You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Serge Dubrouski <se...@gmail.com> on 2006/09/27 00:12:14 UTC
[users@httpd] Proxy SSL and Client Certificates
Hello Everyone -
I have an Apache 2.2.3 server installed with mod_proxy and mod_ssl
configured that I use as a frontend server in Internet. I also have
iPlanet backend legasy server that runs on of our custom
applications. That application has embedded authentication based on
clients SSL Certificates. Now I want to make Apache to act as a proxy
server between Internet users and that backend iPlanet server. The
problem here is that I can't make Apache to pass submitted client
certificate down to iPlanet. Does anybody have any idea how to do
that? Simple SSLProxyEngine does not work.
Thanks.
Serge.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Disabled connection and child process exiting
Posted by sn...@cob.org.
We've been having issues with our Apache 2.2.2 restarting on us
periodically (several times a day). Here's an excerpt from our error log:
[Wed Dec 06 07:14:31 2006] [error] (OS 10061)No connection could be made
because the target machine actively refused it. : proxy: HTTP: attempt to
connect to 192.168.1.1:80 (192.168.1.1) failed
[Wed Dec 06 07:14:31 2006] [error] ap_proxy_connect_backend disabling
worker for (192.168.1.1)
[Wed Dec 06 07:14:32 2006] [error] (OS 10061)No connection could be made
because the target machine actively refused it. : proxy: HTTP: attempt to
connect to 192.168.1.1:80 (192.168.1.1) failed
[Wed Dec 06 07:56:00 2006] [error] (OS 10061)No connection could be made
because the target machine actively refused it. : proxy: HTTP: attempt to
connect to 192.168.1.1:80 (192.168.1.1) failed
[Wed Dec 06 07:56:00 2006] [error] ap_proxy_connect_backend disabling
worker for (192.168.1.1)
[Wed Dec 06 07:56:06 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:11 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:21 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:21 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:28 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:30 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:31 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:33 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:35 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:41 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:42 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:46 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:51 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:51 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:54 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:54 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:55 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:55 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:58 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 07:56:58 2006] [error] proxy: HTTP: disabled connection for
(192.168.1.1)
[Wed Dec 06 08:13:32 2006] [notice] Parent: child process exited with
status 3221225477 -- Restarting.
[Wed Dec 06 08:13:33 2006] [notice] Apache/2.2.0 (Win32) proxy_html/2.5
mod_ssl/2.2.0 OpenSSL/0.9.8a configured -- resuming normal operations
[Wed Dec 06 08:13:33 2006] [notice] Server built: Dec 30 2005 21:24:41
[Wed Dec 06 08:13:33 2006] [notice] Parent: Created child process 2548
[Wed Dec 06 08:13:33 2006] [notice] Disabled use of AcceptEx() WinSock2 API
[Wed Dec 06 08:13:34 2006] [notice] Child 2548: Child process is running
[Wed Dec 06 08:13:34 2006] [notice] Child 2548: Acquired the start mutex.
[Wed Dec 06 08:13:34 2006] [notice] Child 2548: Starting 1920 worker
threads.
[Wed Dec 06 08:13:34 2006] [notice] Child 2548: Listening on port 443.
[Wed Dec 06 08:13:34 2006] [notice] Child 2548: Listening on port 80.
Any help in identifying what might be causing this would be appreciated.
Thanks.
____________________________
Steven Niedermeyer
Bellingham, WA
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Proxy SSL and Client Certificates
Posted by Serge Dubrouski <se...@gmail.com>.
Actually the certs are public information. They contain client's
public key that is used for encrypting data that can be decrypted with
private key only, which is never get sent to the server.
But you are right that passing that certificate down to the back end
HTTPs server impossible because proxy server don't have client's
private key to decrypt backend server answers. It works with mod_jk
only because it uses AJP protocol and just sets certs data to env
without encrypting data and establishing real HTTPs connection.
Thanks for you answers. They helped me to understand why that can't be done.
On 9/26/06, Andrew E. White <ae...@uark.edu> wrote:
> The certs have to be pulled from somewhere, and by default, at the start of a SSL connection. Part of the SSL connection setup is the challenge phase in which the presenter must have the private key. Remember that a cert is a public piece of information. That is why it can be seen by others in the first place.
>
> If your backend server needs access to the client's cert, then the front end server must be a transparent proxy in which the front end web server never acts on the data in any way. Any other uses would be a man-in-the-middle attack because anyone could trick the browser into transmitting the cert to them.
>
> In short, I don't know if mod_proxy can act as a full transparent proxy. It is fairly easy to write a module to be one. Squid might also be something to look into...
>
> Andrew
>
> ----- Original Message -----
> From: Serge Dubrouski <se...@gmail.com>
> Date: Tuesday, September 26, 2006 9:04 pm
> Subject: Re: [users@httpd] Proxy SSL and Client Certificates
> To: users@httpd.apache.org
>
> > You aren't quite right. Your statement is right for crypting part but
> > not for authenticating part. IE client's key is needed fo decrypting
> > information but client crtificate is also needed for authenticating
> > client.
> >
> > For example mod_jk that is used for connecting Apache to Tomcat has
> > following options for passing SSL data from Apache to Tomcat:
> >
> > JkExtractSSL On
> > # What is the indicator for SSL (default is HTTPS)
> > JkHTTPSIndicator HTTPS
> > # What is the indicator for SSL session (default is SSL_SESSION_ID)
> > JkSESSIONIndicator SSL_SESSION_ID
> > # What is the indicator for client SSL cipher suit (default is
> > SSL_CIPHER)JkCIPHERIndicator SSL_CIPHER
> > # What is the indicator for the client SSL certificated (default is
> > SSL_CLIENT_CERT)
> > JkCERTSIndicator SSL_CLIENT_CERT
> >
> > And Tomcat sees client certificates all right after that. I'm looking
> > for that kind of options for mod_proxy.
> >
> >
> > On 9/26/06, Andrew E. White <ae...@uark.edu> wrote:
> > > By nature, certs require a private key to verify them, so if a
> > user is passing through your web server, the client's certificate
> > will do you no good beyond the webserver since the webserver does
> > not have the client's private key.
> > >
> > > Andrew
> > >
> > > ----- Original Message -----
> > > From: Serge Dubrouski <se...@gmail.com>
> > > Date: Tuesday, September 26, 2006 5:12 pm
> > > Subject: [users@httpd] Proxy SSL and Client Certificates
> > > To: users@httpd.apache.org
> > >
> > > > Hello Everyone -
> > > >
> > > > I have an Apache 2.2.3 server installed with mod_proxy and mod_ssl
> > > > configured that I use as a frontend server in Internet. I also
> > have> > iPlanet backend legasy server that runs on of our custom
> > > > applications. That application has embedded authentication
> > based on
> > > > clients SSL Certificates. Now I want to make Apache to act as a
> > proxy> > server between Internet users and that backend iPlanet
> > server. The
> > > > problem here is that I can't make Apache to pass submitted client
> > > > certificate down to iPlanet. Does anybody have any idea how to do
> > > > that? Simple SSLProxyEngine does not work.
> > > >
> > > > Thanks.
> > > >
> > > > Serge.
> > > >
> > > > ----------------------------------------------------------------
> > ----
> > > > -
> > > > The official User-To-User support forum of the Apache HTTP Server
> > > > Project.See <URL:http://httpd.apache.org/userslist.html> for more
> > > > info.To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > > For additional commands, e-mail: users-help@httpd.apache.org
> > > >
> > > >
> > >
> > > ------------------------------------------------------------------
> > ---
> > > The official User-To-User support forum of the Apache HTTP Server
> > Project.> See <URL:http://httpd.apache.org/userslist.html> for more
> > info.> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> >
> > --------------------------------------------------------------------
> > -
> > The official User-To-User support forum of the Apache HTTP Server
> > Project.See <URL:http://httpd.apache.org/userslist.html> for more
> > info.To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Proxy SSL and Client Certificates
Posted by "Andrew E. White" <ae...@uark.edu>.
The certs have to be pulled from somewhere, and by default, at the start of a SSL connection. Part of the SSL connection setup is the challenge phase in which the presenter must have the private key. Remember that a cert is a public piece of information. That is why it can be seen by others in the first place.
If your backend server needs access to the client's cert, then the front end server must be a transparent proxy in which the front end web server never acts on the data in any way. Any other uses would be a man-in-the-middle attack because anyone could trick the browser into transmitting the cert to them.
In short, I don't know if mod_proxy can act as a full transparent proxy. It is fairly easy to write a module to be one. Squid might also be something to look into...
Andrew
----- Original Message -----
From: Serge Dubrouski <se...@gmail.com>
Date: Tuesday, September 26, 2006 9:04 pm
Subject: Re: [users@httpd] Proxy SSL and Client Certificates
To: users@httpd.apache.org
> You aren't quite right. Your statement is right for crypting part but
> not for authenticating part. IE client's key is needed fo decrypting
> information but client crtificate is also needed for authenticating
> client.
>
> For example mod_jk that is used for connecting Apache to Tomcat has
> following options for passing SSL data from Apache to Tomcat:
>
> JkExtractSSL On
> # What is the indicator for SSL (default is HTTPS)
> JkHTTPSIndicator HTTPS
> # What is the indicator for SSL session (default is SSL_SESSION_ID)
> JkSESSIONIndicator SSL_SESSION_ID
> # What is the indicator for client SSL cipher suit (default is
> SSL_CIPHER)JkCIPHERIndicator SSL_CIPHER
> # What is the indicator for the client SSL certificated (default is
> SSL_CLIENT_CERT)
> JkCERTSIndicator SSL_CLIENT_CERT
>
> And Tomcat sees client certificates all right after that. I'm looking
> for that kind of options for mod_proxy.
>
>
> On 9/26/06, Andrew E. White <ae...@uark.edu> wrote:
> > By nature, certs require a private key to verify them, so if a
> user is passing through your web server, the client's certificate
> will do you no good beyond the webserver since the webserver does
> not have the client's private key.
> >
> > Andrew
> >
> > ----- Original Message -----
> > From: Serge Dubrouski <se...@gmail.com>
> > Date: Tuesday, September 26, 2006 5:12 pm
> > Subject: [users@httpd] Proxy SSL and Client Certificates
> > To: users@httpd.apache.org
> >
> > > Hello Everyone -
> > >
> > > I have an Apache 2.2.3 server installed with mod_proxy and mod_ssl
> > > configured that I use as a frontend server in Internet. I also
> have> > iPlanet backend legasy server that runs on of our custom
> > > applications. That application has embedded authentication
> based on
> > > clients SSL Certificates. Now I want to make Apache to act as a
> proxy> > server between Internet users and that backend iPlanet
> server. The
> > > problem here is that I can't make Apache to pass submitted client
> > > certificate down to iPlanet. Does anybody have any idea how to do
> > > that? Simple SSLProxyEngine does not work.
> > >
> > > Thanks.
> > >
> > > Serge.
> > >
> > > ----------------------------------------------------------------
> ----
> > > -
> > > The official User-To-User support forum of the Apache HTTP Server
> > > Project.See <URL:http://httpd.apache.org/userslist.html> for more
> > > info.To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> >
> > ------------------------------------------------------------------
> ---
> > The official User-To-User support forum of the Apache HTTP Server
> Project.> See <URL:http://httpd.apache.org/userslist.html> for more
> info.> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
> --------------------------------------------------------------------
> -
> The official User-To-User support forum of the Apache HTTP Server
> Project.See <URL:http://httpd.apache.org/userslist.html> for more
> info.To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Proxy SSL and Client Certificates
Posted by Serge Dubrouski <se...@gmail.com>.
Plus of course SSLOptions +ExportCertsData that exports client
certificate data into env. The question is how to make mod_proxy to
send it down to backend server.
On 9/26/06, Serge Dubrouski <se...@gmail.com> wrote:
> You aren't quite right. Your statement is right for crypting part but
> not for authenticating part. IE client's key is needed fo decrypting
> information but client crtificate is also needed for authenticating
> client.
>
> For example mod_jk that is used for connecting Apache to Tomcat has
> following options for passing SSL data from Apache to Tomcat:
>
> JkExtractSSL On
> # What is the indicator for SSL (default is HTTPS)
> JkHTTPSIndicator HTTPS
> # What is the indicator for SSL session (default is SSL_SESSION_ID)
> JkSESSIONIndicator SSL_SESSION_ID
> # What is the indicator for client SSL cipher suit (default is SSL_CIPHER)
> JkCIPHERIndicator SSL_CIPHER
> # What is the indicator for the client SSL certificated (default is SSL_CLIENT_C
> ERT)
> JkCERTSIndicator SSL_CLIENT_CERT
>
> And Tomcat sees client certificates all right after that. I'm looking
> for that kind of options for mod_proxy.
>
>
> On 9/26/06, Andrew E. White <ae...@uark.edu> wrote:
> > By nature, certs require a private key to verify them, so if a user is passing through your web server, the client's certificate will do you no good beyond the webserver since the webserver does not have the client's private key.
> >
> > Andrew
> >
> > ----- Original Message -----
> > From: Serge Dubrouski <se...@gmail.com>
> > Date: Tuesday, September 26, 2006 5:12 pm
> > Subject: [users@httpd] Proxy SSL and Client Certificates
> > To: users@httpd.apache.org
> >
> > > Hello Everyone -
> > >
> > > I have an Apache 2.2.3 server installed with mod_proxy and mod_ssl
> > > configured that I use as a frontend server in Internet. I also have
> > > iPlanet backend legasy server that runs on of our custom
> > > applications. That application has embedded authentication based on
> > > clients SSL Certificates. Now I want to make Apache to act as a proxy
> > > server between Internet users and that backend iPlanet server. The
> > > problem here is that I can't make Apache to pass submitted client
> > > certificate down to iPlanet. Does anybody have any idea how to do
> > > that? Simple SSLProxyEngine does not work.
> > >
> > > Thanks.
> > >
> > > Serge.
> > >
> > > --------------------------------------------------------------------
> > > -
> > > The official User-To-User support forum of the Apache HTTP Server
> > > Project.See <URL:http://httpd.apache.org/userslist.html> for more
> > > info.To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Proxy SSL and Client Certificates
Posted by Serge Dubrouski <se...@gmail.com>.
You aren't quite right. Your statement is right for crypting part but
not for authenticating part. IE client's key is needed fo decrypting
information but client crtificate is also needed for authenticating
client.
For example mod_jk that is used for connecting Apache to Tomcat has
following options for passing SSL data from Apache to Tomcat:
JkExtractSSL On
# What is the indicator for SSL (default is HTTPS)
JkHTTPSIndicator HTTPS
# What is the indicator for SSL session (default is SSL_SESSION_ID)
JkSESSIONIndicator SSL_SESSION_ID
# What is the indicator for client SSL cipher suit (default is SSL_CIPHER)
JkCIPHERIndicator SSL_CIPHER
# What is the indicator for the client SSL certificated (default is SSL_CLIENT_C
ERT)
JkCERTSIndicator SSL_CLIENT_CERT
And Tomcat sees client certificates all right after that. I'm looking
for that kind of options for mod_proxy.
On 9/26/06, Andrew E. White <ae...@uark.edu> wrote:
> By nature, certs require a private key to verify them, so if a user is passing through your web server, the client's certificate will do you no good beyond the webserver since the webserver does not have the client's private key.
>
> Andrew
>
> ----- Original Message -----
> From: Serge Dubrouski <se...@gmail.com>
> Date: Tuesday, September 26, 2006 5:12 pm
> Subject: [users@httpd] Proxy SSL and Client Certificates
> To: users@httpd.apache.org
>
> > Hello Everyone -
> >
> > I have an Apache 2.2.3 server installed with mod_proxy and mod_ssl
> > configured that I use as a frontend server in Internet. I also have
> > iPlanet backend legasy server that runs on of our custom
> > applications. That application has embedded authentication based on
> > clients SSL Certificates. Now I want to make Apache to act as a proxy
> > server between Internet users and that backend iPlanet server. The
> > problem here is that I can't make Apache to pass submitted client
> > certificate down to iPlanet. Does anybody have any idea how to do
> > that? Simple SSLProxyEngine does not work.
> >
> > Thanks.
> >
> > Serge.
> >
> > --------------------------------------------------------------------
> > -
> > The official User-To-User support forum of the Apache HTTP Server
> > Project.See <URL:http://httpd.apache.org/userslist.html> for more
> > info.To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Proxy SSL and Client Certificates
Posted by "Andrew E. White" <ae...@uark.edu>.
By nature, certs require a private key to verify them, so if a user is passing through your web server, the client's certificate will do you no good beyond the webserver since the webserver does not have the client's private key.
Andrew
----- Original Message -----
From: Serge Dubrouski <se...@gmail.com>
Date: Tuesday, September 26, 2006 5:12 pm
Subject: [users@httpd] Proxy SSL and Client Certificates
To: users@httpd.apache.org
> Hello Everyone -
>
> I have an Apache 2.2.3 server installed with mod_proxy and mod_ssl
> configured that I use as a frontend server in Internet. I also have
> iPlanet backend legasy server that runs on of our custom
> applications. That application has embedded authentication based on
> clients SSL Certificates. Now I want to make Apache to act as a proxy
> server between Internet users and that backend iPlanet server. The
> problem here is that I can't make Apache to pass submitted client
> certificate down to iPlanet. Does anybody have any idea how to do
> that? Simple SSLProxyEngine does not work.
>
> Thanks.
>
> Serge.
>
> --------------------------------------------------------------------
> -
> The official User-To-User support forum of the Apache HTTP Server
> Project.See <URL:http://httpd.apache.org/userslist.html> for more
> info.To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org