Search Results

Search found 12497 results on 500 pages for 'linked servers'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 284/500 | < Previous Page | 280 281 282 283 284 285 286 287 288 289 290 291  | Next Page >

  • How much effort is SQL Server 2008 Administration?

    - by Adrian Grigore
    Hi, I am looking for a suitable hosting environment for an ASP.NET MVC application. One of the options I have is renting a Hyper-V server and installing my license of SQL Server 2008 on it. I'm a bit wary of shared hosting since the one I have tried so far did not seem to have very consistent performance. One potential problem is that I would have I do not not know much about SQL Server administration, so I am not sure if this is a good option. I've been running a failover cluster of two linux dedicated servers for over 5 years now and MySQL never gave me any trouble. But that was Linux, and it might be different with a windows system. Is running a halfway efficient MS SQL Server 2008 difficult? Does it require any in-depth administration knowledge? Or perhaps recurring administration effort (such as keeping the server up to date with the latest patches)? Or is it rather an "install and forget" experience similar to MySQL?

    Read the article

  • Packet loss rate with iperf and tcpdump

    - by stefita
    I tested a line for its link quality with iperf. The measured speed (UDP port 9005) was 96Mbps, which is fine, because both servers are connected with 100Mbps to the internet. On the other hand the datagram loss rate was shown to be 3.3-3.7%, which I found a little too much. Using a high-speed transfer protocol I recorded the packets on both sides with tcpdump. Than I calculated the packet loss - average 0.25%. Have anyone an explanation, where this big difference may be coming from? What is an acceptable packet loss in your opinion?

    Read the article

  • Minimizing SQL transaction log file size on developer box running simple recovery model

    - by Anders Rask
    We have alot of SQL servers on development environment where we never take backup of the databases (TFS for code is enough). The (SharePoint) databases are all set to simple recovery model, but the log files, especially for the SharePoint configuration database is growing quite large and filling up our data drive on the SQL server. Since these log files are never used for anything, i would like advice on how to best minimize the size of these log files -or even disable them if possible. I'm not completely sure why the log files grow so large even on simple logging (checked for long running transactions (DBCC OPENTRAN) but found none). I guess the reason for the log files not being truncated is, that we dont take any backups, and hence Checkpoints arent reached. The autogrowth for log files are set to autogrow by 10% restricted to 2 gb, so i guess that is why Checkpoint (70%) arent reached here either. What would be the be best strategy to keep log files small (best case 0) without sacrificing performance (eg VLF fragmentation)?

    Read the article

  • Download HP Power Protector for ESXi

    - by Mark Henderson
    The HP PowerProtector user guide states that to install the HP PowerProtector client on an ESXi Host: Download the latest version of HPPP from the HP website (http://www.hp.com/go/rackandpower). The ESXi Server is automatically detected, and a shutdown command script is generated. However in typical HP fashion, after clicking through no less than 6 different links to get to the downloads page, I am presented with: http://h18004.www1.hp.com/products/servers/proliantstorage/power-protection/software/power-protector/pp-dl.html HP Power Protector (HPPP) - Windows HP Power Protector (HPPP) - Linux x86 HP Power Protector (HPPP) - Linux x64 HP Power Protector (HPPP) - Linux IA64 HP Power Protector (HPPP) - HPUX The Linux packages contain an RPM and in no way resemble what is in the HP documentation. None of these are labelled for ESXi. Does anyone know where or how to get the HP Power Protector ESXi client installed?

    Read the article

  • Virus that tries to brute force attack Active Directory users (in alphabetical order)?

    - by Nate Pinchot
    Users started complaining about slow network speed so I fired up Wireshark. Did some checking and found many PCs sending packets similar to the following: (screenshot) http://imgur.com/45VlI.png I blurred out the text for the username, computer name and domain name (since it matches the internet domain name). Computers are spamming the Active Directory servers trying to brute force hack passwords. It will start with Administrator and go down the list of users in alphabetical order. Physically going to the PC finds no one anywhere near it and this behavior is spread across the network so it appears to be a virus of some sort. Scanning computers which have been caught spamming the server with Malwarebytes, Super Antispyware and BitDefender (this is the antivirus the client has) yields no results. This is an enterprise network with about 2500 PCs so doing a rebuild is not a favorable option. My next step is to contact BitDefender to see what help they can provide. Has anybody seen anything like this or have any ideas what it could possibly be?

    Read the article

  • Howto WCF Service HTTPS Binding and Endpoint Configuration in IIS with Load Balancer?

    - by Mike G
    We have a WCF service that is being hosted on a set of 12 machines. There is a load balancer that is a gateway to these machines. Now the site is setup as SSL; as in a user accesses it through using an URL with https. I know this much, the URL that addresses the site is https, but none of the servers has a https binding or is setup to require SSL. This leads me to believe that the load balancer handles the https and the connection from the balancer to the servers are unencrypted (this takes place behind the firewall so no biggie there). The problem we're having is that when a Silverlight client tries to access a WCF service it is getting a "Not Found" error. I've set up a test site along with our developer machines and have made sure that the bindings and endpoints in the web.config work with the client. It seems to be the case in the production environment that we get this error. Is there anything wrong with the following web.config? Should we be setting up how https is handled in a different manner? We're at a loss on this currently since I've tried every programmatic solution with endpoints and bindings. None of the solutions I have found deal with a load balancer in the manner we're dealing. Web.config service model info: <system.serviceModel> <behaviors> <serviceBehaviors> <behavior name="TradePMR.OMS.Framework.Services.CRM.CRMServiceBehavior"> <serviceMetadata httpsGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> <behavior name="TradePMR.OMS.Framework.Services.AccountAggregation.AccountAggregationBehavior"> <serviceMetadata httpsGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> </serviceBehaviors> </behaviors> <bindings> <customBinding> <binding name="SecureCRMCustomBinding"> <binaryMessageEncoding /> <httpsTransport /> </binding> <binding name="SecureAACustomBinding"> <binaryMessageEncoding /> <httpsTransport /> </binding> </customBinding> <mexHttpsBinding> <binding name="SecureMex" /> </mexHttpsBinding> </bindings> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> <!--Defines the services to be used in the application--> <services> <service behaviorConfiguration="TradePMR.OMS.Framework.Services.CRM.CRMServiceBehavior" name="TradePMR.OMS.Framework.Services.CRM.CRMService"> <endpoint address="" binding="customBinding" bindingConfiguration="SecureCRMCustomBinding" contract="TradePMR.OMS.Framework.Services.CRM.CRMService" name="SecureCRMEndpoint" /> <!--This is required in order to be able to use the "Update Service Reference" in the Silverlight application--> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" /> </service> <service behaviorConfiguration="TradePMR.OMS.Framework.Services.AccountAggregation.AccountAggregationBehavior" name="TradePMR.OMS.Framework.Services.AccountAggregation.AccountAggregation"> <endpoint address="" binding="customBinding" bindingConfiguration="SecureAACustomBinding" contract="TradePMR.OMS.Framework.Services.AccountAggregation.AccountAggregation" name="SecureAAEndpoint" /> <!--This is required in order to be able to use the "Update Service Reference" in the Silverlight application--> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" /> </service> </services> </system.serviceModel> </configuration> The ServiceReferences.ClientConfig looks like this: <configuration> <system.serviceModel> <bindings> <customBinding> <binding name="StandardAAEndpoint"> <binaryMessageEncoding /> <httpTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" /> </binding> <binding name="SecureAAEndpoint"> <binaryMessageEncoding /> <httpsTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" /> </binding> <binding name="StandardCRMEndpoint"> <binaryMessageEncoding /> <httpTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" /> </binding> <binding name="SecureCRMEndpoint"> <binaryMessageEncoding /> <httpsTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" /> </binding> </customBinding> </bindings> <client> <endpoint address="https://Service2.svc" binding="customBinding" bindingConfiguration="SecureAAEndpoint" contract="AccountAggregationService.AccountAggregation" name="SecureAAEndpoint" /> <endpoint address="https://Service1.svc" binding="customBinding" bindingConfiguration="SecureCRMEndpoint" contract="CRMService.CRMService" name="SecureCRMEndpoint" /> </client> </system.serviceModel> </configuration> (The addresses are of no consequence since those are dynamically built so that they will point to a dev's machine or to the production server)

    Read the article

  • Memory Pressure Protection Feature for TCP Stack - Provided by Microsoft Security Update KB967723

    - by Angry_IT_Guru
    We've been having a lot of funky issues with some of our web based applications that allow clients to submit lot of image files to our servers. Lots of ports are used in the process. http://www.microsoft.com/technet/security/bulletin/MS09-048.mspx - released in Sept-2009. support.microsoft.com/kb/974288 - Memory Pressure Protection description. Evidently, after applying KB967723, our clients receive funky error messages as if connections cannot be made to the server or connections have been closed. There doesn't appear to be a pattern and sometimes it works and other times is doesn't. Typically we've noticed it when server is under load. I'm curious what others think about this MPP and any issues that you may have experienced from it. I understand its purpose, but I think it may have broken a lot of apps in the process. It doesn't look like Microsoft made this "feature" public to everyone.

    Read the article

  • virtual directory make file copy operation extremely slow on UNC Path (IIS 7.5 bug?)

    - by user144737
    When i create a website/virtual directory pointing to UNC path, its make our file copy extremely slow on the UNC path. 6 seconds for file copy (~13 M) on the UNC path without any virtual directory/website pointing to it. over 1 mins. for file copy (same files ~13M) on the same UNC path with virtual directory/website pointing to it. All file copy operation run on web server side. Our setting as below: Web server - Windows Server standard R2 2008 / IIS 7.5 File server - Windows Server standard 2003 I have tested this case on 3 servers (Windows Server standard R2 2008 / IIS 7.5) and got same result. I also tested this case on 2 windows 2003 / IIS 6, it won't slow down the file copy. Is it IIS 7.5 bug? any patch/hotfix to solve this case? Thank you. Gordon

    Read the article

  • Exposing BL as WCF service

    - by Oren Schwartz
    I'm working on a middle-tier project which encapsulates the business logic (uses a DAL layer, and serves a web application server [ASP.net]) of a product deployed in a LAN. The BL serves as a bunch of services and data objects that are invoked upon user action. At present times, the DAL acts as a separate application whereas the BL uses it, but is consumed by the web application as a DLL. Both the DAL and the web application are deployed on different servers inside organization, and since the BL DLL is consumed by the web application, it resides in the same server. The worst thing about exposing the BL as a DLL is that we lost track with what we expose. Deployment is not such a big issue since mostly, product versions are deployed together. Would you recommend migrating from DLL to WCF service? if so, why ? Do you know anyone who had a similar experience ? Thank you !

    Read the article

  • Exposing BL as WCF service

    - by Oren Schwartz
    I'm working on a middle-tier project which encapsulates the business logic (uses a DAL layer, and serves a web application server [ASP.net]) of a product deployed in a LAN. The BL serves as a bunch of services and data objects that are invoked upon user action. At present times, the DAL acts as a separate application whereas the BL uses it, but is consumed by the web application as a DLL. Both the DAL and the web application are deployed on different servers inside organization, and since the BL DLL is consumed by the web application, it resides in the same server. The worst thing about exposing the BL as a DLL is that we lost track with what we expose. Deployment is not such a big issue since mostly, product versions are deployed together. Would you recommend migrating from DLL to WCF service? if so, why ? Do you know anyone who had a similar experience ?

    Read the article

  • L2TP with PEAP authentication from MacOS/iOS

    - by Jose
    Following the recent security advisory, I'm reconfiguring our VPN servers and having trouble. We're using Windows 2008 R2 server for VPN services, running RRAS and NPS on the same server and configure it to use PEAP-EAP-MSCHAPV2 authentiation for all tunnel type(PPTP, L2TP, IKEv2, SSTP), which previously allowed plain MSCHAPv2. But Apple products, MacOS and iOS cannot connect to VPN after this change. I tried to install root certificate used in PEAP transaction but no change. Does anyone know whether MacOS/iOS supports PEAP-EAP-MSCHAPv2 authentication in PPTP/L2TP? If so any tips to make it work? (I know PEAP-EAP-MSCHAPv2 is supported in WPA/WPA2 enterprise) Regards.

    Read the article

  • Server 2003 on domain wont let domain user have local profile

    - by RobW
    I have a few servers that are acting in this behavior, you log in and always get put into a temporary profile. The server is licensed for TS. The user I am testing with has local admin rights so it doesn't seem to be a permission issue on the server. I'll first get a message that the users roaming profile cannot be found, even though we dont use roaming profiles. I then get another message immediately after saying a local profile could not be loaded, so it will only use a temp profile. Any help would be greatly appreciated.

    Read the article

  • Setup mod-rewrite

    - by Publiccert
    I'm trying to setup mod-rewrite for a few servers. The code lives in /home/jeff/www/upload/application/ However, this is what's happening. It appears to be a problem with mod-rewrite since it's appending code.py to the beginning of the directory: The requested URL /code.py/home/jeff/www/upload/application/ was not found on this server. Here are the rules. Which one is the culprit? WSGIScriptAlias / /home/jeff/www/upload/application Alias /static /home/jeff/www/upload/public_html <Directory /home/jeff/www/upload/application> SetHandler wsgi-script Options ExecCGI FollowSymLinks </Directory> AddType text/html .py <Location /> RewriteEngine on RewriteBase / RewriteCond %{REQUEST_URI} !^/static RewriteCond %{REQUEST_URI} !^(/.*)+code.py/ RewriteRule ^(.*)$ code.py/$1 [PT] </Location> </VirtualHost>

    Read the article

  • OpenVPN slow with Firewall enabled on Zyxel ZyWall USG-100

    - by aleroot
    I have an OpenVPN server on a Linux machine, after installing a ZyWall USG-100 I'm experiencing extremely slowness navigating web servers on my remote LAN through the VPN connection, while accessing the web interface of the ZyWall is fast. I have configured everything : the Virtual Server for the OpenVPN Server, the static route as with the replaced router that I had before installing the ZyWall Today. I even added a rule to the firewall that allows connection to the OpenVPN Server machine : but navigation on the LAN through the VPN still slow, it seems that the Firewall is blocking packages, since if I disable the firewall on the USG-100 everything works fast as usual, while with the firewall enabled it is extremely slow. Why ? Do I need to add some other rule to the firewall to speed up ?

    Read the article

  • Setting up Lan within a Lan

    - by nageeb
    How unreasonable would it be to setup a small LAN within an existing LAN? I'm setting up a series of video surveillance servers and a number of IP cameras in a client's location and cannot have my equipment on the same network as their local machines. My network is essentially self-contained and the only device that anyone needs to access is a web-app on one of the machines. Basically I'm thinking of installing a SOHO router which would uplink to their LAN, and then set up some NAT rules on both their router and my router, to allow outside access to the webserver. Is there anything fundamental that i'm missing which would prevent this from working?

    Read the article

  • MySQL replication Slave_IO_Running: No

    - by Christy
    Hi all, I have two servers that I am trying to get replication of one database between. I found a setup guide on sourceforge that I followed and I have tried various other settings since then, but no matter what I do, when I start the slave, the 'Slave_IO_Running' setting is always No.... I have no idea why or what to look at, any suggestions are appreciated. The slave setup was: CHANGE MASTER TO MASTER_HOST='myserver.mydomain.net', MASTER_USER='slave_user', 'MASTER_PASSWORD='mypassword', 'MASTER_LOG_FILE='mysql-bin.000011', MASTER_LOG_POS=1368363 (last data from today, trying to do setup again. I deleted and recreated the database on the slave from a new dump and tried to redo the setup.) I have slave_user setup for %, localhost, and the specific IP of the slave computer but nothing seems to be working... Thanks in advance for any advice or suggestions

    Read the article

  • Unable to resolve FQDN, hostname works

    - by HannesFostie
    We are having an issue where computers who are not part of the domain cannot resolve the FQDN of a server (but regular hostname and ip do resolve). The strange thing is that this does work when the computer is added to the network. Our domain name is rather long, its something along the lines of "team.dept.company.com", could that be it? DHCP server passes along the proper DNS, Name and WINS servers, as well as the domain name. I thought that should've solved the problem, but apparently not really. Our domain is still windows2003 EDIT: I am starting to believe I can narrow this down to a problem either with the vmware tools NIC drivers that are embedded in my winPE boot image, or to the fact that I'm trying to do this from inside a VM. Pinging a FQDN at the same time when using a different task sequence on a physical machine works.

    Read the article

  • Backing up Information Store - Recovering to Different Information Store / RSG

    - by Kip
    Hi All, I have a question on a situation, that hasn't yet arrisen but I wondered the possibilities and how we go about it. Currently we backup our Exchange 2003 Cluster with Backup exec. Currently it is set to backup the Microsoft Information Store on that server and all of the Mailbox Stores beneath it. We have previously used this in conjunction with a recovery storage group on the same server to recover lost mailboxes. However, due to space constrictions on that server ( a seperate issue that is being addressed in the very near future but outside of the scope of this question) we now don't have enough space on that server to do a recovery storage group type restore. Is it possible, to restore an information store, to a different server in the same administrative group (ie first)? By that I mean we have the following: Server1 | First Storage Group | Mailbox Store1/2/3 Could Mailbox Store 1 be restored to: Server2 | First Storage Group | Recovery Storage Group Both servers are under the same Administrative Group Currently for whatever reason ( mainly time) the mailboxes are not being backed up individually. Regards Kip

    Read the article

  • Exchange 2010 to Exchange 2010 Public Folder Replication

    - by Archit Baweja
    We have 2 exchange servers in our org. MX1 and MX2. I'm trying to replicate all MX1 public folders to MX2. I've setup replication for all the toplevel folders to include the MX2 server. However no public folders are being replicated. The event log does not show any errors. I've set the diagnostic level for all public folder diagnostics to Highest using get-eventloglevel "MSExchangeIS\9001 Public\*" | set-eventloglevel -Level Expert However besides a 3092 event ID (type: 0x2) generated on MX1 (the source server), there are no events being generated that would notify me of any issues. Some technical details. MX1 is Windows 2008 Standard, MX2 is Windows 2008 Enterprise (eval mode right now).

    Read the article

  • Massive Network Upgrade

    - by Cliff Racer
    I find myself tasked with organizing an upgrade of our entire Active Directory from server 2003 to 2008. We run a few AD dependant services such as Exchange 2007 SQL Server 2008 SharePoint 2007 All of which we are looking to bring up to date as well with their most recent versions. The original AD was a little bit of a mess (the exchange upgrade from 2003 left some stuff in the AD database that I make references to servers that no longer exist for example). Here is what I want to accomplish Migrate the domain from our 2003 to a NEW clean 2008r2 domain Upgrade from Sharepoint 2007 to 2010 Upgrade Exchange from 2007 to 2010 My question is, in what order do we do things? Can I do a domain upgrade and simply migrate exchange after? On their own, these objectives are complicated enough, orchestrating them in our company while minimizing downtime is making my head spin. I have done a lot of the research on how to do them individually but I am having trouble figuring out how to do them all in concert.

    Read the article

  • Samba: session setup failed: NT_STATUS_LOGON_FAILURE

    - by stivlo
    I tried to set up Samba with "unix password sync", but I still get logon failure. I am running Ubuntu Natty Narwhal. $ smbclient -L localhost Enter stivlo's password: session setup failed: NT_STATUS_LOGON_FAILURE Here is my /etc/samba/smb.conf [global] workgroup = obliquid server string = %h server (Samba, Ubuntu) dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user [www] path = /var/www browsable = yes read only = no create mask = 0755 After modifying I restarted the servers: $ sudo restart smbd $ sudo restart nmbd However I still can't logon with my Unix username and password. Can anyone please help? Thank you in advance!

    Read the article

  • What are industry standards and professional best practices in network hosts naming? [closed]

    - by Ivan
    Possible Duplicate: Naming convention for computers It seems an important and difficult dilemma for me how to name network hosts (routers, servers (while a server can be a router and host diverse services at the same time), virtual machines (while they host important services and can migrate), workstations and notebooks (using pc-username is not the best idea as users may change), printers & MFUs, surveillance IP cameras, etc). Are there known and accepted best practices for this task? Excuse me if there already was a similar question here (I think it probably was), I haven't found it.

    Read the article

  • Force Capistrano to ask for password

    - by Moshe Katz
    I am deploying using Capistrano to a new server and having the following issue. Currently, I cannot add an SSH key to the server to log in with so I must use password authentication. However, I do have a key for another server saved in my local user account's .ssh directory. Here is the error I get when I try to log in: C:\Web\CampMaRabu>cap deploy:setup * executing `deploy:setup' * executing "mkdir -p /home2/webapp1 /home2/webapp1/releases /home2/webapp1/shared /home2/webapp1/shared/system /home2/webapp1/shared/log /home2/webapp1/shared/pids" servers: ["myserver.example.com"] connection failed for: myserver.example.com (OpenSSL::PKey::PKeyError: not a public key "C:/Users/MyAccount/.ssh/id_rsa.pub") How can I get Capistrano to ignore the existence of the key I have and let me log in with a password instead? I tried adding set :password, "myp@ssw0rd" to deploy.rb and it didn't help.

    Read the article

  • Time Machine + Ubee Router?

    - by Charlie
    I can't for the life of me figure this out. I recently had TWC installed in my house, and wanted to disable the NAT and router functions of it. I have a Time Machine hooked up to it from LAN1 (on the Ubee) to the WAN port on the TM. The problems started occurring here. I figured the settings would be these: Ubee Configuration mode: Bridge DHCP: Off TM IPv4: 192.168.100.2 Subnet Mask: 255.255.255.0 Router Address: 192.168.100.1 DNS Servers: 8.8.8.8, 8.8.4.4 Router Mode: DHCP and NAT But using those settings, my TM says "Double NAT", so I have to change it all around to the default settings of the Ubee using NAT. This leads me to believe bridge mode doesn't actually turn off NAT...

    Read the article

  • Can't start httpd 2.4.9 with self-signed SSL certificate

    - by Smollet
    I cannot start the httpd 2.4.9 (tried 2.4.x too) on CentOS 6.5 with the simplest SSL config possible. The openssl version installed on the machine is OpenSSL 1.0.1e-fips 11 Feb 2013 (I've upgraded it using 'yum update' to the latest patched version as well) I have compiled and installed the httpd 2.4.9 using the following commands: ./configure --enable-ssl --with-ssl=/usr/local/ssl/ --enable-proxy=shared --enable-proxy_wstunnel=shared --with-apr=apr-1.5.1/ --with-apr-util=apr-util-1.5.3/ make make install Now I'm generating the default self-signed certificate as described in the CentOS HowTo: openssl genrsa -out ca.key 2048 openssl req -new -key ca.key -out ca.csr openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt cp ca.crt /etc/pki/tls/certs cp ca.key /etc/pki/tls/private/ca.key cp ca.csr /etc/pki/tls/private/ca.csr Here is my httpd-ssl.conf file: Listen 443 SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 SSLPassPhraseDialog builtin SSLSessionCache "shmcb:/usr/local/apache2/logs/ssl_scache(512000)" SSLSessionCacheTimeout 300 <VirtualHost *:443> SSLEngine on SSLCertificateFile /etc/pki/tls/certs/ca.crt SSLCertificateKeyFile /etc/pki/tls/private/ca.key <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "/usr/local/apache2/cgi-bin"> SSLOptions +StdEnvVars </Directory> BrowserMatch "MSIE [2-5]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog "/usr/local/apache2/logs/ssl_request_log" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> when I start httpd using bin/apachectl -k start I get following errors in the error_log: Wed Jun 04 00:29:27.995654 2014] [ssl:info] [pid 24021:tid 139640404293376] AH01887: Init: Initializing (virtual) servers for SSL [Wed Jun 04 00:29:27.995726 2014] [ssl:info] [pid 24021:tid 139640404293376] AH01914: Configuring server 192.168.9.128:443 for SSL protocol [Wed Jun 04 00:29:27.995863 2014] [ssl:debug] [pid 24021:tid 139640404293376] ssl_engine_init.c(312): AH01893: Configuring TLS extension handling [Wed Jun 04 00:29:27.996111 2014] [ssl:debug] [pid 24021:tid 139640404293376] ssl_util_ssl.c(343): AH02412: [192.168.9.128:443] Cert matches for name '192.168.9.128' [subject: CN=192.168.9.128,OU=XXX,O=XXXX,L=XXXX,ST=NRW,C=DE / issuer: CN=192.168.9.128,OU=XXX,O=XXXX,L=XXXX,ST=NRW,C=DE / serial: AF04AF31799B7695 / notbefore: Jun 3 22:26:45 2014 GMT / notafter: Jun 3 22:26:45 2015 GMT] [Wed Jun 04 00:29:27.996122 2014] [ssl:info] [pid 24021:tid 139640404293376] AH02568: Certificate and private key 192.168.9.128:443:0 configured from /etc/pki/tls/certs/ca.crt and /etc/pki/tls/private/ca.key [Wed Jun 04 00:29:27.996209 2014] [ssl:info] [pid 24021:tid 139640404293376] AH01914: Configuring server 192.168.9.128:443 for SSL protocol [Wed Jun 04 00:29:27.996280 2014] [ssl:debug] [pid 24021:tid 139640404293376] ssl_engine_init.c(312): AH01893: Configuring TLS extension handling [Wed Jun 04 00:29:27.996295 2014] [ssl:emerg] [pid 24021:tid 139640404293376] AH02572: Failed to configure at least one certificate and key for 192.168.9.128:443 [Wed Jun 04 00:29:27.996303 2014] [ssl:emerg] [pid 24021:tid 139640404293376] SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: DH PARAMETERS) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile? [Wed Jun 04 00:29:27.996308 2014] [ssl:emerg] [pid 24021:tid 139640404293376] SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: EC PARAMETERS) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile? [Wed Jun 04 00:29:27.996318 2014] [ssl:emerg] [pid 24021:tid 139640404293376] SSL Library Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned [Wed Jun 04 00:29:27.996321 2014] [ssl:emerg] [pid 24021:tid 139640404293376] AH02312: Fatal error initialising mod_ssl, exiting. AH00016: Configuration Failed I then try to generate missing DH PARAMETERS and EC PARAMETERS: openssl dhparam -outform PEM -out dhparam.pem 2048 openssl ecparam -out ec_param.pem -name prime256v1 cat dhparam.pem ec_param.pem >> /etc/pki/tls/certs/ca.crt And it mitigates the error but the next comes out: [Wed Jun 04 00:34:05.021438 2014] [ssl:info] [pid 24089:tid 140719371077376] AH01887: Init: Initializing (virtual) servers for SSL [Wed Jun 04 00:34:05.021487 2014] [ssl:info] [pid 24089:tid 140719371077376] AH01914: Configuring server 192.168.9.128:443 for SSL protocol [Wed Jun 04 00:34:05.021874 2014] [ssl:debug] [pid 24089:tid 140719371077376] ssl_engine_init.c(312): AH01893: Configuring TLS extension handling [Wed Jun 04 00:34:05.022050 2014] [ssl:debug] [pid 24089:tid 140719371077376] ssl_util_ssl.c(343): AH02412: [192.168.9.128:443] Cert matches for name '192.168.9.128' [subject: CN=192.168.9.128,OU=XXX,O=XXXX,L=XXXX,ST=NRW,C=DE / issuer: CN=192.168.9.128,OU=XXX,O=XXXX,L=XXXX,ST=NRW,C=DE / serial: AF04AF31799B7695 / notbefore: Jun 3 22:26:45 2014 GMT / notafter: Jun 3 22:26:45 2015 GMT] [Wed Jun 04 00:34:05.022066 2014] [ssl:info] [pid 24089:tid 140719371077376] AH02568: Certificate and private key 192.168.9.128:443:0 configured from /etc/pki/tls/certs/ca.crt and /etc/pki/tls/private/ca.key [Wed Jun 04 00:34:05.022285 2014] [ssl:debug] [pid 24089:tid 140719371077376] ssl_engine_init.c(1016): AH02540: Custom DH parameters (2048 bits) for 192.168.9.128:443 loaded from /etc/pki/tls/certs/ca.crt [Wed Jun 04 00:34:05.022389 2014] [ssl:debug] [pid 24089:tid 140719371077376] ssl_engine_init.c(1030): AH02541: ECDH curve prime256v1 for 192.168.9.128:443 specified in /etc/pki/tls/certs/ca.crt [Wed Jun 04 00:34:05.022397 2014] [ssl:info] [pid 24089:tid 140719371077376] AH01914: Configuring server 192.168.9.128:443 for SSL protocol [Wed Jun 04 00:34:05.022464 2014] [ssl:debug] [pid 24089:tid 140719371077376] ssl_engine_init.c(312): AH01893: Configuring TLS extension handling [Wed Jun 04 00:34:05.022478 2014] [ssl:emerg] [pid 24089:tid 140719371077376] AH02572: Failed to configure at least one certificate and key for 192.168.9.128:443 [Wed Jun 04 00:34:05.022488 2014] [ssl:emerg] [pid 24089:tid 140719371077376] SSL Library Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned [Wed Jun 04 00:34:05.022491 2014] [ssl:emerg] [pid 24089:tid 140719371077376] AH02312: Fatal error initialising mod_ssl, exiting. AH00016: Configuration Failed I have tried to generate the simple certificate/key pair exactly as described in the httpd docs Unfortunately, I still get exact same errors as above. I've seen a bug report with the similar issue: https://issues.apache.org/bugzilla/show_bug.cgi?id=56410 But the openssl version I have is reported as working there. I've also tried to apply the patch from the report as well as build the latest 2.4.x branch with no success, I get the same errors as above. I have also tried to create a short chain of certificates and set the root CA certificate using SSLCertificateChainFile directive. That didn't help either, I get exact same errors as above. I'm not interested in setting up hardened security, etc. The only thing I need is to start httpd with the simplest SSL config possible to continue testing proxy config for the mod_proxy_wstunnel Had anybody encountered and solved this issue? Is my sequence for creating a self-signed certificate incorrect? I'd appreciate any help very much!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 280 281 282 283 284 285 286 287 288 289 290 291  | Next Page >