Upgrading an Apache proxy server.

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------=_NextPartTM-000-3bca495d-c4e9-4876-94ac-1d41e2f4609b
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C23D2A.E21C6E30"

------_=_NextPart_001_01C23D2A.E21C6E30
Content-Type: text/plain

Hi,

I have encountered a slight problem in an upgrade I am performing, and would
ask for some advice...

I had an Apache 1 server functioning as a proxy. Nothing else, just a proxy
that needed to be able to contact HTTP and HTTPS sites.

I upgraded to Apache 2.0.39 and now the proxy will only connect to HTTP
sites.

It's probably something silly I've forgotten to do/ or done :) So please
take the time to point out my folly?

Thanks for your time
Craig Savage
Hewlett-Packard | HP Services | Bristol

This message is confidential and may also be legally privileged. If you are
not the intended recipient please notify the sender immediately. You must
not copy this message or use it for any purpose, nor publish or disclose its
contents to any other person.




------_=_NextPart_001_01C23D2A.E21C6E30
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable




charset=3Dus-ascii">
5.5.2653.12">

Hi,

I have encountered a slight problem in =
an upgrade I am performing, and would ask for some advice...

I had an Apache 1 server functioning =
as a proxy. Nothing else, just a proxy that needed to be able to =
contact HTTP and HTTPS sites.

I upgraded to Apache 2.0.39 and now =
the proxy will only connect to HTTP sites.

It's probably something silly I've =
forgotten to do/ or done :) So please take the time to point out my =
folly?

Thanks for your time

Craig =
Savage

FACE=3D"Helvetica">Hewlett-Packard      &n=
bsp; | HP =
Services          &nbs=
p; | Bristol



This message is =
confidential and may also be legally privileged. If you are not the =
intended recipient please notify the sender immediately.  You must =
not copy this message or use it for any purpose, nor publish or =
disclose its contents to any other person.

Re: Upgrading an Apache proxy server.

SAVAGE,CRAIG (HP-UnitedKingdom,ex2) wrote:

> I upgraded to Apache 2.0.39 and now the proxy will only connect to HTTP
> sites.

One thing to check - each protocol (HTTP, FTP and HTTPS) is now a
separate module in addition to the mod_proxy module. You might have not
incorporated the required modules with LoadModule.

Regards,
Graham
--
-----------------------------------------
minfrin@sharp.fm
"There's a moon
over Bourbon Street
tonight..."

Re: Upgrading an Apache proxy server.

> "SAVAGE,CRAIG (HP-UnitedKingdom,ex2)" wrote:
>
> Hi,
>
> I have encountered a slight problem in an upgrade I am performing, and
> would ask for some advice...
>
> I had an Apache 1 server functioning as a proxy. Nothing else, just a
> proxy that needed to be able to contact HTTP and HTTPS sites.
>
> I upgraded to Apache 2.0.39 and now the proxy will only connect to
> HTTP sites.
>
> It's probably something silly I've forgotten to do/ or done :) So
> please take the time to point out my folly?
Does your server/proxy listen to port 443 ?

>
> Thanks for your time
> Craig Savage
> Hewlett-Packard | HP Services | Bristol
>
> This message is confidential and may also be legally privileged. If
> you are not the intended recipient please notify the sender
> immediately. You must not copy this message or use it for any
> purpose, nor publish or disclose its contents to any other person.

Re: Upgrading an Apache proxy server.

Sorry, not quite awake this morning, what I meant is , do you permit
CONNECT request on port 443 ?

Peter.

peter.vanbiesen@vlafo.be wrote:
>
> > "SAVAGE,CRAIG (HP-UnitedKingdom,ex2)" wrote:
> >
> > Hi,
> >
> > I have encountered a slight problem in an upgrade I am performing, and
> > would ask for some advice...
> >
> > I had an Apache 1 server functioning as a proxy. Nothing else, just a
> > proxy that needed to be able to contact HTTP and HTTPS sites.
> >
> > I upgraded to Apache 2.0.39 and now the proxy will only connect to
> > HTTP sites.
> >
> > It's probably something silly I've forgotten to do/ or done :) So
> > please take the time to point out my folly?
> Does your server/proxy listen to port 443 ?
>
> >
> > Thanks for your time
> > Craig Savage
> > Hewlett-Packard | HP Services | Bristol
> >
> > This message is confidential and may also be legally privileged. If
> > you are not the intended recipient please notify the sender
> > immediately. You must not copy this message or use it for any
> > purpose, nor publish or disclose its contents to any other person.

RE: Upgrading an Apache proxy server.

Hmmm, I'm not sure? Any way I can check?

At the moment it's listening on port 8089, as did Apache 1

-----Original Message-----
From: Peter Van Biesen [mailto:peter.vanbiesen@vlafo.be]
Sent: 07 August 2002 08:32
To: modproxy-dev@apache.org
Cc: 'users@httpd.apache.org'
Subject: Re: Upgrading an Apache proxy server.


Sorry, not quite awake this morning, what I meant is , do you permit CONNECT
request on port 443 ?

Peter.

peter.vanbiesen@vlafo.be wrote:
>
> > "SAVAGE,CRAIG (HP-UnitedKingdom,ex2)" wrote:
> >
> > Hi,
> >
> > I have encountered a slight problem in an upgrade I am performing,
> > and would ask for some advice...
> >
> > I had an Apache 1 server functioning as a proxy. Nothing else, just
> > a proxy that needed to be able to contact HTTP and HTTPS sites.
> >
> > I upgraded to Apache 2.0.39 and now the proxy will only connect to
> > HTTP sites.
> >
> > It's probably something silly I've forgotten to do/ or done :) So
> > please take the time to point out my folly?
> Does your server/proxy listen to port 443 ?
>
> >
> > Thanks for your time
> > Craig Savage
> > Hewlett-Packard | HP Services | Bristol
> >
> > This message is confidential and may also be legally privileged. If
> > you are not the intended recipient please notify the sender
> > immediately. You must not copy this message or use it for any
> > purpose, nor publish or disclose its contents to any other person.

Re: Upgrading an Apache proxy server.

Do you have an AllowCONNECT statement in your configuration files ?

Peter.

"SAVAGE,CRAIG (HP-UnitedKingdom,ex2)" wrote:
>
> Hmmm, I'm not sure? Any way I can check?
>
> At the moment it's listening on port 8089, as did Apache 1
>
> -----Original Message-----
> From: Peter Van Biesen [mailto:peter.vanbiesen@vlafo.be]
> Sent: 07 August 2002 08:32
> To: modproxy-dev@apache.org
> Cc: 'users@httpd.apache.org'
> Subject: Re: Upgrading an Apache proxy server.
>
> Sorry, not quite awake this morning, what I meant is , do you permit CONNECT
> request on port 443 ?
>
> Peter.
>
> peter.vanbiesen@vlafo.be wrote:
> >
> > > "SAVAGE,CRAIG (HP-UnitedKingdom,ex2)" wrote:
> > >
> > > Hi,
> > >
> > > I have encountered a slight problem in an upgrade I am performing,
> > > and would ask for some advice...
> > >
> > > I had an Apache 1 server functioning as a proxy. Nothing else, just
> > > a proxy that needed to be able to contact HTTP and HTTPS sites.
> > >
> > > I upgraded to Apache 2.0.39 and now the proxy will only connect to
> > > HTTP sites.
> > >
> > > It's probably something silly I've forgotten to do/ or done :) So
> > > please take the time to point out my folly?
> > Does your server/proxy listen to port 443 ?
> >
> > >
> > > Thanks for your time
> > > Craig Savage
> > > Hewlett-Packard | HP Services | Bristol
> > >
> > > This message is confidential and may also be legally privileged. If
> > > you are not the intended recipient please notify the sender
> > > immediately. You must not copy this message or use it for any
> > > purpose, nor publish or disclose its contents to any other person.

RE: Upgrading an Apache proxy server.

On Wed, 2002-08-07 at 05:52, SAVAGE,CRAIG (HP-UnitedKingdom,ex2) wrote:
> Hmmm, I'm not sure? Any way I can check?
>
> At the moment it's listening on port 8089, as did Apache 1

you may want to attach the relevant part of your config
(masking out the private stuff of course)
> -----Original Message-----
> From: Peter Van Biesen [mailto:peter.vanbiesen@vlafo.be]
> Sent: 07 August 2002 08:32
> To: modproxy-dev@apache.org
> Cc: 'users@httpd.apache.org'
> Subject: Re: Upgrading an Apache proxy server.
>
>
> Sorry, not quite awake this morning, what I meant is , do you permit CONNECT
> request on port 443 ?
>
> Peter.
>
> peter.vanbiesen@vlafo.be wrote:
> >
> > > "SAVAGE,CRAIG (HP-UnitedKingdom,ex2)" wrote:
> > >
> > > Hi,
> > >
> > > I have encountered a slight problem in an upgrade I am performing,
> > > and would ask for some advice...
> > >
> > > I had an Apache 1 server functioning as a proxy. Nothing else, just
> > > a proxy that needed to be able to contact HTTP and HTTPS sites.
> > >
> > > I upgraded to Apache 2.0.39 and now the proxy will only connect to
> > > HTTP sites.
> > >
> > > It's probably something silly I've forgotten to do/ or done :) So
> > > please take the time to point out my folly?
> > Does your server/proxy listen to port 443 ?
> >
> > >
> > > Thanks for your time
> > > Craig Savage
> > > Hewlett-Packard | HP Services | Bristol
> > >
> > > This message is confidential and may also be legally privileged. If
> > > you are not the intended recipient please notify the sender
> > > immediately. You must not copy this message or use it for any
> > > purpose, nor publish or disclose its contents to any other person.
--
Ian Holsman
Performance Measurement & Analysis
CNET Networks
PH: 415-344-2608

RE: Upgrading an Apache proxy server.

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_000_01C23F7F.C07206D0
Content-Type: text/plain

Hi,

Okay, I've attached the cutdown .conf file - I'll sum up quickly what the
box is doing:

Box is functioning as a proxy only. Does not serve webpages.
Gets HTTP sites fine
Does not get HTTPS - looks like it connects, but doesn't get the data (I've
tried a few sites, and Apache1 works fine with all of them)

Any further ideas?



-----Original Message-----
From: Ian Holsman [mailto:Ian.Holsman@cnet.com]
Sent: 07 August 2002 16:39
To: modproxy-dev@apache.org
Subject: RE: Upgrading an Apache proxy server.


On Wed, 2002-08-07 at 05:52, SAVAGE,CRAIG (HP-UnitedKingdom,ex2) wrote:
> Hmmm, I'm not sure? Any way I can check?
>
> At the moment it's listening on port 8089, as did Apache 1

you may want to attach the relevant part of your config
(masking out the private stuff of course)
> -----Original Message-----
> From: Peter Van Biesen [mailto:peter.vanbiesen@vlafo.be]
> Sent: 07 August 2002 08:32
> To: modproxy-dev@apache.org
> Cc: 'users@httpd.apache.org'
> Subject: Re: Upgrading an Apache proxy server.
>
>
> Sorry, not quite awake this morning, what I meant is , do you permit
> CONNECT request on port 443 ?
>
> Peter.
>
> peter.vanbiesen@vlafo.be wrote:
> >
> > > "SAVAGE,CRAIG (HP-UnitedKingdom,ex2)" wrote:
> > >
> > > Hi,
> > >
> > > I have encountered a slight problem in an upgrade I am performing,
> > > and would ask for some advice...
> > >
> > > I had an Apache 1 server functioning as a proxy. Nothing else,
> > > just
> > > a proxy that needed to be able to contact HTTP and HTTPS sites.
> > >
> > > I upgraded to Apache 2.0.39 and now the proxy will only connect to
> > > HTTP sites.
> > >
> > > It's probably something silly I've forgotten to do/ or done :) So
> > > please take the time to point out my folly?
> > Does your server/proxy listen to port 443 ?
> >
> > >
> > > Thanks for your time
> > > Craig Savage
> > > Hewlett-Packard | HP Services | Bristol
> > >
> > > This message is confidential and may also be legally privileged.
> > > If
> > > you are not the intended recipient please notify the sender
> > > immediately. You must not copy this message or use it for any
> > > purpose, nor publish or disclose its contents to any other person.
--
Ian Holsman
Performance Measurement & Analysis
CNET Networks
PH: 415-344-2608


------_=_NextPart_000_01C23F7F.C07206D0
Content-Type: application/octet-stream;
name="httpd_cutdown.conf"
Content-Disposition: attachment;
filename="httpd_cutdown.conf"

Listen 8089

LoadModule access_module modules/mod_access.so
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_module modules/mod_auth.so
#LoadModule auth_anon_module modules/mod_auth_anon.so
#LoadModule auth_dbm_module modules/mod_auth_dbm.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule cgi_module modules/mod_cgi.so
#LoadModule dav_module modules/mod_dav.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule dir_module modules/mod_dir.so
LoadModule env_module modules/mod_env.so
#LoadModule expires_module modules/mod_expires.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule headers_module modules/mod_headers.so
LoadModule imap_module modules/mod_imap.so
LoadModule include_module modules/mod_include.so
#LoadModule info_module modules/mod_info.so
LoadModule isapi_module modules/mod_isapi.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule negotiation_module modules/mod_negotiation.so
#LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule status_module modules/mod_status.so
#LoadModule unique_id_module modules/mod_unique_id.so
LoadModule userdir_module modules/mod_userdir.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
#LoadModule ssl_module modules/mod_ssl.so


ProxyRequests On


Order deny,allow
Deny from all
Allow from 192.x.x.x
Allow from 192.x.x.x
Allow from 192.x.x.x
Allow from 192.x.x.x
Allow from 192.x.x.x
Allow from 192.x.x.x
Allow from 192.x.x.x


ProxyVia On




Include conf/ssl.conf


------_=_NextPart_000_01C23F7F.C07206D0--