Has anyone successfully kickstarted a rhel/fedora/centos over HTTPS ? In other words, is it possible to do the rhel/fedora/centos install from running apache with SSL enabled?
View 1 RepliesI'm trying to recover a GFS2 partition on a SAN that was connected to a server that was recently kickstarted with the "clearpart -all -initlabel". Is this possible? The volumes are quite large (20TB). I'm currently in the process of using parted's rescue feature but so far that has been unsuccessful.
Here's some output from my system:
Number Start End Size File system Name Flags
Nothing?
I have a centos server (5.3). I installed WebMin to assist with some of the administration details. In any event, I got it installed but I cannot access it (it requires a secure connection).
I checked out the server and it does not respond to a HTTPS:// request. When I telnet into port 80, it responds but it does not respond on port 443. MOD_SSL is installed and there is an ssl.conf (unmodified).
The nagios admin interface apparently needs php (although, of course, the howto mentions nothing of the sort). So then, I copied the php.conf that had at some time been installed on the system, and then moved by me out of /etc/httpd/conf.d, back into conf.d. It's a fairly simple one:
#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
#
LoadModule php5_module modules/libphp5.so
[Code]....
I have 2 web server in my office : http and https. You will find attached the httpd.conf and ssl.conf. I can acces the https server from home, but not the http one.
What I did :
configure the router to forward port 80 to my fedora 11 machine
open port 80 with system-config-network
created a virtualhost
The same exact steps have been done for port 443
I can access both server locally but only the https server remotelly.
Here are my iptables :
Code:
you can try to acces my servers using [url]
I made httpd to listen to port 8080, and done all the port forwarding/opening stuf, and it works. so is it a bug ?
Finally found my error seams like turning off UseCanonicalName to off did the trick
I really think it's a bug now. It was definitively working last week, I just added content to the main host of my website, and now i can't acces it from port 80. If someone think it's not a bug or find someting missing/wrong in my conf file.
I have Red Hat Enterprise 5 and am trying to resize a partition. I am using the resize command within "parted" and am getting the following error - Error: File system has an incompatible feature enabled.
View 3 Replies View RelatedI've just installed latest verion of centos and am having trouble getting Apache to work or even knowing how to test it's working.
When I open up firefox and type 'http://localhost/' I am getting the message "failed to connect" firefox can't establish a connection to server localhost.
I decided that I'd torture myself and try to get a server up and running with SELinux fully enabled. I so far have figured out virtual hosting, vsftpd, and SSH to work with it nicely, but I can't figure out what to do to get AWstats to be viewable through a browser with SELinux enabled. This is what I get from /var/log/messages:
Code:
Mar 19 15:09:34 localhost kernel: type=1400 audit(1237496974.987:69): avc: denied { getattr } for pid=4769 comm="httpd" path="/usr/share/awstats/wwwroot/cgi-bin/awstats.pl" dev=sda1 ino=1267968 scontext=unconfined_u:system_r:httpd_t:s0 tcontext=system_u:object_r:httpd_awstats_script_exec_t:s0 tclass=file
Mar 19 15:09:34 localhost kernel: type=1400 audit(1237496974.987:70): avc: denied { getattr } for pid=4769 comm="httpd" path="/usr/share/awstats/wwwroot/cgi-bin/awstats.pl" dev=sda1 ino=1267968 scontext=unconfined_u:system_r:httpd_t:s0 tcontext=system_u:object_r:httpd_awstats_script_exec_t:s0 tclass=file
Could someone explain to me what I should be looking for in these messages? Or what I would need to do to fix it?
I was wondering if it is possible to have different certificates for different directories in a https-directory ?So what I want is that for a specificry a specific TLS-certificate is needed by the http-client to be authorized to the directory.Directory /var/www/html/secure/1 needs a certificate A.Directory /var/www/html/secure/2 need a different certificate B.So I have 1 CA, which signs the other certificates of the specific directory. The http-client gets the certificate A or certificate B (to be authenticated for secure/1 of secure/2)
View 5 Replies View RelatedFor some of the files that I share using Apache, I want to make sure that they are served ONLY via https.
How can I configure this for Apache?
I am trying to get name based virtual hosts all running on HTTPS (port 443) so I can run multiple sites on the one IP.
The DocumentRoot needs to be different for each host.
[URL]
However, I am unable to find where to actually enable these hosts in the configs. The apache website says to put it in httpd.conf however that file is empty on my machine.
The existing default virtual hosts are in "/etc/apache2/sites-available/default" and "default-ssl"
The main config file is /etc/apache2/apache2.conf
I am running version 2.2.16 of apache
I need to use the same .htpasswd file for all the sites.
I have configured CNAMES on my domain for all of these hosts.
I have configured apache using mod_jk to front tomcat. Then I configured tomcat and my application to use https. but after that I cannot access it through https without adding port 8080 in the URL. I think I need to add some configurations to apache to cope with this situation, but I still couldn't find the proper config though I tried many.
View 4 Replies View RelatedFor some years now I have been able to use openssl (apache-mod_ssl) to process encrypted traffic because I had, in effect, only one host - the main server - as the sole entry in our ssl_vhost.conf file.
Now we are working toward serving a couple of more secure sites for closely related organizations, but with their own distinct identities. This, in the past, would have meant additional static IPs with matching nic cards for starters. But my understanding is that since 2007/8 we have been able to use gnutls (apache-mod_gnutls) which gets around the old problem of Apache not being able to direct name-based traffic because that would not yet have been decoded. This is referred to as SNI - Server Name Indication.
Here my confusion begins. Is there an overlap between SSL and TLS? For instance, I would have generated RSA keys and a self-signed certificate with the genrsa command. Is this sufficient for gnutls or does it need to generate its own keys and certificates? I realize gnutls is relatively a new kid on the block but it is appealing and I'd like to give it a try.
I am working with the Mandriva/Mageia cooker with an x86_64 architecture so all packages are up-to-the-minute.
How to best manage both http and https pages on the same apache-server without conflicts. For example, if i have both 000-default.conf and 000-default-ssl.conf pointing to mydomain.com, and don't want users who visit mydomain.com without specifically type the https-prefix to be redirected to the https-page - how to handle users using browserplugins such as https-everywhere etc?
Another option would be to create a subdomain ssl.mudomain.com and have users who want to reach the ssl site to have to type ssl. I have tested several things with https everywhere enabled in my own browser, and it seems really hard to make this working the way i want, in one way or another i always end up getting redirected to the ssl-site automatically.
The reason i need this to work is because i run one site that i don't care much about SSL, that is the "official" part of that site, and i also host some things for friends and family on the SSL-part. This would not have been a problem if it wasn't that i use self-signed certificates for my ssl-site and the major user become afraid when a certificate-warning pops up in their browser and therefor leave the site.
On one of my servers (Centos 5.5), I have been hosting articularly complex CRM application for one of my clients. Recently they have asked about configuring SSL connections to the CRM. Problem is, SSL is already configured for their main domain but not the sub-domain where the CRM application is accessed. Rather than purchasing another SSL certificate for their sub-domain (and probably another IP address),ld it be possible to setup a redirection from the subdomain to a sub-directory in the SSL directory using mod_rewrite. I have searched online and through the other posts on LinuxQuestions but nothing I have tried works.For example:[URl]
View 2 Replies View Relatedi have dual OS in my hard disk. win xp and rhel5. i used use ntfs partition too while working in linux. There is no problem until i enable selinux. When i enabled that, its giving some error at startup and left the partition unmounted. But manually i can mount after logged in. But i need it at the startup itself. How to solve this.i am installed dkms* dkms-fuse* fuse* and fuse-ntfs-3g* rpms to use the ntfs partitions.
View 4 Replies View Relatedhow to install squid3.1.x to block https sites?
View 1 Replies View RelatedMy doubt is " Can we install Xen 3.2 on RHEL version 3".
View 1 Replies View RelatedAfter a new install of Slackware 12.2, I carried out the following procedures to get everything working successfully right out of the box. The server is a standalone system, used for testing and educational purposes, so please bear that in mind. NB: Throughout this post when you see a single # at the start of a line it means you are typing the commands as root user. You should not include the #, only the text after it.
### setup Apache with php enabled
Login as root user on your Slackware box and type:
# pico -w /etc/httpd/httpd.conf
[code].....
I have the following details on my system:
- CentOS
- RHEL 5
- WebWare for Python
We have an exisiting website written in Python and was developed by other entities and now being maintained by us. We want to run the website using secure connection (HTTPS), I tried reading this article and successfully executed every instructions but still failed to run the website using HTTPS.
[URL]
The way we run the website is using port 8080, e.g. [URL] I am sure I am missing something here, first, I am still looking on where does the port 8080 comes from since I've checked the httpd.config and it wasn't there.
How can I check if my CentOS server has Apache configured with SSL enabled? I think Apache was installed with the default modules.
View 3 Replies View RelatedI am looking for a tool that can automatically create a rpm package after compiling from source, replacing "make install" Ubuntu and Debian use checkinstall for that.
What is the equivalent for centos?
HTTPS doesn't work. Im running firefox in ubuntu 10.10.
View 1 Replies View Relatedwhich is the most elegant way to check which apache modules are enabled?
View 3 Replies View RelatedA client has sent me an RHEL 5.1 box for me to do some work on, but it's not registered with Red Hat. This is causing me problems, because it's a minimal installation, and I need some more dev software.My immediate reaction was to install various bits (emacs, and so on) from my Centos 5(.0) DVD.The base RHEL system only had one (disabled) repo entry,so I added a yum DVD repo entry in yum.conf.d.
This looked good to start with, but it doesn't work. Something in RHEL's pirut/yum/rpm/whatever is getting confused, and can't work out what is/isn't installed.
Question - how do you maintain an unregistered RHEL box? Has RH done something to make life difficult? Is my problem simply that I'm using a Centos 5.0 DVD, instead of Centos 5.1? Am I stuck with downloading lots of rpms from the net and doing everything manually? I really don't want to do that.
Today I am sharing one more how to for those who is fresher or experience but unable to Install VLC Player on Red Hat Enterprise Linux 5.x. By Performing this howto you will able to install VLC Player in Just 6 Steps.
Following things must exist on your Computer/Linux :-
=> Direct Working Internet Connection or Yum Should run from Terminal. If you are using Internet connection with Proxy then it will be problematic for you.
=> RHEL 5.x must be installed
[URL]
So far failed to get either RHEL 6.0 Eval or Centos to install on Virtual Box.
Should it really be that difficult?
I have a very unusual [and most likely unsupported] upgrade path I need to take.
I have two servers, both Dell PE1800's that I need to upgrade.
One of them is a Fedora Core 4 (x86) box and the second is RHEL5 x86_64.
I need to do an in-place upgrade to CentOS 5.3 without having to reinstall from scratch and keeping my downtime to an absolute minimum. Each of these servers has about 10TB of data stored and I really don't want to have to reformat and restore from backps.
How can I do this?
I am trying to install CentOS 5.2, and the installation ran out of disk space after running for about 2 hours.I checked the FAQ, and it said 1.2 GB. The disk is 3 GB. The default install was selected, and I think that it checks for sufficient available disk space before installing. Still, it ran for quite a while before announcing that it was out of disk space.The Installation Guide is not very helpful, since there is a blank page where the disk space requirement is supposed to be. I just picked the default installation. A search of the forums on "not enough disk space" did not return much.
View 13 Replies View RelatedI am currently setting up a Mono environment (mono, monodevelop, gtk#, etc.) in order to experiment with C# programming. Ideally I would like to use the latest version of mono, 2.10; however, F14 repos only carry 2.6.x . Compiling and installing 2.10 from tarballs is causing me dependency troubles which I'm not willing to dedicate much time to. In the meantime, I came across this Novell-hosted rpm repo, which is supposed to be used by RHEL/CentOS users:[URL]. Is it possible to somehow add said repository as an installation source via yum/rpm, or the differences between Fedora and RHEL repositories goes beyond aesthetic differences?
View 5 Replies View Related