You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@guacamole.apache.org by "ronansalmon (via GitHub)" <gi...@apache.org> on 2023/03/03 15:25:11 UTC

[GitHub] [guacamole-client] ronansalmon opened a new pull request, #805: GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat

ronansalmon opened a new pull request, #805:
URL: https://github.com/apache/guacamole-client/pull/805

   The start script handles custom keystore/certificat.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [guacamole-client] ronansalmon commented on a diff in pull request #805: GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat

Posted by "ronansalmon (via GitHub)" <gi...@apache.org>.

ronansalmon commented on code in PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#discussion_r1145915390


##########
guacamole-docker/README.md:
##########
@@ -228,6 +228,49 @@ The process for doing this via the `sqlcmd` utilities included
 with SQLServer is documented in
 [the Guacamole manual](http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-sqlserver).
 
+Enabling guacd ssl
+================
+This explains how to enable ssl between guacamole and guacd using a self signed certificat.
+
+1. Generate a new certificat
+You need to create the new certificat on the guacd host.
+
+```shell
+openssl genrsa -out /etc/guacd/server.key 2048
+openssl req -new -key /etc/guacd/server.key -out /etc/guacd/cert.csr
+openssl x509 -in /etc/guacd/cert.csr -out /etc/guacd/server.crt -req -signkey /etc/guacd/server.key -days 3650
+openssl pkcs12 -export -in /etc/guacd/server.crt -inkey /etc/guacd/server.key  -out /etc/guacd/server.p12 -CAfile ca.crt -caname root
+```
+2. Configure guacd
+
+On debian, edit /etc/default/guacd and modify the following variables.
+```
+# listen on all interface
+LISTEN_ADDRESS=0.0.0.0
+
+# certificats
+DAEMON_ARGS=-C /etc/guacd/server.crt -K /etc/guacd/server.key
+```
+restart guacd! 

Review Comment:
   All is now over here
   [guacamole-server/pull/419](https://github.com/apache/guacamole-server/pull/419)



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [guacamole-client] necouchman commented on a diff in pull request #805: GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat

Posted by "necouchman (via GitHub)" <gi...@apache.org>.

necouchman commented on code in PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#discussion_r1126889213


##########
guacamole-docker/README.md:
##########
@@ -228,6 +228,49 @@ The process for doing this via the `sqlcmd` utilities included
 with SQLServer is documented in
 [the Guacamole manual](http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-sqlserver).
 
+Enabling guacd ssl
+================
+This explains how to enable ssl between guacamole and guacd using a self signed certificat.
+
+1. Generate a new certificat
+You need to create the new certificat on the guacd host.
+
+```shell
+openssl genrsa -out /etc/guacd/server.key 2048
+openssl req -new -key /etc/guacd/server.key -out /etc/guacd/cert.csr
+openssl x509 -in /etc/guacd/cert.csr -out /etc/guacd/server.crt -req -signkey /etc/guacd/server.key -days 3650
+openssl pkcs12 -export -in /etc/guacd/server.crt -inkey /etc/guacd/server.key  -out /etc/guacd/server.p12 -CAfile ca.crt -caname root
+```
+2. Configure guacd
+
+On debian, edit /etc/default/guacd and modify the following variables.
+```
+# listen on all interface
+LISTEN_ADDRESS=0.0.0.0
+
+# certificats
+DAEMON_ARGS=-C /etc/guacd/server.crt -K /etc/guacd/server.key
+```
+restart guacd! 

Review Comment:
   This may be more suited for the Configuring guacd section of the user guide.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat [guacamole-client]

Posted by "ronansalmon (via GitHub)" <gi...@apache.org>.

ronansalmon commented on PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#issuecomment-1763853379

   Hey !
   This PR is linked to https://github.com/apache/guacamole-server/pull/419.
   I was waiting for the PR 419 to be merged (if accepted) to go any further.
   
   So, how should we proceed ?
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat [guacamole-client]

Posted by "mike-jumper (via GitHub)" <gi...@apache.org>.

mike-jumper commented on PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#issuecomment-1783233484

   > > The `GUACD_SSL` environment variable controls the `guacd-ssl` property, which is used to enable SSL/TLS encryption between the webapp and guacd. It's uncommon to use this, as that communication is typically purely over loopback or at least on a trusted network route, but it's not obsolete.
   > 
   > I still can't find it. But if you're saying it's used I'm ok with this
   
   For reference, here's the code path is:
   
   ### Property Declaration (standardized as part of guacamole-ext)
   
   https://github.com/apache/guacamole-client/blob/ac6e501eff8b11f0c4b9a5bad653e237b979b14d/guacamole-ext/src/main/java/org/apache/guacamole/environment/Environment.java#L61-L69
   
   ### Property Retrieval (via a `GuacamoleProxyConfiguration` from `LocalEnvironment`)
   
   https://github.com/apache/guacamole-client/blob/ac6e501eff8b11f0c4b9a5bad653e237b979b14d/guacamole-ext/src/main/java/org/apache/guacamole/environment/LocalEnvironment.java#L379-L390
   
   ### (Voluntary) Usage of Retrieved Values
   
   Implementations aren't strictly _required_ to use `getDefaultGuacamoleProxyConfiguration()`, but most do, either explicitly or implicitly via `SimpleConnection`.
   
   https://github.com/apache/guacamole-client/blob/ac6e501eff8b11f0c4b9a5bad653e237b979b14d/guacamole-ext/src/main/java/org/apache/guacamole/net/auth/simple/SimpleConnection.java#L206
   
   https://github.com/apache/guacamole-client/blob/ac6e501eff8b11f0c4b9a5bad653e237b979b14d/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ModeledConnection.java#L462
   
   etc.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat [guacamole-client]

Posted by "sirux88 (via GitHub)" <gi...@apache.org>.

sirux88 commented on PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#issuecomment-1781631750

   I would add some thoughts:
   1) What is the environment variabale `GUACD_SSL` for? As far as I can see it's not used on `guacamole-client` nor on `guacamole-server` anywhere (except within the changed files). Seems obsolete to me
   2) Maybe the environment variables `GUACD_SSL_KEYSTORE_FILE` and `GUACD_SSL_KEYSTORE_PASS` should be renamed to something fitting better to their true purpose like `JAVA_KEYSTORE_FILE` and `JAVA_KEYSTORE_PASS` 
   
   For reference: I had a similar approach here https://github.com/sirux88/guacamole-client/commit/e02d2bef55ee428c1da7eb1ecc7f77c7514588ad. My use case was using a self signed cert for LDAP   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat [guacamole-client]

Posted by "sirux88 (via GitHub)" <gi...@apache.org>.

sirux88 commented on PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#issuecomment-1783220482

   > The `GUACD_SSL` environment variable controls the `guacd-ssl` property, which is used to enable SSL/TLS encryption between the webapp and guacd. It's uncommon to use this, as that communication is typically purely over loopback or at least on a trusted network route, but it's not obsolete.
   
   I still can't find it. But if you're saying it's used I'm ok with this


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [guacamole-client] ronansalmon commented on a diff in pull request #805: GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat

Posted by "ronansalmon (via GitHub)" <gi...@apache.org>.

ronansalmon commented on code in PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#discussion_r1126133938


##########
guacamole-docker/README.md:
##########
@@ -228,6 +228,49 @@ The process for doing this via the `sqlcmd` utilities included
 with SQLServer is documented in
 [the Guacamole manual](http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-sqlserver).
 
+Enabling guacd ssl
+================
+This explains how to enable ssl between guacamole and guacd using a self signed certificat.
+
+1. Generate a new certificat
+You need to create the new certificat on the guacd host.
+
+```shell
+openssl genrsa -out /etc/guacd/server.key 2048
+openssl req -new -key /etc/guacd/server.key -out /etc/guacd/cert.csr
+openssl x509 -in /etc/guacd/cert.csr -out /etc/guacd/server.crt -req -signkey /etc/guacd/server.key -days 3650
+openssl pkcs12 -export -in /etc/guacd/server.crt -inkey /etc/guacd/server.key  -out /etc/guacd/server.p12 -CAfile ca.crt -caname root
+```
+2. Configure guacd
+
+On debian, edit /etc/default/guacd and modify the following variables.
+```
+# listen on all interface
+LISTEN_ADDRESS=0.0.0.0
+
+# certificats
+DAEMON_ARGS=-C /etc/guacd/server.crt -K /etc/guacd/server.key
+```
+restart guacd! 

Review Comment:
   @necouchman ,
   Yes, I added documentation on how to setup the guacd standalone only with ssl mode.
   
   The guacd doc should probably go somewhere else indeed. I don't think it can go in the Docker chapter in the User Guide since one can use either the guacd standalone or guacd docker or both.
   
   I don't know where it should go ? What would you recommend ?
   



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat [guacamole-client]

Posted by "mike-jumper (via GitHub)" <gi...@apache.org>.

mike-jumper commented on PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#issuecomment-1781651860

   The `GUACD_SSL` environment variable controls the `guacd-ssl` property, which is used to enable SSL/TLS encryption between the webapp and guacd. It's uncommon to use this, as that communication is typically purely over loopback or at least on a trusted network route, but it's not obsolete.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [guacamole-client] ronansalmon commented on a diff in pull request #805: GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat

Posted by "ronansalmon (via GitHub)" <gi...@apache.org>.

ronansalmon commented on code in PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#discussion_r1129094131


##########
guacamole-docker/README.md:
##########
@@ -228,6 +228,49 @@ The process for doing this via the `sqlcmd` utilities included
 with SQLServer is documented in
 [the Guacamole manual](http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-sqlserver).
 
+Enabling guacd ssl
+================
+This explains how to enable ssl between guacamole and guacd using a self signed certificat.
+
+1. Generate a new certificat
+You need to create the new certificat on the guacd host.
+
+```shell
+openssl genrsa -out /etc/guacd/server.key 2048
+openssl req -new -key /etc/guacd/server.key -out /etc/guacd/cert.csr
+openssl x509 -in /etc/guacd/cert.csr -out /etc/guacd/server.crt -req -signkey /etc/guacd/server.key -days 3650
+openssl pkcs12 -export -in /etc/guacd/server.crt -inkey /etc/guacd/server.key  -out /etc/guacd/server.p12 -CAfile ca.crt -caname root
+```
+2. Configure guacd
+
+On debian, edit /etc/default/guacd and modify the following variables.
+```
+# listen on all interface
+LISTEN_ADDRESS=0.0.0.0
+
+# certificats
+DAEMON_ARGS=-C /etc/guacd/server.crt -K /etc/guacd/server.key
+```
+restart guacd! 

Review Comment:
   @necouchman 
   can I use the same Jira to update guacd section of the user guide ?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat [guacamole-client]

Posted by "necouchman (via GitHub)" <gi...@apache.org>.

necouchman commented on PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#issuecomment-1762513647

   @ronansalmon Any chance we can wrap this one up?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [guacamole-client] necouchman commented on a diff in pull request #805: GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat

Posted by "necouchman (via GitHub)" <gi...@apache.org>.

necouchman commented on code in PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#discussion_r1129396746


##########
guacamole-docker/README.md:
##########
@@ -228,6 +228,49 @@ The process for doing this via the `sqlcmd` utilities included
 with SQLServer is documented in
 [the Guacamole manual](http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-sqlserver).
 
+Enabling guacd ssl
+================
+This explains how to enable ssl between guacamole and guacd using a self signed certificat.
+
+1. Generate a new certificat
+You need to create the new certificat on the guacd host.
+
+```shell
+openssl genrsa -out /etc/guacd/server.key 2048
+openssl req -new -key /etc/guacd/server.key -out /etc/guacd/cert.csr
+openssl x509 -in /etc/guacd/cert.csr -out /etc/guacd/server.crt -req -signkey /etc/guacd/server.key -days 3650
+openssl pkcs12 -export -in /etc/guacd/server.crt -inkey /etc/guacd/server.key  -out /etc/guacd/server.p12 -CAfile ca.crt -caname root
+```
+2. Configure guacd
+
+On debian, edit /etc/default/guacd and modify the following variables.
+```
+# listen on all interface
+LISTEN_ADDRESS=0.0.0.0
+
+# certificats
+DAEMON_ARGS=-C /etc/guacd/server.crt -K /etc/guacd/server.key
+```
+restart guacd! 

Review Comment:
   Sure, I think that would be fine.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [guacamole-client] necouchman commented on a diff in pull request #805: GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat

Posted by "necouchman (via GitHub)" <gi...@apache.org>.

necouchman commented on code in PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#discussion_r1124805311


##########
guacamole-docker/README.md:
##########
@@ -228,6 +228,49 @@ The process for doing this via the `sqlcmd` utilities included
 with SQLServer is documented in
 [the Guacamole manual](http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-sqlserver).
 
+Enabling guacd ssl
+================
+This explains how to enable ssl between guacamole and guacd using a self signed certificat.

Review Comment:
   `certificate`
   
   Here, and several other places below in this file.



##########
guacamole-docker/README.md:
##########
@@ -228,6 +228,49 @@ The process for doing this via the `sqlcmd` utilities included
 with SQLServer is documented in
 [the Guacamole manual](http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-sqlserver).
 
+Enabling guacd ssl
+================
+This explains how to enable ssl between guacamole and guacd using a self signed certificat.
+
+1. Generate a new certificat
+You need to create the new certificat on the guacd host.
+
+```shell
+openssl genrsa -out /etc/guacd/server.key 2048
+openssl req -new -key /etc/guacd/server.key -out /etc/guacd/cert.csr
+openssl x509 -in /etc/guacd/cert.csr -out /etc/guacd/server.crt -req -signkey /etc/guacd/server.key -days 3650
+openssl pkcs12 -export -in /etc/guacd/server.crt -inkey /etc/guacd/server.key  -out /etc/guacd/server.p12 -CAfile ca.crt -caname root
+```
+2. Configure guacd
+
+On debian, edit /etc/default/guacd and modify the following variables.
+```
+# listen on all interface
+LISTEN_ADDRESS=0.0.0.0
+
+# certificats
+DAEMON_ARGS=-C /etc/guacd/server.crt -K /etc/guacd/server.key
+```
+restart guacd! 
+
+3. Deploy Guacamole
+
+```shell
+docker run --name some-guacamole                                  \
+  -e GUACOMOLE_SSL_KEYSTORE_FILE=/home/guacamole/certs/server.p12 \
+  -e GUACOMOLE_SSL_KEYSTORE_PASS=changeme                         \
+  -e GUACD_SSL=true                                               \
+  -e GUACD_PORT=4822                                              \
+  -e GUACD_HOSTNAME=hostname                                      \
+  -v <path to certificat>:/home/guacamole/certs                   \
+  ...
+  -d -p 8080:8080 guacamole/guacamole
+```
+
+4. From the guacamole web interface, add a new connexion and enable SSL/TLS whenever using a guacd proxy.

Review Comment:
   `connexion` -> `connection`



##########
guacamole-docker/README.md:
##########
@@ -228,6 +228,49 @@ The process for doing this via the `sqlcmd` utilities included
 with SQLServer is documented in
 [the Guacamole manual](http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-sqlserver).
 
+Enabling guacd ssl
+================
+This explains how to enable ssl between guacamole and guacd using a self signed certificat.
+
+1. Generate a new certificat
+You need to create the new certificat on the guacd host.
+
+```shell
+openssl genrsa -out /etc/guacd/server.key 2048
+openssl req -new -key /etc/guacd/server.key -out /etc/guacd/cert.csr
+openssl x509 -in /etc/guacd/cert.csr -out /etc/guacd/server.crt -req -signkey /etc/guacd/server.key -days 3650
+openssl pkcs12 -export -in /etc/guacd/server.crt -inkey /etc/guacd/server.key  -out /etc/guacd/server.p12 -CAfile ca.crt -caname root
+```
+2. Configure guacd
+
+On debian, edit /etc/default/guacd and modify the following variables.
+```
+# listen on all interface
+LISTEN_ADDRESS=0.0.0.0
+
+# certificats
+DAEMON_ARGS=-C /etc/guacd/server.crt -K /etc/guacd/server.key
+```
+restart guacd! 

Review Comment:
   Why are these steps required for a Docker install? Wouldn't this be steps that would work if you're running guacd natively?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [guacamole-client] necouchman commented on a diff in pull request #805: GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat

Posted by "necouchman (via GitHub)" <gi...@apache.org>.

necouchman commented on code in PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#discussion_r1161107483


##########
guacamole-docker/README.md:
##########
@@ -228,6 +228,31 @@ The process for doing this via the `sqlcmd` utilities included
 with SQLServer is documented in
 [the Guacamole manual](http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-sqlserver).
 
+Enabling ssl
+================
+This explains how to enable ssl between guacamole and guacd using a self signed certificate.
+
+You need to create the new certificate on the guacd host, see https://github.com/apache/guacamole-server/blob/master/README 
+or https://github.com/apache/guacamole-server/blob/master/src/guacd-docker/README.md depending
+on the version you will use (standalone vs docker).

Review Comment:
   I suspect we should document this somewhere in the Guacamole User Guide (Manual), and link to that instead of linking directly to the Github repository.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [PR] GUACAMOLE-1746: Docker Allow usage of custom keystore and custom certificat [guacamole-client]

Posted by "ronansalmon (via GitHub)" <gi...@apache.org>.

ronansalmon commented on PR #805:
URL: https://github.com/apache/guacamole-client/pull/805#issuecomment-1785108358

   > I would add some thoughts: ~1) What is the environment variabale `GUACD_SSL` for? As far as I can see it's not used on `guacamole-client` nor on `guacamole-server` anywhere (except within the changed files). Seems obsolete to me~ 2) Maybe the environment variables `GUACD_SSL_KEYSTORE_FILE` and `GUACD_SSL_KEYSTORE_PASS` should be renamed to something fitting better to their true purpose like `JAVA_KEYSTORE_FILE` and `JAVA_KEYSTORE_PASS`
   
   Done


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@guacamole.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org