0 1d9bce8
>> 1d9bce8 dgram 0 0 0 1d9bfc0
>> 0 1d9bea8
>> 1d9bd58 dgram 0 0 0 1d9bc40
>> 1d9bc40 0
>> 1d9bc40 dgram 0 0 0 1d9bd58
>> 1d9bd58 0
>> 1d9bea8 dgram 0 0 0 1d9bfc0
>> 0 1d9bc78
>> 1d9bc78 dgram 0 0 0 1d9bfc0
>> 0 1d9bf88
>> 1d9bf88 dgram 0 0 0 1d9bfc0
>> 0 1d9be38
>> 1d9bdc8 dgram 0 0 0 1d9be00
>> 1d9be00 0
>> 1d9be00 dgram 0 0 0 1d9bdc8
>> 1d9bdc8 0
>> 1d9be38 dgram 0 0 0 1d9bfc0
>> 0 1d9be70
>> 1d9be70 dgram 0 0 0 1d9bfc0
>> 0 1d9bf50
>> 1d9bf50 dgram 0 0 0 1d9bfc0
>> 0 0
>> 1d9bfc0 dgram 0 0 1dd5610 0
>> 1d9bc08
>> 0/var/run/syslog
>>
>> Andrew
>> On 1 Dec 2004, at 08:53, parviz wrote:
>>
>> I didnt look at your config in detail. But
>> that error
>> messagealone
>> makes me think that either your tomcat(port
>> 8080) or port 443
>> is not
>> listening on the right socket. for example
>> tomcat is listening
>> on
>> 127.0.0.1:8080 but your trying to go
>> www.mysite.com:8080 (
>> which
>> resolves to some pulicIp:8080). Or something
>> similar. Lets run
>> netstat
>> and make sure port 443 and 8080 is listening
>> where they
>> should.
>>
>> Parviz
>>
>> On Tue, 2004-11-30 at 16:30, Andrew M wrote:
>> Ralph,
>> I am using Apache 2.0.52 and have made
>> the following
>> amendments:
>>
>> 1. create a certificate file :
>> /library/Apache2/conf/mysiteNew.crt
>> 2. create a key file:
>>
>> /library/Apache2/conf/www.mysite.com.key
>> 3. Amend the ssl.conf file:
>>
>> <IfDefine SSL>
>> <VirtualHost 127.0.0.1:443>
>> ......
>> SSLCertificateFile
>> /Library/Apache2/conf/mysiteNew.crt
>> SSLCertificateKeyFile
>>
>> /Library/Apache2/conf/www.mysite.com.key
>>
>> ****** Start Note ***
>> RewriteEngine on
>>
>> RewriteRule "^/WEB-INF/?(.*)" "$0"
>> [L,F,NC]
>> RewriteRule "^/(.*)\.gif$" "$0" [L]
>> RewriteRule "^/(.*)\.jpg$" "$0" [L]
>> RewriteRule "^/(.*)\.swf$" "$0" [L]
>> RewriteRule "^/(.*)\.php$" "$0" [L]
>> RewriteRule "^/(.*)\.m3u$" "$0" [L]
>> RewriteRule "^/(.*)\.mp3$" "$0" [L]
>> RewriteRule "^/(.*)\.html$" "$0" [L]
>> RewriteRule
>>
>>
>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$https://localhost:8080/mysite/
>> $1.$2[P,L]
>> RewriteRule "^/(.*)"
>> "https://localhost:8080/$1" [P]
>> ProxyPassReverse /
>> https://localhost:8080/
>> ***End Note ***
>> </virtualHost>
>> </IfDefine>
>>
>> Note: Not sure about the rewrite code
>> in the virtual
>> host. Thethinking
>> behind this is to be able to do
>> https://www.mysite.com
>> in theurl and
>> be directed to port 8080!!!
>> http://www.mysite.com
>> works fine.
>>
>> Suffice to say, when I enter
>> https://www.mysite.com
>> into the url I
>> get'the connection was refused when
>> attempting to
>> contactwww.mysite.com'. What am I
>> doing wrong???
>>
>> many thanks
>>
>> Andrew
>>
>> p.s. I have enabled port 443 in the
>> firewall as well.
>>
>>
>> On 30 Nov 2004, at 22:10, Ralf
>> Glauberman wrote:
>>
>> plain text please!
>>
>> did you have a look at the
>> general https
>> documentation. i
>> think youwill have to set up
>> ssl as described
>> there. try it,
>> if you are havingproblems, ask
>> again.
>>
>> ----- Original Message -----
>> From: Andrew M
>> To: users@httpd.apache.org
>> Sent: Tuesday, November 30,
>> 2004 7:56 PM
>> Subject: [users@httpd] mod_jk2
>> https
>>
>>
>> Hi,
>> I currently have apache
>> sitting at the front
>> end passing
>> requests tojboss on port 8080
>> like so in my
>> http.conf:
>>
>> # mod_jk2 configuration
>> LoadModule jk2_module
>> modules/mod_jk2.so
>>
>> # for jboss
>> RewriteEngine on
>>
>> RewriteRule "^/WEB-INF/?(.*)"
>> "$0" [L,F,NC]
>> RewriteRule "^/(.*)\.gif$"
>> "$0" [L]
>> RewriteRule "^/(.*)\.jpg$"
>> "$0" [L]
>> RewriteRule "^/(.*)\.swf$"
>> "$0" [L]
>> RewriteRule "^/(.*)\.php$"
>> "$0" [L]
>> RewriteRule "^/(.*)\.m3u$"
>> "$0" [L]
>> RewriteRule "^/(.*)\.mp3$"
>> "$0" [L]
>> RewriteRule "^/(.*)\.html$"
>> "$0" [L]
>> RewriteRule
>>
>>
>>
>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$http://localhost:8080/mysite/
>> $1.$2[P,L]
>> RewriteRule "^/(.*)"
>> "http://localhost:8080/$1" [P]
>> ProxyPassReverse /
>> http://localhost:8080/
>>
>> How would I, in this instance,
>> setup https?
>> Bare with me if
>> this seemsfairly obvious as I
>> have never
>> worked with https
>> before.
>>
>> many thanks
>>
>> p.s. How do I then go about
>> creating/obtaining
>> a certificate
>> to sit inapache to make the
>> whole ssl thing
>> work?
>> Andrew
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User
>> support forum of the
>> Apache HTTP
>> ServerProject.
>> See
>>
>> <URL:http://httpd.apache.org/userslist.html> for more
>> info.
>> To unsubscribe, e-mail:
>> users-unsubscribe@httpd.apache.org
>> " from the digest:
>>
>> users-digest-unsubscribe@httpd.apache.org
>> For additional commands,
>> e-mail:
>> users-help@httpd.apache.org
>>
>>
>>
>>
>>
>>
>> ______________________________________________________________________
>>
>> +Thehome of urban music
>> + http://www.beyarecords.com
>>
>>
>>
>>
>>
>> ______________________________________________________________________
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support
>> forum of the Apache
>> HTTP ServerProject.
>> See
>> <URL:http://httpd.apache.org/userslist.html> for
>> more info.
>> To unsubscribe, e-mail:
>> users-unsubscribe@httpd.apache.org
>> " from the digest:
>>
>> users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail:
>> users-help@httpd.apache.org
>>
>>
>>
>>
>> ______________________________________________________________________
>>
>> +Thehome of urban music
>> + http://www.beyarecords.com
>>
>>
>>
>>
>> ______________________________________________________________________
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache
>> HTTP ServerProject.
>> See <URL:http://httpd.apache.org/userslist.html> for
>> more info.
>> To unsubscribe, e-mail:
>> users-unsubscribe@httpd.apache.org
>> " from the digest:
>> users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail:
>> users-help@httpd.apache.org
>>
>>
>>
>> ______________________________________________________________________
>>
>> +Thehome of urban music
>> + http://www.beyarecords.com
>>
>>
>>
>> ______________________________________________________________________
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by parviz <de...@nikasolutions.net>.
I cant see you listening on port 80 or 443. Is your apache up?
Parviz
On Wed, 2004-12-01 at 01:28, Andrew M wrote:
> Parviz,
> here is part of the output generated from netstat -an:
>
> tcp4 0 0 81.98.165.128.4444 81.98.165.128.54548
> ESTABLISHED
> tcp4 0 0 81.98.165.128.54548 81.98.165.128.4444
> ESTABLISHED
> tcp4 0 0 127.0.0.1.57474 127.0.0.1.631
> CLOSE_WAIT
> tcp4 0 0 127.0.0.1.57473 127.0.0.1.631
> CLOSE_WAIT
> tcp4 0 0 81.98.165.128.53524 207.46.107.69.1863
> ESTABLISHED
> tcp46 0 0 *.8009 *.*
> LISTEN
> tcp46 0 0 *.8093 *.*
> LISTEN
> tcp4 0 0 81.98.165.128.3528 81.98.165.128.64161
> ESTABLISHED
> tcp4 0 0 81.98.165.128.64161 81.98.165.128.3528
> ESTABLISHED
> tcp46 0 0 *.3528 *.*
> LISTEN
> tcp46 0 0 *.8080 *.*
> LISTEN
> tcp46 0 0 *.4445 *.*
> LISTEN
> tcp46 0 0 *.4444 *.*
> LISTEN
> tcp46 0 0 *.8083 *.*
> LISTEN
> tcp46 0 0 *.1099 *.*
> LISTEN
> tcp46 0 0 *.1098 *.*
> LISTEN
> tcp4 0 0 81.98.165.128.50438 205.188.8.138.5190
> ESTABLISHED
> tcp4 0 0 *.* *.*
> CLOSED
> tcp4 0 0 *.5432 *.*
> LISTEN
> tcp6 0 0 *.5432 *.*
> LISTEN
> tcp4 0 0 *.* *.*
> CLOSED
> tcp4 0 0 *.* *.*
> CLOSED
> tcp4 0 0 *.139 *.*
> LISTEN
> tcp4 0 0 127.0.0.1.631 *.*
> LISTEN
> tcp4 0 0 127.0.0.1.1033 127.0.0.1.916
> ESTABLISHED
> tcp4 0 0 127.0.0.1.916 127.0.0.1.1033
> ESTABLISHED
> tcp4 0 0 127.0.0.1.1033 *.*
> LISTEN
> udp4 0 0 127.0.0.1.49814 127.0.0.1.49814
> udp4 0 0 81.98.165.128.49810 *.*
> udp6 0 0 ::1.49242 ::1.49242
> udp4 0 0 81.98.165.128.138 *.*
> udp4 0 0 81.98.165.128.137 *.*
> udp4 0 0 *.138 *.*
> udp4 0 0 *.* *.*
> udp4 0 0 *.* *.*
> udp4 0 0 *.137 *.*
> udp4 0 0 *.631 *.*
> udp4 0 0 127.0.0.1.49159 127.0.0.1.1022
> udp4 0 0 127.0.0.1.49158 127.0.0.1.1022
> udp4 0 0 127.0.0.1.1022 *.*
> udp4 0 0 127.0.0.1.49156 127.0.0.1.1023
> udp4 0 0 127.0.0.1.1023 *.*
> udp4 0 0 81.98.165.128.123 *.*
> udp4 0 0 127.0.0.1.123 *.*
> udp4 0 0 *.123 *.*
> udp4 0 0 *.5353 *.*
> udp4 0 0 *.68 *.*
> udp4 0 0 127.0.0.1.1033 *.*
> udp4 0 0 *.514 *.*
> udp6 0 0 *.514 *.*
> icm6 0 0 *.* *.*
> icm6 0 0 *.* *.*
>
> regards
>
> Andrew
> On 1 Dec 2004, at 09:22, parviz wrote:
>
> can you run "netstat -an". There are just lines that are
> toolong and I
> dont see the port number.
>
> Parviz
> On Wed, 2004-12-01 at 01:14, Andrew M wrote:
> Parviz,
> I ran netstat and got the following output:
>
> Active Internet connections
> Proto Recv-Q Send-Q Local Address Foreign
> Address
> (state)
> tcp4 0 0 localhost.57474
> localhost.ipp
> CLOSE_WAIT
> tcp4 0 0 localhost.57473
> localhost.ipp
> CLOSE_WAIT
> tcp4 0 0 cpc3-nott2-5-0-c.53524
> baym-cs269.msgr..msnp
> ESTABLISHED
> tcp4 0 0 cpc3-nott2-5-0-c.jboss
> cpc3-nott2-5-0-c.64161ESTABLISHED
> tcp4 0 0 cpc3-nott2-5-0-c.64161
> cpc3-nott2-5-0-c.jbossESTABLISHED
> tcp4 0 0 cpc3-nott2-5-0-c.50438
> 205.188.8.138.aol
> ESTABLISHED
> tcp4 0 0 localhost.netinfo-loca
> localhost.916
> ESTABLISHED
> tcp4 0 0 localhost.916
> localhost.netinfo-locaESTABLISHED
> udp4 0 0 localhost.49814
> localhost.49814
> udp4 0 0 cpc3-nott2-5-0-c.49810
> *.*
> udp6 0 0 localhost.49242
> localhost.49242
> udp4 0 0 cpc3-nott2-5-0-c.netbi
> *.*
> udp4 0 0 cpc3-nott2-5-0-c.netbi
> *.*
> udp4 0 0 *.netbios-dgm
> *.*
> udp4 0 0 *.*
> *.*
> udp4 0 0 *.*
> *.*
> udp4 0 0 *.netbios-ns
> *.*
> udp4 0 0 *.ipp
> *.*
> udp4 0 0 localhost.49159
> localhost.1022
> udp4 0 0 localhost.49158
> localhost.1022
> udp4 0 0 localhost.1022
> *.*
> udp4 0 0 localhost.49156
> localhost.1023
> udp4 0 0 localhost.1023
> *.*
> udp4 0 0 cpc3-nott2-5-0-c.ntp
> *.*
> udp4 0 0 localhost.ntp
> *.*
> udp4 0 0 *.ntp
> *.*
> udp4 0 0 *.mdns
> *.*
> udp4 0 0 *.bootpc
> *.*
> udp4 0 0 localhost.netinfo-loca
> *.*
> udp4 0 0 *.syslog
> *.*
> udp6 0 0 *.514
> *.*
> icm6 0 0 *.*
> *.*
> icm6 0 0 *.*
> *.*
> Active LOCAL (UNIX) domain sockets
> Address Type Recv-Q Send-Q Inode Conn
> Refs Nextref Addr
> 1d9b118 stream 296 0 0 0
> 0 0
> 1d9b310 stream 0 0 0 1d9b5e8
> 0 0
> 1d9b5e8 stream 0 0 0 1d9b310
> 0 0
> 1d9b460 stream 0 0 0 1d9b5b0
> 0 0
> 1d9b5b0 stream 0 0 0 1d9b460
> 0 0
> 1d9b348 stream 0 0 0 0
> 0 0
> 1d9b070 stream 0 0 0 0
> 0 0
> 1d9b1c0 stream 0 0 2560e40 0
> 0
> 0/tmp/icssuis501
> 1d9b1f8 stream 0 0 0 1d9b2a0
> 0 0
> 1d9b2a0 stream 0 0 0 1d9b1f8
> 0 0
> 1d9b268 stream 0 0 0 1d9b2d8
> 0 0
> 1d9b2d8 stream 0 0 0 1d9b268
> 0 0
> 1d9b738 stream 0 0 0 1d9b700
> 0 0
> 1d9b700 stream 0 0 0 1d9b738
> 0 0
> 1d9b7a8 stream 0 0 2597b58 0
> 0
> 0/tmp/.s.PGSQL.5432
> 1d9b818 stream 0 0 0 1d9ba10
> 0 0
> 1d9ba10 stream 0 0 0 1d9b818
> 0 0
> 1d9b9a0 stream 0 0 0 1d9b7e0
> 0 0
> 1d9b7e0 stream 0 0 0 1d9b9a0
> 0 0
> 1d9b968 stream 0 0 0 1d9ba80
> 0 0
> 1d9ba80 stream 0 0 0 1d9b968
> 0 0
> 1d9baf0 stream 0 0 0 1d9ba48
> 0 0
> 1d9ba48 stream 0 0 0 1d9baf0
> 0 0
> 1d9b850 stream 0 0 0 1d9b888
> 0 0
> 1d9b888 stream 0 0 0 1d9b850
> 0 0
> 1d9b8c0 stream 0 0 0 1d9bb98
> 0 0
> 1d9bb98 stream 0 0 0 1d9b8c0
> 0 0
> 1d9bee0 stream 0 0 1fa27b8 0
> 0
> 0/var/run/mDNSResponder
> 1d9bf18 stream 0 0 1f4a428 0
> 0
> 0/var/run/pppconfd
> 1d9bc08 dgram 0 0 0 1d9bfc0
> 0 1d9bbd0
> 1d9b188 dgram 0 0 0 1d9b658
> 1d9b658 0
> 1d9b658 dgram 0 0 0 1d9b188
> 1d9b188 0
> 1d9b3b8 dgram 0 0 0 1d9b230
> 1d9b230 0
> 1d9b230 dgram 0 0 0 1d9b3b8
> 1d9b3b8 0
> 1d9b540 dgram 0 0 0 1d9b498
> 1d9b498 0
> 1d9b498 dgram 0 0 0 1d9b540
> 1d9b540 0
> 1d9b578 dgram 0 0 0 1d9b4d0
> 1d9b4d0 0
> 1d9b4d0 dgram 0 0 0 1d9b578
> 1d9b578 0
> 1d9bbd0 dgram 0 0 0 1d9bfc0
> 0 1d9bab8
> 1d9bab8 dgram 0 0 0 1d9bfc0
> 0 1d9b930
> 1d9b930 dgram 0 0 0 1d9bfc0
> 0 1d9b9d8
> 1d9b9d8 dgram 0 0 0 1d9bfc0
> 0 1d9bd90
> 1d9bd90 dgram 0 0 0 1d9bfc0
> 0 1d9bb28
> 1d9bb28 dgram 0 0 0 1d9bfc0
> 0 1d9bb60
> 1d9bb60 dgram 0 0 0 1d9bfc0
> 0 1d9bcb0
> 1d9bcb0 dgram 0 0 0 1d9bfc0
> 0 1d9bd20
> 1d9bd20 dgram 0 0 0 1d9bfc0
> 0 1d9bce8
> 1d9bce8 dgram 0 0 0 1d9bfc0
> 0 1d9bea8
> 1d9bd58 dgram 0 0 0 1d9bc40
> 1d9bc40 0
> 1d9bc40 dgram 0 0 0 1d9bd58
> 1d9bd58 0
> 1d9bea8 dgram 0 0 0 1d9bfc0
> 0 1d9bc78
> 1d9bc78 dgram 0 0 0 1d9bfc0
> 0 1d9bf88
> 1d9bf88 dgram 0 0 0 1d9bfc0
> 0 1d9be38
> 1d9bdc8 dgram 0 0 0 1d9be00
> 1d9be00 0
> 1d9be00 dgram 0 0 0 1d9bdc8
> 1d9bdc8 0
> 1d9be38 dgram 0 0 0 1d9bfc0
> 0 1d9be70
> 1d9be70 dgram 0 0 0 1d9bfc0
> 0 1d9bf50
> 1d9bf50 dgram 0 0 0 1d9bfc0
> 0 0
> 1d9bfc0 dgram 0 0 1dd5610 0
> 1d9bc08
> 0/var/run/syslog
>
> Andrew
> On 1 Dec 2004, at 08:53, parviz wrote:
>
> I didnt look at your config in detail. But
> that error
> messagealone
> makes me think that either your tomcat(port
> 8080) or port 443
> is not
> listening on the right socket. for example
> tomcat is listening
> on
> 127.0.0.1:8080 but your trying to go
> www.mysite.com:8080 (
> which
> resolves to some pulicIp:8080). Or something
> similar. Lets run
> netstat
> and make sure port 443 and 8080 is listening
> where they
> should.
>
> Parviz
>
> On Tue, 2004-11-30 at 16:30, Andrew M wrote:
> Ralph,
> I am using Apache 2.0.52 and have made
> the following
> amendments:
>
> 1. create a certificate file :
> /library/Apache2/conf/mysiteNew.crt
> 2. create a key file:
>
> /library/Apache2/conf/www.mysite.com.key
> 3. Amend the ssl.conf file:
>
> <IfDefine SSL>
> <VirtualHost 127.0.0.1:443>
> ......
> SSLCertificateFile
> /Library/Apache2/conf/mysiteNew.crt
> SSLCertificateKeyFile
>
> /Library/Apache2/conf/www.mysite.com.key
>
> ****** Start Note ***
> RewriteEngine on
>
> RewriteRule "^/WEB-INF/?(.*)" "$0"
> [L,F,NC]
> RewriteRule "^/(.*)\.gif$" "$0" [L]
> RewriteRule "^/(.*)\.jpg$" "$0" [L]
> RewriteRule "^/(.*)\.swf$" "$0" [L]
> RewriteRule "^/(.*)\.php$" "$0" [L]
> RewriteRule "^/(.*)\.m3u$" "$0" [L]
> RewriteRule "^/(.*)\.mp3$" "$0" [L]
> RewriteRule "^/(.*)\.html$" "$0" [L]
> RewriteRule
>
> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$https://localhost:8080/mysite/$1.$2[P,L]
> RewriteRule "^/(.*)"
> "https://localhost:8080/$1" [P]
> ProxyPassReverse /
> https://localhost:8080/
> ***End Note ***
> </virtualHost>
> </IfDefine>
>
> Note: Not sure about the rewrite code
> in the virtual
> host. Thethinking
> behind this is to be able to do
> https://www.mysite.com
> in theurl and
> be directed to port 8080!!!
> http://www.mysite.com
> works fine.
>
> Suffice to say, when I enter
> https://www.mysite.com
> into the url I
> get'the connection was refused when
> attempting to
> contactwww.mysite.com'. What am I
> doing wrong???
>
> many thanks
>
> Andrew
>
> p.s. I have enabled port 443 in the
> firewall as well.
>
>
> On 30 Nov 2004, at 22:10, Ralf
> Glauberman wrote:
>
> plain text please!
>
> did you have a look at the
> general https
> documentation. i
> think youwill have to set up
> ssl as described
> there. try it,
> if you are havingproblems, ask
> again.
>
> ----- Original Message -----
> From: Andrew M
> To: users@httpd.apache.org
> Sent: Tuesday, November 30,
> 2004 7:56 PM
> Subject: [users@httpd] mod_jk2
> https
>
>
> Hi,
> I currently have apache
> sitting at the front
> end passing
> requests tojboss on port 8080
> like so in my
> http.conf:
>
> # mod_jk2 configuration
> LoadModule jk2_module
> modules/mod_jk2.so
>
> # for jboss
> RewriteEngine on
>
> RewriteRule "^/WEB-INF/?(.*)"
> "$0" [L,F,NC]
> RewriteRule "^/(.*)\.gif$"
> "$0" [L]
> RewriteRule "^/(.*)\.jpg$"
> "$0" [L]
> RewriteRule "^/(.*)\.swf$"
> "$0" [L]
> RewriteRule "^/(.*)\.php$"
> "$0" [L]
> RewriteRule "^/(.*)\.m3u$"
> "$0" [L]
> RewriteRule "^/(.*)\.mp3$"
> "$0" [L]
> RewriteRule "^/(.*)\.html$"
> "$0" [L]
> RewriteRule
>
>
> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$http://localhost:8080/mysite/$1.$2[P,L]
> RewriteRule "^/(.*)"
> "http://localhost:8080/$1" [P]
> ProxyPassReverse /
> http://localhost:8080/
>
> How would I, in this instance,
> setup https?
> Bare with me if
> this seemsfairly obvious as I
> have never
> worked with https
> before.
>
> many thanks
>
> p.s. How do I then go about
> creating/obtaining
> a certificate
> to sit inapache to make the
> whole ssl thing
> work?
> Andrew
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User
> support forum of the
> Apache HTTP
> ServerProject.
> See
>
> <URL:http://httpd.apache.org/userslist.html> for more
> info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
> " from the digest:
>
> users-digest-unsubscribe@httpd.apache.org
> For additional commands,
> e-mail:
> users-help@httpd.apache.org
>
>
>
>
>
> ______________________________________________________________________
>
> +Thehome of urban music
> + http://www.beyarecords.com
>
>
>
>
> ______________________________________________________________________
>
> ---------------------------------------------------------------------
> The official User-To-User support
> forum of the Apache
> HTTP ServerProject.
> See
> <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
> " from the digest:
>
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail:
> users-help@httpd.apache.org
>
>
>
> ______________________________________________________________________
>
> +Thehome of urban music
> + http://www.beyarecords.com
>
>
>
> ______________________________________________________________________
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache
> HTTP ServerProject.
> See <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
> " from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail:
> users-help@httpd.apache.org
>
>
>
> ______________________________________________________________________
>
> +Thehome of urban music
> + http://www.beyarecords.com
>
>
>
> ______________________________________________________________________
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Parviz,
here is part of the output generated from netstat -an:
tcp4 0 0 81.98.165.128.4444 81.98.165.128.54548
ESTABLISHED
tcp4 0 0 81.98.165.128.54548 81.98.165.128.4444
ESTABLISHED
tcp4 0 0 127.0.0.1.57474 127.0.0.1.631
CLOSE_WAIT
tcp4 0 0 127.0.0.1.57473 127.0.0.1.631
CLOSE_WAIT
tcp4 0 0 81.98.165.128.53524 207.46.107.69.1863
ESTABLISHED
tcp46 0 0 *.8009 *.*
LISTEN
tcp46 0 0 *.8093 *.*
LISTEN
tcp4 0 0 81.98.165.128.3528 81.98.165.128.64161
ESTABLISHED
tcp4 0 0 81.98.165.128.64161 81.98.165.128.3528
ESTABLISHED
tcp46 0 0 *.3528 *.*
LISTEN
tcp46 0 0 *.8080 *.*
LISTEN
tcp46 0 0 *.4445 *.*
LISTEN
tcp46 0 0 *.4444 *.*
LISTEN
tcp46 0 0 *.8083 *.*
LISTEN
tcp46 0 0 *.1099 *.*
LISTEN
tcp46 0 0 *.1098 *.*
LISTEN
tcp4 0 0 81.98.165.128.50438 205.188.8.138.5190
ESTABLISHED
tcp4 0 0 *.* *.*
CLOSED
tcp4 0 0 *.5432 *.*
LISTEN
tcp6 0 0 *.5432 *.*
LISTEN
tcp4 0 0 *.* *.*
CLOSED
tcp4 0 0 *.* *.*
CLOSED
tcp4 0 0 *.139 *.*
LISTEN
tcp4 0 0 127.0.0.1.631 *.*
LISTEN
tcp4 0 0 127.0.0.1.1033 127.0.0.1.916
ESTABLISHED
tcp4 0 0 127.0.0.1.916 127.0.0.1.1033
ESTABLISHED
tcp4 0 0 127.0.0.1.1033 *.*
LISTEN
udp4 0 0 127.0.0.1.49814 127.0.0.1.49814
udp4 0 0 81.98.165.128.49810 *.*
udp6 0 0 ::1.49242 ::1.49242
udp4 0 0 81.98.165.128.138 *.*
udp4 0 0 81.98.165.128.137 *.*
udp4 0 0 *.138 *.*
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
udp4 0 0 *.137 *.*
udp4 0 0 *.631 *.*
udp4 0 0 127.0.0.1.49159 127.0.0.1.1022
udp4 0 0 127.0.0.1.49158 127.0.0.1.1022
udp4 0 0 127.0.0.1.1022 *.*
udp4 0 0 127.0.0.1.49156 127.0.0.1.1023
udp4 0 0 127.0.0.1.1023 *.*
udp4 0 0 81.98.165.128.123 *.*
udp4 0 0 127.0.0.1.123 *.*
udp4 0 0 *.123 *.*
udp4 0 0 *.5353 *.*
udp4 0 0 *.68 *.*
udp4 0 0 127.0.0.1.1033 *.*
udp4 0 0 *.514 *.*
udp6 0 0 *.514 *.*
icm6 0 0 *.* *.*
icm6 0 0 *.* *.*
regards
Andrew
On 1 Dec 2004, at 09:22, parviz wrote:
> can you run "netstat -an". There are just lines that are too long and I
> dont see the port number.
>
> Parviz
> On Wed, 2004-12-01 at 01:14, Andrew M wrote:
>> Parviz,
>> I ran netstat and got the following output:
>>
>> Active Internet connections
>> Proto Recv-Q Send-Q Local Address Foreign Address
>> (state)
>> tcp4 0 0 localhost.57474 localhost.ipp
>> CLOSE_WAIT
>> tcp4 0 0 localhost.57473 localhost.ipp
>> CLOSE_WAIT
>> tcp4 0 0 cpc3-nott2-5-0-c.53524 baym-cs269.msgr..msnp
>> ESTABLISHED
>> tcp4 0 0 cpc3-nott2-5-0-c.jboss
>> cpc3-nott2-5-0-c.64161ESTABLISHED
>> tcp4 0 0 cpc3-nott2-5-0-c.64161
>> cpc3-nott2-5-0-c.jbossESTABLISHED
>> tcp4 0 0 cpc3-nott2-5-0-c.50438 205.188.8.138.aol
>> ESTABLISHED
>> tcp4 0 0 localhost.netinfo-loca localhost.916
>> ESTABLISHED
>> tcp4 0 0 localhost.916
>> localhost.netinfo-locaESTABLISHED
>> udp4 0 0 localhost.49814 localhost.49814
>> udp4 0 0 cpc3-nott2-5-0-c.49810 *.*
>> udp6 0 0 localhost.49242 localhost.49242
>> udp4 0 0 cpc3-nott2-5-0-c.netbi *.*
>> udp4 0 0 cpc3-nott2-5-0-c.netbi *.*
>> udp4 0 0 *.netbios-dgm *.*
>> udp4 0 0 *.* *.*
>> udp4 0 0 *.* *.*
>> udp4 0 0 *.netbios-ns *.*
>> udp4 0 0 *.ipp *.*
>> udp4 0 0 localhost.49159 localhost.1022
>> udp4 0 0 localhost.49158 localhost.1022
>> udp4 0 0 localhost.1022 *.*
>> udp4 0 0 localhost.49156 localhost.1023
>> udp4 0 0 localhost.1023 *.*
>> udp4 0 0 cpc3-nott2-5-0-c.ntp *.*
>> udp4 0 0 localhost.ntp *.*
>> udp4 0 0 *.ntp *.*
>> udp4 0 0 *.mdns *.*
>> udp4 0 0 *.bootpc *.*
>> udp4 0 0 localhost.netinfo-loca *.*
>> udp4 0 0 *.syslog *.*
>> udp6 0 0 *.514 *.*
>> icm6 0 0 *.* *.*
>> icm6 0 0 *.* *.*
>> Active LOCAL (UNIX) domain sockets
>> Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr
>> 1d9b118 stream 296 0 0 0 0 0
>> 1d9b310 stream 0 0 0 1d9b5e8 0 0
>> 1d9b5e8 stream 0 0 0 1d9b310 0 0
>> 1d9b460 stream 0 0 0 1d9b5b0 0 0
>> 1d9b5b0 stream 0 0 0 1d9b460 0 0
>> 1d9b348 stream 0 0 0 0 0 0
>> 1d9b070 stream 0 0 0 0 0 0
>> 1d9b1c0 stream 0 0 2560e40 0 0
>> 0/tmp/icssuis501
>> 1d9b1f8 stream 0 0 0 1d9b2a0 0 0
>> 1d9b2a0 stream 0 0 0 1d9b1f8 0 0
>> 1d9b268 stream 0 0 0 1d9b2d8 0 0
>> 1d9b2d8 stream 0 0 0 1d9b268 0 0
>> 1d9b738 stream 0 0 0 1d9b700 0 0
>> 1d9b700 stream 0 0 0 1d9b738 0 0
>> 1d9b7a8 stream 0 0 2597b58 0 0
>> 0/tmp/.s.PGSQL.5432
>> 1d9b818 stream 0 0 0 1d9ba10 0 0
>> 1d9ba10 stream 0 0 0 1d9b818 0 0
>> 1d9b9a0 stream 0 0 0 1d9b7e0 0 0
>> 1d9b7e0 stream 0 0 0 1d9b9a0 0 0
>> 1d9b968 stream 0 0 0 1d9ba80 0 0
>> 1d9ba80 stream 0 0 0 1d9b968 0 0
>> 1d9baf0 stream 0 0 0 1d9ba48 0 0
>> 1d9ba48 stream 0 0 0 1d9baf0 0 0
>> 1d9b850 stream 0 0 0 1d9b888 0 0
>> 1d9b888 stream 0 0 0 1d9b850 0 0
>> 1d9b8c0 stream 0 0 0 1d9bb98 0 0
>> 1d9bb98 stream 0 0 0 1d9b8c0 0 0
>> 1d9bee0 stream 0 0 1fa27b8 0 0
>> 0/var/run/mDNSResponder
>> 1d9bf18 stream 0 0 1f4a428 0 0
>> 0/var/run/pppconfd
>> 1d9bc08 dgram 0 0 0 1d9bfc0 0 1d9bbd0
>> 1d9b188 dgram 0 0 0 1d9b658 1d9b658 0
>> 1d9b658 dgram 0 0 0 1d9b188 1d9b188 0
>> 1d9b3b8 dgram 0 0 0 1d9b230 1d9b230 0
>> 1d9b230 dgram 0 0 0 1d9b3b8 1d9b3b8 0
>> 1d9b540 dgram 0 0 0 1d9b498 1d9b498 0
>> 1d9b498 dgram 0 0 0 1d9b540 1d9b540 0
>> 1d9b578 dgram 0 0 0 1d9b4d0 1d9b4d0 0
>> 1d9b4d0 dgram 0 0 0 1d9b578 1d9b578 0
>> 1d9bbd0 dgram 0 0 0 1d9bfc0 0 1d9bab8
>> 1d9bab8 dgram 0 0 0 1d9bfc0 0 1d9b930
>> 1d9b930 dgram 0 0 0 1d9bfc0 0 1d9b9d8
>> 1d9b9d8 dgram 0 0 0 1d9bfc0 0 1d9bd90
>> 1d9bd90 dgram 0 0 0 1d9bfc0 0 1d9bb28
>> 1d9bb28 dgram 0 0 0 1d9bfc0 0 1d9bb60
>> 1d9bb60 dgram 0 0 0 1d9bfc0 0 1d9bcb0
>> 1d9bcb0 dgram 0 0 0 1d9bfc0 0 1d9bd20
>> 1d9bd20 dgram 0 0 0 1d9bfc0 0 1d9bce8
>> 1d9bce8 dgram 0 0 0 1d9bfc0 0 1d9bea8
>> 1d9bd58 dgram 0 0 0 1d9bc40 1d9bc40 0
>> 1d9bc40 dgram 0 0 0 1d9bd58 1d9bd58 0
>> 1d9bea8 dgram 0 0 0 1d9bfc0 0 1d9bc78
>> 1d9bc78 dgram 0 0 0 1d9bfc0 0 1d9bf88
>> 1d9bf88 dgram 0 0 0 1d9bfc0 0 1d9be38
>> 1d9bdc8 dgram 0 0 0 1d9be00 1d9be00 0
>> 1d9be00 dgram 0 0 0 1d9bdc8 1d9bdc8 0
>> 1d9be38 dgram 0 0 0 1d9bfc0 0 1d9be70
>> 1d9be70 dgram 0 0 0 1d9bfc0 0 1d9bf50
>> 1d9bf50 dgram 0 0 0 1d9bfc0 0 0
>> 1d9bfc0 dgram 0 0 1dd5610 0 1d9bc08
>> 0/var/run/syslog
>>
>> Andrew
>> On 1 Dec 2004, at 08:53, parviz wrote:
>>
>> I didnt look at your config in detail. But that error
>> messagealone
>> makes me think that either your tomcat(port 8080) or port 443
>> is not
>> listening on the right socket. for example tomcat is listening
>> on
>> 127.0.0.1:8080 but your trying to go www.mysite.com:8080 (
>> which
>> resolves to some pulicIp:8080). Or something similar. Lets run
>> netstat
>> and make sure port 443 and 8080 is listening where they
>> should.
>>
>> Parviz
>>
>> On Tue, 2004-11-30 at 16:30, Andrew M wrote:
>> Ralph,
>> I am using Apache 2.0.52 and have made the following
>> amendments:
>>
>> 1. create a certificate file :
>> /library/Apache2/conf/mysiteNew.crt
>> 2. create a key file:
>> /library/Apache2/conf/www.mysite.com.key
>> 3. Amend the ssl.conf file:
>>
>> <IfDefine SSL>
>> <VirtualHost 127.0.0.1:443>
>> ......
>> SSLCertificateFile /Library/Apache2/conf/mysiteNew.crt
>> SSLCertificateKeyFile
>> /Library/Apache2/conf/www.mysite.com.key
>>
>> ****** Start Note ***
>> RewriteEngine on
>>
>> RewriteRule "^/WEB-INF/?(.*)" "$0" [L,F,NC]
>> RewriteRule "^/(.*)\.gif$" "$0" [L]
>> RewriteRule "^/(.*)\.jpg$" "$0" [L]
>> RewriteRule "^/(.*)\.swf$" "$0" [L]
>> RewriteRule "^/(.*)\.php$" "$0" [L]
>> RewriteRule "^/(.*)\.m3u$" "$0" [L]
>> RewriteRule "^/(.*)\.mp3$" "$0" [L]
>> RewriteRule "^/(.*)\.html$" "$0" [L]
>> RewriteRule
>>
>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$https://localhost:8080/mysite/
>> $1.$2[P,L]
>> RewriteRule "^/(.*)" "https://localhost:8080/$1" [P]
>> ProxyPassReverse / https://localhost:8080/
>> ***End Note ***
>> </virtualHost>
>> </IfDefine>
>>
>> Note: Not sure about the rewrite code in the virtual
>> host. Thethinking
>> behind this is to be able to do https://www.mysite.com
>> in theurl and
>> be directed to port 8080!!! http://www.mysite.com
>> works fine.
>>
>> Suffice to say, when I enter https://www.mysite.com
>> into the url I
>> get'the connection was refused when attempting to
>> contactwww.mysite.com'. What am I doing wrong???
>>
>> many thanks
>>
>> Andrew
>>
>> p.s. I have enabled port 443 in the firewall as well.
>>
>>
>> On 30 Nov 2004, at 22:10, Ralf Glauberman wrote:
>>
>> plain text please!
>>
>> did you have a look at the general https
>> documentation. i
>> think youwill have to set up ssl as described
>> there. try it,
>> if you are havingproblems, ask again.
>>
>> ----- Original Message ----- From: Andrew M
>> To: users@httpd.apache.org
>> Sent: Tuesday, November 30, 2004 7:56 PM
>> Subject: [users@httpd] mod_jk2 https
>>
>>
>> Hi,
>> I currently have apache sitting at the front
>> end passing
>> requests tojboss on port 8080 like so in my
>> http.conf:
>>
>> # mod_jk2 configuration
>> LoadModule jk2_module modules/mod_jk2.so
>>
>> # for jboss
>> RewriteEngine on
>>
>> RewriteRule "^/WEB-INF/?(.*)" "$0" [L,F,NC]
>> RewriteRule "^/(.*)\.gif$" "$0" [L]
>> RewriteRule "^/(.*)\.jpg$" "$0" [L]
>> RewriteRule "^/(.*)\.swf$" "$0" [L]
>> RewriteRule "^/(.*)\.php$" "$0" [L]
>> RewriteRule "^/(.*)\.m3u$" "$0" [L]
>> RewriteRule "^/(.*)\.mp3$" "$0" [L]
>> RewriteRule "^/(.*)\.html$" "$0" [L]
>> RewriteRule
>>
>>
>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$http://localhost:8080/mysite/
>> $1.$2[P,L]
>> RewriteRule "^/(.*)"
>> "http://localhost:8080/$1" [P]
>> ProxyPassReverse / http://localhost:8080/
>>
>> How would I, in this instance, setup https?
>> Bare with me if
>> this seemsfairly obvious as I have never
>> worked with https
>> before.
>>
>> many thanks
>>
>> p.s. How do I then go about creating/obtaining
>> a certificate
>> to sit inapache to make the whole ssl thing
>> work?
>> Andrew
>>
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the
>> Apache HTTP
>> ServerProject.
>> See
>> <URL:http://httpd.apache.org/userslist.html> for more
>> info.
>> To unsubscribe, e-mail:
>> users-unsubscribe@httpd.apache.org
>> " from the digest:
>> users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail:
>> users-help@httpd.apache.org
>>
>>
>>
>>
>>
>> ______________________________________________________________________
>>
>> +Thehome of urban music
>> + http://www.beyarecords.com
>>
>>
>>
>>
>> ______________________________________________________________________
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache
>> HTTP ServerProject.
>> See <URL:http://httpd.apache.org/userslist.html> for
>> more info.
>> To unsubscribe, e-mail:
>> users-unsubscribe@httpd.apache.org
>> " from the digest:
>> users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail:
>> users-help@httpd.apache.org
>>
>>
>>
>> ______________________________________________________________________
>>
>> +Thehome of urban music
>> + http://www.beyarecords.com
>>
>>
>>
>> ______________________________________________________________________
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
Re: [users@httpd] mod_jk2 https
Posted by parviz <de...@nikasolutions.net>.
can you run "netstat -an". There are just lines that are too long and I
dont see the port number.
Parviz
On Wed, 2004-12-01 at 01:14, Andrew M wrote:
> Parviz,
> I ran netstat and got the following output:
>
> Active Internet connections
> Proto Recv-Q Send-Q Local Address Foreign Address
> (state)
> tcp4 0 0 localhost.57474 localhost.ipp
> CLOSE_WAIT
> tcp4 0 0 localhost.57473 localhost.ipp
> CLOSE_WAIT
> tcp4 0 0 cpc3-nott2-5-0-c.53524 baym-cs269.msgr..msnp
> ESTABLISHED
> tcp4 0 0 cpc3-nott2-5-0-c.jboss
> cpc3-nott2-5-0-c.64161ESTABLISHED
> tcp4 0 0 cpc3-nott2-5-0-c.64161
> cpc3-nott2-5-0-c.jbossESTABLISHED
> tcp4 0 0 cpc3-nott2-5-0-c.50438 205.188.8.138.aol
> ESTABLISHED
> tcp4 0 0 localhost.netinfo-loca localhost.916
> ESTABLISHED
> tcp4 0 0 localhost.916
> localhost.netinfo-locaESTABLISHED
> udp4 0 0 localhost.49814 localhost.49814
> udp4 0 0 cpc3-nott2-5-0-c.49810 *.*
> udp6 0 0 localhost.49242 localhost.49242
> udp4 0 0 cpc3-nott2-5-0-c.netbi *.*
> udp4 0 0 cpc3-nott2-5-0-c.netbi *.*
> udp4 0 0 *.netbios-dgm *.*
> udp4 0 0 *.* *.*
> udp4 0 0 *.* *.*
> udp4 0 0 *.netbios-ns *.*
> udp4 0 0 *.ipp *.*
> udp4 0 0 localhost.49159 localhost.1022
> udp4 0 0 localhost.49158 localhost.1022
> udp4 0 0 localhost.1022 *.*
> udp4 0 0 localhost.49156 localhost.1023
> udp4 0 0 localhost.1023 *.*
> udp4 0 0 cpc3-nott2-5-0-c.ntp *.*
> udp4 0 0 localhost.ntp *.*
> udp4 0 0 *.ntp *.*
> udp4 0 0 *.mdns *.*
> udp4 0 0 *.bootpc *.*
> udp4 0 0 localhost.netinfo-loca *.*
> udp4 0 0 *.syslog *.*
> udp6 0 0 *.514 *.*
> icm6 0 0 *.* *.*
> icm6 0 0 *.* *.*
> Active LOCAL (UNIX) domain sockets
> Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr
> 1d9b118 stream 296 0 0 0 0 0
> 1d9b310 stream 0 0 0 1d9b5e8 0 0
> 1d9b5e8 stream 0 0 0 1d9b310 0 0
> 1d9b460 stream 0 0 0 1d9b5b0 0 0
> 1d9b5b0 stream 0 0 0 1d9b460 0 0
> 1d9b348 stream 0 0 0 0 0 0
> 1d9b070 stream 0 0 0 0 0 0
> 1d9b1c0 stream 0 0 2560e40 0 0
> 0/tmp/icssuis501
> 1d9b1f8 stream 0 0 0 1d9b2a0 0 0
> 1d9b2a0 stream 0 0 0 1d9b1f8 0 0
> 1d9b268 stream 0 0 0 1d9b2d8 0 0
> 1d9b2d8 stream 0 0 0 1d9b268 0 0
> 1d9b738 stream 0 0 0 1d9b700 0 0
> 1d9b700 stream 0 0 0 1d9b738 0 0
> 1d9b7a8 stream 0 0 2597b58 0 0
> 0/tmp/.s.PGSQL.5432
> 1d9b818 stream 0 0 0 1d9ba10 0 0
> 1d9ba10 stream 0 0 0 1d9b818 0 0
> 1d9b9a0 stream 0 0 0 1d9b7e0 0 0
> 1d9b7e0 stream 0 0 0 1d9b9a0 0 0
> 1d9b968 stream 0 0 0 1d9ba80 0 0
> 1d9ba80 stream 0 0 0 1d9b968 0 0
> 1d9baf0 stream 0 0 0 1d9ba48 0 0
> 1d9ba48 stream 0 0 0 1d9baf0 0 0
> 1d9b850 stream 0 0 0 1d9b888 0 0
> 1d9b888 stream 0 0 0 1d9b850 0 0
> 1d9b8c0 stream 0 0 0 1d9bb98 0 0
> 1d9bb98 stream 0 0 0 1d9b8c0 0 0
> 1d9bee0 stream 0 0 1fa27b8 0 0
> 0/var/run/mDNSResponder
> 1d9bf18 stream 0 0 1f4a428 0 0
> 0/var/run/pppconfd
> 1d9bc08 dgram 0 0 0 1d9bfc0 0 1d9bbd0
> 1d9b188 dgram 0 0 0 1d9b658 1d9b658 0
> 1d9b658 dgram 0 0 0 1d9b188 1d9b188 0
> 1d9b3b8 dgram 0 0 0 1d9b230 1d9b230 0
> 1d9b230 dgram 0 0 0 1d9b3b8 1d9b3b8 0
> 1d9b540 dgram 0 0 0 1d9b498 1d9b498 0
> 1d9b498 dgram 0 0 0 1d9b540 1d9b540 0
> 1d9b578 dgram 0 0 0 1d9b4d0 1d9b4d0 0
> 1d9b4d0 dgram 0 0 0 1d9b578 1d9b578 0
> 1d9bbd0 dgram 0 0 0 1d9bfc0 0 1d9bab8
> 1d9bab8 dgram 0 0 0 1d9bfc0 0 1d9b930
> 1d9b930 dgram 0 0 0 1d9bfc0 0 1d9b9d8
> 1d9b9d8 dgram 0 0 0 1d9bfc0 0 1d9bd90
> 1d9bd90 dgram 0 0 0 1d9bfc0 0 1d9bb28
> 1d9bb28 dgram 0 0 0 1d9bfc0 0 1d9bb60
> 1d9bb60 dgram 0 0 0 1d9bfc0 0 1d9bcb0
> 1d9bcb0 dgram 0 0 0 1d9bfc0 0 1d9bd20
> 1d9bd20 dgram 0 0 0 1d9bfc0 0 1d9bce8
> 1d9bce8 dgram 0 0 0 1d9bfc0 0 1d9bea8
> 1d9bd58 dgram 0 0 0 1d9bc40 1d9bc40 0
> 1d9bc40 dgram 0 0 0 1d9bd58 1d9bd58 0
> 1d9bea8 dgram 0 0 0 1d9bfc0 0 1d9bc78
> 1d9bc78 dgram 0 0 0 1d9bfc0 0 1d9bf88
> 1d9bf88 dgram 0 0 0 1d9bfc0 0 1d9be38
> 1d9bdc8 dgram 0 0 0 1d9be00 1d9be00 0
> 1d9be00 dgram 0 0 0 1d9bdc8 1d9bdc8 0
> 1d9be38 dgram 0 0 0 1d9bfc0 0 1d9be70
> 1d9be70 dgram 0 0 0 1d9bfc0 0 1d9bf50
> 1d9bf50 dgram 0 0 0 1d9bfc0 0 0
> 1d9bfc0 dgram 0 0 1dd5610 0 1d9bc08
> 0/var/run/syslog
>
> Andrew
> On 1 Dec 2004, at 08:53, parviz wrote:
>
> I didnt look at your config in detail. But that error
> messagealone
> makes me think that either your tomcat(port 8080) or port 443
> is not
> listening on the right socket. for example tomcat is listening
> on
> 127.0.0.1:8080 but your trying to go www.mysite.com:8080 (
> which
> resolves to some pulicIp:8080). Or something similar. Lets run
> netstat
> and make sure port 443 and 8080 is listening where they
> should.
>
> Parviz
>
> On Tue, 2004-11-30 at 16:30, Andrew M wrote:
> Ralph,
> I am using Apache 2.0.52 and have made the following
> amendments:
>
> 1. create a certificate file :
> /library/Apache2/conf/mysiteNew.crt
> 2. create a key file:
> /library/Apache2/conf/www.mysite.com.key
> 3. Amend the ssl.conf file:
>
> <IfDefine SSL>
> <VirtualHost 127.0.0.1:443>
> ......
> SSLCertificateFile /Library/Apache2/conf/mysiteNew.crt
> SSLCertificateKeyFile
> /Library/Apache2/conf/www.mysite.com.key
>
> ****** Start Note ***
> RewriteEngine on
>
> RewriteRule "^/WEB-INF/?(.*)" "$0" [L,F,NC]
> RewriteRule "^/(.*)\.gif$" "$0" [L]
> RewriteRule "^/(.*)\.jpg$" "$0" [L]
> RewriteRule "^/(.*)\.swf$" "$0" [L]
> RewriteRule "^/(.*)\.php$" "$0" [L]
> RewriteRule "^/(.*)\.m3u$" "$0" [L]
> RewriteRule "^/(.*)\.mp3$" "$0" [L]
> RewriteRule "^/(.*)\.html$" "$0" [L]
> RewriteRule
> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$https://localhost:8080/mysite/$1.$2[P,L]
> RewriteRule "^/(.*)" "https://localhost:8080/$1" [P]
> ProxyPassReverse / https://localhost:8080/
> ***End Note ***
> </virtualHost>
> </IfDefine>
>
> Note: Not sure about the rewrite code in the virtual
> host. Thethinking
> behind this is to be able to do https://www.mysite.com
> in theurl and
> be directed to port 8080!!! http://www.mysite.com
> works fine.
>
> Suffice to say, when I enter https://www.mysite.com
> into the url I
> get'the connection was refused when attempting to
> contactwww.mysite.com'. What am I doing wrong???
>
> many thanks
>
> Andrew
>
> p.s. I have enabled port 443 in the firewall as well.
>
>
> On 30 Nov 2004, at 22:10, Ralf Glauberman wrote:
>
> plain text please!
>
> did you have a look at the general https
> documentation. i
> think youwill have to set up ssl as described
> there. try it,
> if you are havingproblems, ask again.
>
> ----- Original Message ----- From: Andrew M
> To: users@httpd.apache.org
> Sent: Tuesday, November 30, 2004 7:56 PM
> Subject: [users@httpd] mod_jk2 https
>
>
> Hi,
> I currently have apache sitting at the front
> end passing
> requests tojboss on port 8080 like so in my
> http.conf:
>
> # mod_jk2 configuration
> LoadModule jk2_module modules/mod_jk2.so
>
> # for jboss
> RewriteEngine on
>
> RewriteRule "^/WEB-INF/?(.*)" "$0" [L,F,NC]
> RewriteRule "^/(.*)\.gif$" "$0" [L]
> RewriteRule "^/(.*)\.jpg$" "$0" [L]
> RewriteRule "^/(.*)\.swf$" "$0" [L]
> RewriteRule "^/(.*)\.php$" "$0" [L]
> RewriteRule "^/(.*)\.m3u$" "$0" [L]
> RewriteRule "^/(.*)\.mp3$" "$0" [L]
> RewriteRule "^/(.*)\.html$" "$0" [L]
> RewriteRule
>
> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$http://localhost:8080/mysite/$1.$2[P,L]
> RewriteRule "^/(.*)"
> "http://localhost:8080/$1" [P]
> ProxyPassReverse / http://localhost:8080/
>
> How would I, in this instance, setup https?
> Bare with me if
> this seemsfairly obvious as I have never
> worked with https
> before.
>
> many thanks
>
> p.s. How do I then go about creating/obtaining
> a certificate
> to sit inapache to make the whole ssl thing
> work?
> Andrew
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the
> Apache HTTP
> ServerProject.
> See
> <URL:http://httpd.apache.org/userslist.html> for more
> info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
> " from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail:
> users-help@httpd.apache.org
>
>
>
>
> ______________________________________________________________________
>
> +Thehome of urban music
> + http://www.beyarecords.com
>
>
>
> ______________________________________________________________________
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache
> HTTP ServerProject.
> See <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
> " from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail:
> users-help@httpd.apache.org
>
>
>
> ______________________________________________________________________
>
> +Thehome of urban music
> + http://www.beyarecords.com
>
>
>
> ______________________________________________________________________
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Parviz,
I ran netstat and got the following output:
Active Internet connections
Proto Recv-Q Send-Q Local Address Foreign Address
(state)
tcp4 0 0 localhost.57474 localhost.ipp
CLOSE_WAIT
tcp4 0 0 localhost.57473 localhost.ipp
CLOSE_WAIT
tcp4 0 0 cpc3-nott2-5-0-c.53524 baym-cs269.msgr..msnp
ESTABLISHED
tcp4 0 0 cpc3-nott2-5-0-c.jboss cpc3-nott2-5-0-c.64161
ESTABLISHED
tcp4 0 0 cpc3-nott2-5-0-c.64161 cpc3-nott2-5-0-c.jboss
ESTABLISHED
tcp4 0 0 cpc3-nott2-5-0-c.50438 205.188.8.138.aol
ESTABLISHED
tcp4 0 0 localhost.netinfo-loca localhost.916
ESTABLISHED
tcp4 0 0 localhost.916 localhost.netinfo-loca
ESTABLISHED
udp4 0 0 localhost.49814 localhost.49814
udp4 0 0 cpc3-nott2-5-0-c.49810 *.*
udp6 0 0 localhost.49242 localhost.49242
udp4 0 0 cpc3-nott2-5-0-c.netbi *.*
udp4 0 0 cpc3-nott2-5-0-c.netbi *.*
udp4 0 0 *.netbios-dgm *.*
udp4 0 0 *.* *.*
udp4 0 0 *.* *.*
udp4 0 0 *.netbios-ns *.*
udp4 0 0 *.ipp *.*
udp4 0 0 localhost.49159 localhost.1022
udp4 0 0 localhost.49158 localhost.1022
udp4 0 0 localhost.1022 *.*
udp4 0 0 localhost.49156 localhost.1023
udp4 0 0 localhost.1023 *.*
udp4 0 0 cpc3-nott2-5-0-c.ntp *.*
udp4 0 0 localhost.ntp *.*
udp4 0 0 *.ntp *.*
udp4 0 0 *.mdns *.*
udp4 0 0 *.bootpc *.*
udp4 0 0 localhost.netinfo-loca *.*
udp4 0 0 *.syslog *.*
udp6 0 0 *.514 *.*
icm6 0 0 *.* *.*
icm6 0 0 *.* *.*
Active LOCAL (UNIX) domain sockets
Address Type Recv-Q Send-Q Inode Conn Refs Nextref Addr
1d9b118 stream 296 0 0 0 0 0
1d9b310 stream 0 0 0 1d9b5e8 0 0
1d9b5e8 stream 0 0 0 1d9b310 0 0
1d9b460 stream 0 0 0 1d9b5b0 0 0
1d9b5b0 stream 0 0 0 1d9b460 0 0
1d9b348 stream 0 0 0 0 0 0
1d9b070 stream 0 0 0 0 0 0
1d9b1c0 stream 0 0 2560e40 0 0 0
/tmp/icssuis501
1d9b1f8 stream 0 0 0 1d9b2a0 0 0
1d9b2a0 stream 0 0 0 1d9b1f8 0 0
1d9b268 stream 0 0 0 1d9b2d8 0 0
1d9b2d8 stream 0 0 0 1d9b268 0 0
1d9b738 stream 0 0 0 1d9b700 0 0
1d9b700 stream 0 0 0 1d9b738 0 0
1d9b7a8 stream 0 0 2597b58 0 0 0
/tmp/.s.PGSQL.5432
1d9b818 stream 0 0 0 1d9ba10 0 0
1d9ba10 stream 0 0 0 1d9b818 0 0
1d9b9a0 stream 0 0 0 1d9b7e0 0 0
1d9b7e0 stream 0 0 0 1d9b9a0 0 0
1d9b968 stream 0 0 0 1d9ba80 0 0
1d9ba80 stream 0 0 0 1d9b968 0 0
1d9baf0 stream 0 0 0 1d9ba48 0 0
1d9ba48 stream 0 0 0 1d9baf0 0 0
1d9b850 stream 0 0 0 1d9b888 0 0
1d9b888 stream 0 0 0 1d9b850 0 0
1d9b8c0 stream 0 0 0 1d9bb98 0 0
1d9bb98 stream 0 0 0 1d9b8c0 0 0
1d9bee0 stream 0 0 1fa27b8 0 0 0
/var/run/mDNSResponder
1d9bf18 stream 0 0 1f4a428 0 0 0
/var/run/pppconfd
1d9bc08 dgram 0 0 0 1d9bfc0 0 1d9bbd0
1d9b188 dgram 0 0 0 1d9b658 1d9b658 0
1d9b658 dgram 0 0 0 1d9b188 1d9b188 0
1d9b3b8 dgram 0 0 0 1d9b230 1d9b230 0
1d9b230 dgram 0 0 0 1d9b3b8 1d9b3b8 0
1d9b540 dgram 0 0 0 1d9b498 1d9b498 0
1d9b498 dgram 0 0 0 1d9b540 1d9b540 0
1d9b578 dgram 0 0 0 1d9b4d0 1d9b4d0 0
1d9b4d0 dgram 0 0 0 1d9b578 1d9b578 0
1d9bbd0 dgram 0 0 0 1d9bfc0 0 1d9bab8
1d9bab8 dgram 0 0 0 1d9bfc0 0 1d9b930
1d9b930 dgram 0 0 0 1d9bfc0 0 1d9b9d8
1d9b9d8 dgram 0 0 0 1d9bfc0 0 1d9bd90
1d9bd90 dgram 0 0 0 1d9bfc0 0 1d9bb28
1d9bb28 dgram 0 0 0 1d9bfc0 0 1d9bb60
1d9bb60 dgram 0 0 0 1d9bfc0 0 1d9bcb0
1d9bcb0 dgram 0 0 0 1d9bfc0 0 1d9bd20
1d9bd20 dgram 0 0 0 1d9bfc0 0 1d9bce8
1d9bce8 dgram 0 0 0 1d9bfc0 0 1d9bea8
1d9bd58 dgram 0 0 0 1d9bc40 1d9bc40 0
1d9bc40 dgram 0 0 0 1d9bd58 1d9bd58 0
1d9bea8 dgram 0 0 0 1d9bfc0 0 1d9bc78
1d9bc78 dgram 0 0 0 1d9bfc0 0 1d9bf88
1d9bf88 dgram 0 0 0 1d9bfc0 0 1d9be38
1d9bdc8 dgram 0 0 0 1d9be00 1d9be00 0
1d9be00 dgram 0 0 0 1d9bdc8 1d9bdc8 0
1d9be38 dgram 0 0 0 1d9bfc0 0 1d9be70
1d9be70 dgram 0 0 0 1d9bfc0 0 1d9bf50
1d9bf50 dgram 0 0 0 1d9bfc0 0 0
1d9bfc0 dgram 0 0 1dd5610 0 1d9bc08 0
/var/run/syslog
Andrew
On 1 Dec 2004, at 08:53, parviz wrote:
> I didnt look at your config in detail. But that error message alone
> makes me think that either your tomcat(port 8080) or port 443 is not
> listening on the right socket. for example tomcat is listening on
> 127.0.0.1:8080 but your trying to go www.mysite.com:8080 ( which
> resolves to some pulicIp:8080). Or something similar. Lets run netstat
> and make sure port 443 and 8080 is listening where they should.
>
> Parviz
>
> On Tue, 2004-11-30 at 16:30, Andrew M wrote:
>> Ralph,
>> I am using Apache 2.0.52 and have made the following amendments:
>>
>> 1. create a certificate file : /library/Apache2/conf/mysiteNew.crt
>> 2. create a key file: /library/Apache2/conf/www.mysite.com.key
>> 3. Amend the ssl.conf file:
>>
>> <IfDefine SSL>
>> <VirtualHost 127.0.0.1:443>
>> ......
>> SSLCertificateFile /Library/Apache2/conf/mysiteNew.crt
>> SSLCertificateKeyFile /Library/Apache2/conf/www.mysite.com.key
>>
>> ****** Start Note ***
>> RewriteEngine on
>>
>> RewriteRule "^/WEB-INF/?(.*)" "$0" [L,F,NC]
>> RewriteRule "^/(.*)\.gif$" "$0" [L]
>> RewriteRule "^/(.*)\.jpg$" "$0" [L]
>> RewriteRule "^/(.*)\.swf$" "$0" [L]
>> RewriteRule "^/(.*)\.php$" "$0" [L]
>> RewriteRule "^/(.*)\.m3u$" "$0" [L]
>> RewriteRule "^/(.*)\.mp3$" "$0" [L]
>> RewriteRule "^/(.*)\.html$" "$0" [L]
>> RewriteRule
>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$https://localhost:8080/mysite/
>> $1.$2 [P,L]
>> RewriteRule "^/(.*)" "https://localhost:8080/$1" [P]
>> ProxyPassReverse / https://localhost:8080/
>> ***End Note ***
>> </virtualHost>
>> </IfDefine>
>>
>> Note: Not sure about the rewrite code in the virtual host. Thethinking
>> behind this is to be able to do https://www.mysite.com in theurl and
>> be directed to port 8080!!! http://www.mysite.com works fine.
>>
>> Suffice to say, when I enter https://www.mysite.com into the url I
>> get'the connection was refused when attempting to
>> contactwww.mysite.com'. What am I doing wrong???
>>
>> many thanks
>>
>> Andrew
>>
>> p.s. I have enabled port 443 in the firewall as well.
>>
>>
>> On 30 Nov 2004, at 22:10, Ralf Glauberman wrote:
>>
>> plain text please!
>>
>> did you have a look at the general https documentation. i
>> think youwill have to set up ssl as described there. try it,
>> if you are havingproblems, ask again.
>>
>> ----- Original Message ----- From: Andrew M
>> To: users@httpd.apache.org
>> Sent: Tuesday, November 30, 2004 7:56 PM
>> Subject: [users@httpd] mod_jk2 https
>>
>>
>> Hi,
>> I currently have apache sitting at the front end passing
>> requests tojboss on port 8080 like so in my http.conf:
>>
>> # mod_jk2 configuration
>> LoadModule jk2_module modules/mod_jk2.so
>>
>> # for jboss
>> RewriteEngine on
>>
>> RewriteRule "^/WEB-INF/?(.*)" "$0" [L,F,NC]
>> RewriteRule "^/(.*)\.gif$" "$0" [L]
>> RewriteRule "^/(.*)\.jpg$" "$0" [L]
>> RewriteRule "^/(.*)\.swf$" "$0" [L]
>> RewriteRule "^/(.*)\.php$" "$0" [L]
>> RewriteRule "^/(.*)\.m3u$" "$0" [L]
>> RewriteRule "^/(.*)\.mp3$" "$0" [L]
>> RewriteRule "^/(.*)\.html$" "$0" [L]
>> RewriteRule
>>
>> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$http://localhost:8080/mysite/
>> $1.$2 [P,L]
>> RewriteRule "^/(.*)" "http://localhost:8080/$1" [P]
>> ProxyPassReverse / http://localhost:8080/
>>
>> How would I, in this instance, setup https? Bare with me if
>> this seemsfairly obvious as I have never worked with https
>> before.
>>
>> many thanks
>>
>> p.s. How do I then go about creating/obtaining a certificate
>> to sit inapache to make the whole ssl thing work?
>> Andrew
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP
>> ServerProject.
>> See <URL:http://httpd.apache.org/userslist.html> for more
>> info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest:
>> users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>>
>>
>> ______________________________________________________________________
>>
>> +Thehome of urban music
>> + http://www.beyarecords.com
>>
>>
>>
>> ______________________________________________________________________
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
Re: [users@httpd] mod_jk2 https
Posted by parviz <de...@nikasolutions.net>.
I didnt look at your config in detail. But that error message alone
makes me think that either your tomcat(port 8080) or port 443 is not
listening on the right socket. for example tomcat is listening on
127.0.0.1:8080 but your trying to go www.mysite.com:8080 ( which
resolves to some pulicIp:8080). Or something similar. Lets run netstat
and make sure port 443 and 8080 is listening where they should.
Parviz
On Tue, 2004-11-30 at 16:30, Andrew M wrote:
> Ralph,
> I am using Apache 2.0.52 and have made the following amendments:
>
> 1. create a certificate file : /library/Apache2/conf/mysiteNew.crt
> 2. create a key file: /library/Apache2/conf/www.mysite.com.key
> 3. Amend the ssl.conf file:
>
> <IfDefine SSL>
> <VirtualHost 127.0.0.1:443>
> ......
> SSLCertificateFile /Library/Apache2/conf/mysiteNew.crt
> SSLCertificateKeyFile /Library/Apache2/conf/www.mysite.com.key
>
> ****** Start Note ***
> RewriteEngine on
>
> RewriteRule "^/WEB-INF/?(.*)" "$0" [L,F,NC]
> RewriteRule "^/(.*)\.gif$" "$0" [L]
> RewriteRule "^/(.*)\.jpg$" "$0" [L]
> RewriteRule "^/(.*)\.swf$" "$0" [L]
> RewriteRule "^/(.*)\.php$" "$0" [L]
> RewriteRule "^/(.*)\.m3u$" "$0" [L]
> RewriteRule "^/(.*)\.mp3$" "$0" [L]
> RewriteRule "^/(.*)\.html$" "$0" [L]
> RewriteRule
> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$https://localhost:8080/mysite/$1.$2 [P,L]
> RewriteRule "^/(.*)" "https://localhost:8080/$1" [P]
> ProxyPassReverse / https://localhost:8080/
> ***End Note ***
> </virtualHost>
> </IfDefine>
>
> Note: Not sure about the rewrite code in the virtual host. Thethinking
> behind this is to be able to do https://www.mysite.com in theurl and
> be directed to port 8080!!! http://www.mysite.com works fine.
>
> Suffice to say, when I enter https://www.mysite.com into the url I
> get'the connection was refused when attempting to
> contactwww.mysite.com'. What am I doing wrong???
>
> many thanks
>
> Andrew
>
> p.s. I have enabled port 443 in the firewall as well.
>
>
> On 30 Nov 2004, at 22:10, Ralf Glauberman wrote:
>
> plain text please!
>
> did you have a look at the general https documentation. i
> think youwill have to set up ssl as described there. try it,
> if you are havingproblems, ask again.
>
> ----- Original Message ----- From: Andrew M
> To: users@httpd.apache.org
> Sent: Tuesday, November 30, 2004 7:56 PM
> Subject: [users@httpd] mod_jk2 https
>
>
> Hi,
> I currently have apache sitting at the front end passing
> requests tojboss on port 8080 like so in my http.conf:
>
> # mod_jk2 configuration
> LoadModule jk2_module modules/mod_jk2.so
>
> # for jboss
> RewriteEngine on
>
> RewriteRule "^/WEB-INF/?(.*)" "$0" [L,F,NC]
> RewriteRule "^/(.*)\.gif$" "$0" [L]
> RewriteRule "^/(.*)\.jpg$" "$0" [L]
> RewriteRule "^/(.*)\.swf$" "$0" [L]
> RewriteRule "^/(.*)\.php$" "$0" [L]
> RewriteRule "^/(.*)\.m3u$" "$0" [L]
> RewriteRule "^/(.*)\.mp3$" "$0" [L]
> RewriteRule "^/(.*)\.html$" "$0" [L]
> RewriteRule
> (.*)\.(js|css|xml|xsl|kont|jx|xsp|svg)$http://localhost:8080/mysite/$1.$2 [P,L]
> RewriteRule "^/(.*)" "http://localhost:8080/$1" [P]
> ProxyPassReverse / http://localhost:8080/
>
> How would I, in this instance, setup https? Bare with me if
> this seemsfairly obvious as I have never worked with https
> before.
>
> many thanks
>
> p.s. How do I then go about creating/obtaining a certificate
> to sit inapache to make the whole ssl thing work?
> Andrew
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> ServerProject.
> See <URL:http://httpd.apache.org/userslist.html> for more
> info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
>
> ______________________________________________________________________
>
> +Thehome of urban music
> + http://www.beyarecords.com
>
>
>
> ______________________________________________________________________
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_jk2 https
Posted by Andrew M <an...@jibeya.com>.
Hi,
further to my last email, I am including my ssl.conf and http.conf
files for viewing.
thanks again in advance
Andrew