Server :: Sticky Connection And HTTPS Support For HAProxy

Feb 24, 2011

We have 2 HTTP Load balancer with HAproxy and heartbeat. There are 4 nodes in this cluster. It's doing round robin load balancing. The HTTP cluster working fine. We are having problem with our portal because it uses SSO. We need sticky connection support in our HAproxy. Also we need load balancing for HTTPS traffic. Here's our HAproxy conf file.

[Code]....

View 1 Replies


ADVERTISEMENT

General :: Sticky Situation Bcos Of Sticky Bit

Feb 21, 2011

Situation is that there are two users on a Linux server- say A and B.A has been operating a shell script that in turn makes use of and exe file.The script and exe both are owned by user A.My problem is that I want user B to make use of the script and exe in exactly the same way user A does.So I have set suid bit of the script, exe and all the library files that the exe uses.But the exe is still not executing from user B.I did a man of chmod on Linux server and it gave an indication that SUID is disabled on new Linux servers.Now the question is, is there any other command that can perform the same task as SUID did on Unix.

View 4 Replies View Related

Slackware :: Slackbuilds - Net-SSLay Building - Required By Webmin To Support Https - Error

Aug 1, 2010

I am trying to build an Net-SSLay package for my Slackware, it is required by webmin to support https.

When I start the Slackbuild script I get this error:

Quote:

What can be done to make this work? Or is there any better way to make webmin working with https?

My OS is Slackware 13_64 and webmin is 1.510 (the latest version).

View 4 Replies View Related

Server :: Will Squid Or HAproxy Work To Reverse Proxy Non-http Traffic

Apr 19, 2011

Will squid or HAproxy work to reverse proxy non-http traffic? I have searched and searched for a reverse proxy solution for non-website traffic. TCP but not http, on ports other than 80, 443, 8080, etc. Basically I just need a TCP forwarder that works with multiple TCP servers, WITHOUT webpage caching features. I do not need or want any webpage caching. Can squid work as a reverse proxy for TCP traffic without http? The other program I came across in searching was HAproxy. Both programs are for http but I am curious if they would work for TCP servers that do not serve webpages.

View 4 Replies View Related

Server :: High-Availability HTTP Load Balancer With HAProxy & Heartbeat On RHEL 5.4

Oct 15, 2010

I am trying to setup a High-Availability HTTP Load Balancer With HAProxy & Heartbeat using the below links.

I have all RHEL 5.4 servers hosted on VMWare.

[url]
[url]

This is the scenario, as given in the links as wells as my setup.

Load Balancer 1

Load Balancer 2

Web Server 1

Web Server 2

I have followed all the steps mentioned in the links religiously except the 2.2 here, in which it is asking to configure the vhosts. I could not really understand , what is to be placed in /etc/httpd/conf.d/vhosts.conf file and in which Web Server.

Due to this step only, I think I am failing in Failover test given in Point 4.1 here. I am able to open the webpage by [url] which gives the content of Web Server 1 (http1.example.com). But, when I try to shutdown the http service (to check failover), it does not shows the contents of Web Server 2 (http2.example.com)

Although, I am able to succeed in Failover Test 4.2, in which shared IP 192.168.0.120 switches when I try to start/stop the any of the Load Balancers.

View 2 Replies View Related

Networking :: Double NAT & HTTPS Connection Timeouts?

Feb 2, 2011

I am having a problem with HTTPs in a double NAT'd network configuration. The scenario is like this..

[Code]...

Machines on these LANs can talk to each other no problem. There is also a NAT rule configured for traffic going from LAN A via LAN C out to the Internet. The Nokia is also doing NAT'ing. Normal web browsing works fine with this setup, but whenever I try to access HTTPS sites, it just hangs and eventually times out.Packet captures have showed lots of TCP Retransmission messages. If I logon directly to the Linux Router and fire up a browser, I am able to access HTTPS sites without any problems. This appears to be something to do with the traffic being NAT'd twice. Is there a way I can get around this without changing the config of the Nokia?

View 1 Replies View Related

General :: Running Website Using Secure Connection (HTTPS)?

Feb 23, 2010

I have the following details on my system:

- CentOS
- RHEL 5
- WebWare for Python

We have an exisiting website written in Python and was developed by other entities and now being maintained by us. We want to run the website using secure connection (HTTPS), I tried reading this article and successfully executed every instructions but still failed to run the website using HTTPS.

[URL]

The way we run the website is using port 8080, e.g. [URL] I am sure I am missing something here, first, I am still looking on where does the port 8080 comes from since I've checked the httpd.config and it wasn't there.

View 14 Replies View Related

Ubuntu Servers :: HTTPS Forced Non Https:// Protocols?

May 22, 2011

I have set up certain portions of my web site to be forced https:// How do I force, non https:// protocols. I know this sounds confusing, so let me give you an example.

[Code]...

View 7 Replies View Related

Server :: Server Offers PHP File For Download On HTTP But Is Fine On HTTPS

Mar 8, 2011

I have a debian box running Apache2 and PHP5.2.6 lenny.

When a request is made via https, php displays the content fine. If the request is made over HTTP the file is offered for download, rather than displaying it.

I know its probably something trivial but I've never seen this issue.

The plot thickens, I can display PHP over HTTP in some directories but not others (which offer the file for download)?

View 9 Replies View Related

Server :: Driver Support - QME2572 - Qlogic - Card Became Support By The Kernel

Jul 10, 2011

I'm trying to find out when QME2572 (Qlogic) card became support by the kernel. We have a RHEL 5.1 system that is moving to new hardware, however the kernel at this release doesn't support the new hardware, due to the Qlogic card change. I tired the Redhat KB and Bugzilla. Is there a Kernel change list etc I can search. Never really played around with the kernel too much so I'm just after some pointers for looking up this information. Offically its not supported until Redhat 5.3, I'm trying trying to research kernel info so I can tell the customer they have to upgrade.

View 3 Replies View Related

Server :: Rewrite For Https In Apache Server?

Nov 9, 2010

We have a apache server which have a ssl certificate like www.abc.com. We hosting a website is a online giving shop which need ssl cetificate in https. website of this is www.123.com, it will redirect tow this website owner don't want to show What can I do to achieve this ? Can I use rewrite function in apache to achieve this? How? or we need to buy any other ssl certificate for www.123.com? How can I install multiple sslcertificate in one apache server?

View 4 Replies View Related

Server :: Start Https On FC10?

Jan 12, 2010

How to start https on FC10?[root@smartgateway conf]# openssl versionOpenSSL 0.9.8g 19 Oct 2007

View 1 Replies View Related

Server :: HTTP To HTTPS On The Same Port ?

Mar 22, 2011

I want to ENABLE SSL on a PORT 2222 :

Now this works fine. But I also want the HTTP URL to work and redirect it to HTTPS.

When I visit http://IP:2222 I get :

Quote:

Bad Request

Your browser sent a request that this server could not understand.

Reason: You're speaking plain HTTP to an SSL-enabled server port.

Instead use the HTTPS scheme to access this URL, please.

Hint: [url]

How should I make this request of [url] CT to [url]

View 14 Replies View Related

Server :: Https And Http For One Domain Name ?

Mar 9, 2011

I'm using a box running CentOS 5.5 powered with Apache2. In this machine I hosted several domains and sub domains, managed by Apache's virtual host.

Due to security issue, one sub domain needs to be able to be accessed either using http or https.

My question is: Is it possible to set a sub domain to be able to be reached using both http and https? If it's possible, how to make it happens?

View 4 Replies View Related

Server :: Pickup The Whole Https URI With A Sniffer?

Sep 15, 2009

Is it possible to pickup the whole https URI with a sniffer?

IE. [url]

For example, Is there a way to get the sniffer to pick up id=39238?

I have been testing with wireshark, and it only seems to be picking up domain.com.

View 1 Replies View Related

Server :: Portal Accessible Only Via HTTPS?

Jun 20, 2011

I'm installing Liferay as a WAR on Tomcat 6 on a new Ubuntu server.I want my portal accessible only via HTTPS, that's why I've enabled it via Apache.My config :Apache 2 (/etc/apache2/sites-enabled/001-https)

Code:
<VirtualHost my.domain.com:443>
ServerAdmin admin@domain.com

[code]....

View 6 Replies View Related

CentOS 5 Server :: HTTPS Not Enabled On 5.3?

Aug 26, 2009

I have a centos server (5.3). I installed WebMin to assist with some of the administration details. In any event, I got it installed but I cannot access it (it requires a secure connection).

I checked out the server and it does not respond to a HTTPS:// request. When I telnet into port 80, it responds but it does not respond on port 443. MOD_SSL is installed and there is an ssl.conf (unmodified).

View 3 Replies View Related

Networking :: Re-route Https To Incoming Server?

Dec 26, 2010

i'm attemping to re-route incoming traffic of https to one of my servers. (a windows xp with subversion on it)

problem is if i do that ALL https traffic from other pc's is stopped. meaning i can't get any reply from any url with https;

View 6 Replies View Related

Server :: Ssl_error_handshake_failure_alert On Https Site - Localhost

Sep 5, 2010

I am trying to configure local https server but I get this message: "ssl_error_handshake_failure_alert"

I configured my apache and make cert and key files from this article, following section 1B: [url]

I try to add server.crt and ca.crt files in firefox, but it didn't help. I googled and didn't find any information. I try also with 1024bit key.

View 6 Replies View Related

Server :: Unable To Access Repo With SVN+HTTPS?

Jul 7, 2011

I am running Ubuntu 10.4 with Apache2, SVN and SSL. Both HTTP and HTTPS are working correctly with my website. Although the SVN setup I have is not working. This configuration gives me a 403 error.

Code:
<Location /svn>
DAV svn
SVNParentPath /srv/svn/repos
SVNListParentPath On

[Code]...

This issue is driving me up the walls. If there is any additional information, I will be more than happy to provide it.

View 5 Replies View Related

Ubuntu Servers :: Https:// Leads To Another Site On My Server

Jul 12, 2010

A while back, I put a site up under a LAMP setup, and followed a guide from ubuntuforums that I googled to set up SSL encryption for the site.

That site works great, but since then, I've added some other sites to the same LAMP server. They load fine as well, but if I type in https:// before going to the latter sites, the browser attempts to redirect to the first, and warns that it is a fraudulent certificate, and that I'm at risk by going to the site.

Obviously, it isn't an attack site, the certificate is just set up for only one domain. How do I prevent my non-SSL sites from redirecting to the SSL-encrypted site?

View 6 Replies View Related

Server :: Error Code: Ssl_error_ssl2_disabled On Https Load

Sep 8, 2010

I am trying to configure test site with https mod_ssl for a few days with no success.

Now I got this message:

And this is second day I can't move on. I try to config https site on my localhost in order to test functionality and etc.

I get this as output in curl

Code:

View 7 Replies View Related

Server :: Hot To Block Gmail Without Blocking Https In SQUID?

Apr 8, 2010

My Problem is: I want to stop gmail access without blocking https. Yes in my squid proxy normal [URL].. is not accessible. But gmail recently started https service by which user can still get access to gmail. I DONT WANT TO STOP https CAUSE ITS BEING USING BY OTHER PROGRAMS.

View 1 Replies View Related

Networking :: Load Balancer Haproxy ?

Jun 17, 2010

I am using haproxy for the first time.I downloaded the latest version 1.4.7 and then unpacked it.then opened the terminal and wrote the command

After which an executable haproxy file was created which I copied to /usr/local/sbin. then i wrote $sudo make install. then I make a configuration file in /etc/haproxy.cfg which is as follows

But it's not working it is various kind of errors intially it was showing "cannot bind to socket" so tried changing the port number but didn't help. I also used command like $sudo sysctl net.ipv4.ip_nonlocal_bind=1 But didn't help.

View 1 Replies View Related

Software :: Install Stunnel With Haproxy 1.4.6?

Jun 25, 2010

how to install stunnel (patch I think ) with haproxy. I guess I would need clear cut instructions because I will be doing this on a production server and dont wanna make any mistakes.

View 6 Replies View Related

Server :: Automatic Rewrites Or Something To Change Http Into Https Requests?

Mar 10, 2011

For one project I use a web hosting service. I wanted the entire site to be https, so I bought a service from them in which they automatically install a trusted cert so people can access the site through https protocol. Since http is still available, though, I need to do automatic rewrites or something to change http into https requests. (I don't have access to their Apache server configuration files or anything like that.)I found on the net this code to add to my .htaccess file:

Code:
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

[code]....

View 3 Replies View Related

Server :: Switching From Openssl To Gnutls For Https Traffic On Apache

Nov 3, 2010

For some years now I have been able to use openssl (apache-mod_ssl) to process encrypted traffic because I had, in effect, only one host - the main server - as the sole entry in our ssl_vhost.conf file.

Now we are working toward serving a couple of more secure sites for closely related organizations, but with their own distinct identities. This, in the past, would have meant additional static IPs with matching nic cards for starters. But my understanding is that since 2007/8 we have been able to use gnutls (apache-mod_gnutls) which gets around the old problem of Apache not being able to direct name-based traffic because that would not yet have been decoded. This is referred to as SNI - Server Name Indication.

Here my confusion begins. Is there an overlap between SSL and TLS? For instance, I would have generated RSA keys and a self-signed certificate with the genrsa command. Is this sufficient for gnutls or does it need to generate its own keys and certificates? I realize gnutls is relatively a new kid on the block but it is appealing and I'd like to give it a try.

I am working with the Mandriva/Mageia cooker with an x86_64 architecture so all packages are up-to-the-minute.

View 3 Replies View Related

Debian Configuration :: Both HTTP And HTTPS On Same Server? (Apache Virtual Hosts)

Oct 30, 2015

How to best manage both http and https pages on the same apache-server without conflicts. For example, if i have both 000-default.conf and 000-default-ssl.conf pointing to mydomain.com, and don't want users who visit mydomain.com without specifically type the https-prefix to be redirected to the https-page - how to handle users using browserplugins such as https-everywhere etc?

Another option would be to create a subdomain ssl.mudomain.com and have users who want to reach the ssl site to have to type ssl. I have tested several things with https everywhere enabled in my own browser, and it seems really hard to make this working the way i want, in one way or another i always end up getting redirected to the ssl-site automatically.

The reason i need this to work is because i run one site that i don't care much about SSL, that is the "official" part of that site, and i also host some things for friends and family on the SSL-part. This would not have been a problem if it wasn't that i use self-signed certificates for my ssl-site and the major user become afraid when a certificate-warning pops up in their browser and therefor leave the site.

View 2 Replies View Related

General :: Lpq Printer 'sdst@other.domain' - Cannot Open Connection - Connection Timed Out Make Sure LPD Server Is Running On The Server

Mar 23, 2011

Linux printing appeared to be working fine up until yesterday. Today typing lpq gives the following: lpq Printer 'sdst@other.domain' - cannot open connection - Connection timed out Make sure LPD server is running on the server

The /etc/cups/printers.conf file is properly set, the printers appear in localhost:631 and they are printing test pages. However, all command line print commands seem to be trying to print to sdst@other.domain I don't know why printers.conf is being ignored and why and how sdst@other.domain was added. Seems like it might have been auto-discovered?

# dit: sdst@other.domain was mentioned in /usr/local/etc/lpd.conf I'm not sure why lpd.conf is being used instead of /etc/cups/printers.conf

View 1 Replies View Related

Fedora :: Services (Haproxy And Stunnel) Failing To Start

Dec 3, 2009

I have 2 services registered one for HAProxy and one for stunnel. When I type service start haproxy or service start stunnel they start and everything works fine. I ran ntsysv and they are set as autostart, and I have init.d scripts that work. I have checked the runlevel and using chkconfig runlevel 3, 4 and 5 are :on. And I also added service haproxy start and service stunnel start to inittab. But when I restart the computer haproxy and stunnel fail to autostart. I am a fedora novice and I have no idea why this isn't working...

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved