WebLogic 7.0.1 and apache ssl plug-in

I am not seeing any forwarding of SSL requests from Apache to WebLogic once I upgraded
from 7.0.0.1 to 7.0.1 and used the new plug-in. I actually found the plug-in
size for solaris to be smaller then the 7.0.0.1 which I found to be a little strange.
The old plug-in does not work either.
I am not sure if this is a bug or what, just want to see if anyone has a similar
setup and seeing similar issues. We run OpenSSL on Apache 1.3.9 and this was
working fine in 7.0.0.1 and just stopped working for the SSL pages only, the regular
pages pass through no problem.

Similar Messages

Apach1 .1.3.22+ mod_ssl /Weblogic 5.1 Browser to Apache SSL does not work

We are using Weblogic 5.1 and apache 1.3.22+mod_ssl. HTTPS requests to the apache
server for jsp do not work. However if
a HTTP request for the same jsp is made, it works.
SSL requests only work if the ServerName directive for HTTP
server and the 443 Virtual Server are commented out in httpd.conf. Is this right?

Hi.
Firstly, this is not a supported configuration. The latest version of apache we
certify is 1.3.19. See the following link for supported platforms:
http://edocs.bea.com/wls/platforms/index.html#apach.
Without seeing your httpd.conf file this should work. You probably already know this,
but with WLS 5.1 https between the server and the plugin is not supported, so apache
needs to translate all http/https requests to http for WLS.
I recommend you try posting this question to the plugin newsgroup -
weblogic.developer.interest.plugin.
Thanks,
Michael
shakeel rao wrote:
We are using Weblogic 5.1 and apache 1.3.22+mod_ssl. HTTPS requests to the apache
server for jsp do not work. However if
a HTTP request for the same jsp is made, it works.
SSL requests only work if the ServerName directive for HTTP
server and the 443 Virtual Server are commented out in httpd.conf. Is this right?--
Michael Young
Developer Relations Engineer
BEA Support

Multiple applications: weblogic 6.0 sp1 and apache 1.3.12 proxy

Hi,
We are testing the following setup:
Weblogic 6.0 SP1 running on Solaris 8 (SUN, ip: 192.168.0.1)
Apache 1.3.12 running on Linux (ip: 192.168.0.2)
We have two applications setup on weblogic in the following
directories:
$WL_HOME/config/mydomain/applications/app1 and
$WL_HOME/config/mydomain/applications/app2
The idea is to set up virtual hosts on the apache server and
depending on the url, redirect the client to a specific
application. So for the application app1 we have the following
setup in httpd.conf:
<Files ~ "*.jsp>
SetHandler weblogic-handler
PathPrepend /app1
</Files>
<IfModule mod_weblogic.c>
WebLogicHost 192.168.0.1
WebLogicPort 7001
DebugConfigInfo ON
Debug ALL
</IfModule>
This seems to work fine, e.g. if the client requests a page
http://app1.url.com/index.jsp this gets correctly passed to
weblogic as http://192.168.0.1:7001/app1/index.jsp.
BUT when a jsp page does a response.sendRedirect
(redirectpage.jsp), weblogic tells the client to redirect to
http://app1.url.com/app1/redirectpage.jsp. *Apache* immediately
comes back with an error 404. Is there a way of stripping
the /app1 path from the redirect page that gets sent
to the client?
OR is there a better way of hosting multiple applications on a
server?
This is only a problem when we use sendRedirect.
Any ideas
Thanks
Richard

Bob:
Fixed in SP 4. Out very, very soon.
mbg
In article <3969eabe$[email protected]>, [email protected] says...
Hello;
Can someone tell me how I might make this configuration work? I'm trying to
run multiple Weblogic Process on one box and 1 Apache Process on another
box. I would like to utilize the "VirtualHosting by name" via the HTTP1.1
protocol and use the weblogic plugin.
SNIP
When I try to call the website:
http://1stVirtual.host.com/weblogic/ I get this:
Failure of WebLogic APACHE bridge:
Neither WebLogicCluster nor WebLogicHost parameter was specified in
httpd.conf. Cannot continue.
Anyhelp would be greatly appreciated.
-Bob--
==================================================
NewsGroup Rant
==================================================
Rant 1.
The less info you provide about your problem means
the less we can help you. Try to look at the
problem from an external perspective and provide
all the data necessary to put your problem in
perspective.

Weblogic 5.1 SP3 and Apache 1.3.12 Config Question

Hello;
Can someone tell me how I might make this configuration work? I'm trying to
run multiple Weblogic Process on one box and 1 Apache Process on another
box. I would like to utilize the "VirtualHosting by name" via the HTTP1.1
protocol and use the weblogic plugin.
*** HTTPD.CONF FILE ***
LoadModule weblogic_module libexec/mod_wl.so
<VirtualHost 1stVirtual.host.com>
<Location /weblogic>
SetHandler weblogic-handler
PathTrim weblogic
</Location>
<Location /servletimages>
SetHandler weblogic-handler
Pathtrim something
</Location>
<IfModule mod_weblogic.c>
Include conf/1stVirtual.conf
</IfModule>
</VirtualHost>
<VirtualHost 2ndVirtual.host.com>
<Location /weblogic>
SetHandler weblogic-handler
PathTrim weblogic
</Location>
<Location /servletimages>
SetHandler weblogic-handler
Pathtrim something
</Location>
<IfModule mod_weblogic.c>
Include conf/2ndVirtual.conf
</IfModule>
</VirtualHost>
AddModule mod_weblogic.c
*** 1stVIRTUAL.CONF File ****
WebLogicHost 1stVirtual.host.com
WebLogicPort 7003
When I try to call the website:
http://1stVirtual.host.com/weblogic/ I get this:
Failure of WebLogic APACHE bridge:
Neither WebLogicCluster nor WebLogicHost parameter was specified in
httpd.conf. Cannot continue.
Anyhelp would be greatly appreciated.
-Bob
P.S.- My Configuration is as follows:
WEBLOGIC SERVER
Solaris 2.6
Weblogic 5.1 SP3
APACHE SERVER
Solaris 2.6
Apache 1.3.12

Bob:
Fixed in SP 4. Out very, very soon.
mbg
In article <3969eabe$[email protected]>, [email protected] says...
Hello;
Can someone tell me how I might make this configuration work? I'm trying to
run multiple Weblogic Process on one box and 1 Apache Process on another
box. I would like to utilize the "VirtualHosting by name" via the HTTP1.1
protocol and use the weblogic plugin.
SNIP
When I try to call the website:
http://1stVirtual.host.com/weblogic/ I get this:
Failure of WebLogic APACHE bridge:
Neither WebLogicCluster nor WebLogicHost parameter was specified in
httpd.conf. Cannot continue.
Anyhelp would be greatly appreciated.
-Bob--
==================================================
NewsGroup Rant
==================================================
Rant 1.
The less info you provide about your problem means
the less we can help you. Try to look at the
problem from an external perspective and provide
all the data necessary to put your problem in
perspective.

Weblogic 6.1's 2-way SSL

I'm using wsl proxy plug-in between iPlanet Webserver 4.1SP9 and
wsl 6.1.
The obj.conf of iPlanet web server was configured to use path proxy:
-------- httpd.conf --------
Init fn="load-modules" funcs="wl_proxy,wl_init" shlib="/usr/netscape/web/plugin\
s/lib/libproxy.so"
Init fn="wl_init"
<Object name="weblogic" ppath="*/weblogic/*">
Service fn="wl_proxy" WebLogicHost="wsl61.test.com" WebLogicPort="7001" Pat
hTrim="/weblogic"
</Object>
The "Seccurity" parameter "magnus.conf" is set to on and an certificate
was installed on this iPlnet web server.
I was able to open:
https://iplanet.test.com:443/weblogic/console
to set 'Client Certificate Enforced' option in
Petstore's SSL section with port 7002.
I can also access:
https://iplanet.test.com:443/weblogic/estore
to bring up the top page and some pages of the petstore sample
program. But the browser got no data fromt the web server
when I clicked on "Enter the "Store". I then tried to "Enter the Store"
directly through port 7002 (without proxying through iPlanet web server)
and it also returned on data.
I suppose that I have to modify petstore sample codes SSL protocol -
even in 1-way SSL verification. Is this true?
I also tried to change WebLogicPort="7001" to "7002" in obj.conf.
which is tied to the SSL port of wsl61 with some sample certificates.
When I open:
https://iplanet.test.com:443/weblogic/console
The server couldn't locate that object. I checked the adminGuide of
of wsl6.1 on page 13-10. It mentioned 'SecurieProxy' parameter in
the 'Service' directive in the obj.conf has to be set to ON.
So I appended SecureProxy="on" as the following:
<Object name="weblogic" ppath="*/weblogic/*">
Service fn="wl_proxy" WebLogicHost="wsl61.test.com" WebLogicPort="7002" Pat
hTrim="/weblogic" SecureProxy="on"
</Object>
But it still failed to connect to port 7002 of wsl61.
In the FAQs of wsl61 has the section:
Does the 6.1 plug-in support two-way SSL?
No. But the plug-in can be set-up to require the client certificate and
pass it on to WebLogic Server. For example:
apache ssl
SSLVerifyClient require
SSLVerifyDepth 10
SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars
+StrictRequire
I am confused with adminGuide's page 14-49. It talked about how to
confiure 'Mutual Authentification' breifly - it only mentioned
the opton of 'Client Certificate Enforced' besides copying root
certificates into 'config' directory.
Can someone explain to me whether the 2-way authentication can be done
via plug-in proxy? If not, what is the right way/best way for 2-way
authentication? Is anyone have some sample programs like petstore
that work with iPlnet Web server and wsl61 with 2-way authentication?
Thanks in advance.
-kl

I got some progress after digging into appendix
of adminGuide.
I added two more paramaters into obj.conf
service directive:
<Object name="weblogics" ppath="*/weblogics/*">
Service fn="wl_proxy" WebLogicHost="wsl61.test.com" WebLogicPort="7002" Pat\
hTrim="/weblogics" SecureProxy="ON" TrustedCAFile="/usr/netscape/server4/alias/\
ca.pem"
</Object>
When I tried:
https://iplanet.test.com:443/weblogics/
It didn't hang. The browser showed:
No backend server available for connection: timed out after 10 seconds.
But I tested backend server. It was alive.
Anyone got this working?
Thanks.
-kl

Please Help!! Weblogic 8.1.4 with apache 2.0.55 SSL

Using Windows for Apache and Weblogic
I see Client----Apache, Apache to Server, Server to Apache, but Apache to client failing
Fri Feb 24 15:39:40 2006 *******Exception type [WRITE_ERROR_TO_CLIENT] raised at line 650 of ap_proxy.cpp
I have seen many posts where people have seen this but no solutions or responses saying whats the problem or what is the solution?
Can anyone please respond thanks
uday
================New Request: [â‚¬b] =================
Fri Feb 24 15:39:40 2006 INFO: SSL is configured
Fri Feb 24 15:39:40 2006 SSL Main Context not set. Calling InitSSL
Fri Feb 24 15:39:40 2006 INFO: Initializing SSL library
Fri Feb 24 15:39:40 2006 Loaded 1 trusted CA's
Fri Feb 24 15:39:40 2006 INFO: Successfully initialized SSL
Fri Feb 24 15:39:40 2006 INFO: SSL configured successfully
Fri Feb 24 15:39:40 2006 The final request string is '/'
Fri Feb 24 15:39:40 2006 Host extracted from serverlist is [localhost]
Fri Feb 24 15:39:40 2006 Initializing lastIndex=0 for a list of length=1
Fri Feb 24 15:39:40 2006 getListNode: created a new server node: id='localhost:7002' server_name='ukamath.eideawdc1.local', port='80'
Fri Feb 24 15:39:40 2006 attempt #0 out of a max of 5
Fri Feb 24 15:39:40 2006 general list: trying connect to '127.0.0.1'/7002/7002 at line 2592 for '/'
Fri Feb 24 15:39:40 2006 New SSL URL: match = 0 oid = 22
Fri Feb 24 15:39:40 2006 Connection refused, error = 10022
Fri Feb 24 15:39:40 2006 Setting peerID for new SSL connection
Fri Feb 24 15:39:40 2006 7f00 0001 5a1b 0000 ....Z...
Fri Feb 24 15:39:40 2006 Local Port of the socket is 2206
Fri Feb 24 15:39:40 2006 Remote Host 127.0.0.1 Remote Port 7002
Fri Feb 24 15:39:40 2006 general list: created a new connection to '127.0.0.1'/7002 for '/', Local port:2206
Fri Feb 24 15:39:40 2006 URL::sendHeaders(): meth='â‚¬b' file='/' protocol='HTTP/0.9'
Fri Feb 24 15:39:40 2006 Hdrs to WLS:[Connection]=[Keep-Alive]
Fri Feb 24 15:39:40 2006 Hdrs to WLS:[WL-Proxy-SSL]=[true]
Fri Feb 24 15:39:40 2006 Hdrs to WLS:[WL-Proxy-Client-IP]=[206.233.40.81]
Fri Feb 24 15:39:40 2006 Hdrs to WLS:[Proxy-Client-IP]=[206.233.40.81]
Fri Feb 24 15:39:40 2006 Hdrs to WLS:[X-Forwarded-For]=[206.233.40.81]
Fri Feb 24 15:39:40 2006 Hdrs to WLS:[X-WebLogic-Force-JVMID]=[unset]
Fri Feb 24 15:39:40 2006 Hdrs to WLS:[X-WebLogic-Request-ClusterInfo]=[true]
Fri Feb 24 15:39:40 2006 INFO: No session match found
Fri Feb 24 15:39:40 2006 URL->reallySend 52
Fri Feb 24 15:39:40 2006 INFO: Certificate validation succeeded
Fri Feb 24 15:39:40 2006 URL->reallySend 140
Fri Feb 24 15:39:40 2006 INFO: AddSessionCallback
Fri Feb 24 15:39:40 2006 INFO: Negotiated to cipher: 3
Fri Feb 24 15:39:40 2006 URL->reallySend 253
Fri Feb 24 15:39:40 2006 SSLWrite sent 232
Fri Feb 24 15:39:40 2006 SSLWrite completed, sent 232
Fri Feb 24 15:39:40 2006 Reader::fill() SSLRead success, read: 250
Fri Feb 24 15:39:40 2006 URL::parseHeaders: StatusLine set to [200 OK]
Fri Feb 24 15:39:40 2006 Hdrs from WLS:[Date]=[Fri, 24 Feb 2006 20:39:40 GMT]
Fri Feb 24 15:39:40 2006 Hdrs from WLS:[Content-Length]=[8247]
Fri Feb 24 15:39:40 2006 Hdrs from WLS:[Content-Type]=[text/html]
Fri Feb 24 15:39:40 2006 Hdrs from WLS:[Connection]=[Keep-Alive]
Fri Feb 24 15:39:40 2006 Hdrs from WLS:[Set-Cookie]=[UDAYSESSION=D1vM1Jpv4gLKpS8kS48ZHLTpQgfFKh4BpwZsn9yHgSbgTYpF2zff!87218319; path=/]
Fri Feb 24 15:39:40 2006 Hdrs from WLS:[X-WebLogic-JVMID]=[87218319]
Fri Feb 24 15:39:40 2006 parsed all headers OK
Fri Feb 24 15:39:40 2006 sendResponse() : r->status = '200'
Fri Feb 24 15:39:40 2006 Hdrs to client (reset):[Date]=[Fri, 24 Feb 2006 20:39:40 GMT]
Fri Feb 24 15:39:40 2006 Hdrs to client (add):[Set-Cookie]=[UDAYSESSION=D1vM1Jpv4gLKpS8kS48ZHLTpQgfFKh4BpwZsn9yHgSbgTYpF2zff!87218319; path=/]
Fri Feb 24 15:39:40 2006 for 127.0.0.1/7002/7002, updated JVMID: 87218319
Fri Feb 24 15:39:40 2006 Reader::fill() SSLRead success, read: 4072
Fri Feb 24 15:39:40 2006 Reader::fill() SSLRead success, read: 4072
Fri Feb 24 15:39:40 2006 Reader::fill() SSLRead success, read: 103
Fri Feb 24 15:39:40 2006 Write to the browser failed: calling URL::close at line 649 of ap_proxy.cpp
Fri Feb 24 15:39:40 2006 *******Exception type [WRITE_ERROR_TO_CLIENT] raised at line 650 of ap_proxy.cpp
Fri Feb 24 15:39:40 2006 INFO: Closing SSL context
Fri Feb 24 15:39:40 2006 URL->reallySend 23
Fri Feb 24 15:39:40 2006 INFO: Error after SSLClose, socket may already have been closed by peer
Fri Feb 24 15:39:40 2006 NOT failing over after sendResponse() exception: idempotent=ON pastFailover=1
Fri Feb 24 15:39:40 2006 request [] did NOT process sucessfully..................

I got it to work on both apache and Sun One
the problem was i was not using 1 way SSL certificate as my truststore on client side. Let me write a detailed note so that it can be helpful for others who see this
So Client-----https( 1 way)------Apache/SunOne--->https-----Weblogic
1. On Weblogic i just added custom keystore and custom trusttore as given in weblogic
2. I changed SunOne (i will give for SunOne and apache is similar) obj.conf to look like this
# Use only forward slashes in pathnames--backslashes can cause
# problems. See the documentation for more information.
<Object name="default">
AuthTrans fn="match-browser" browser="*MSIE*" ssl-unclean-shutdown="true"
NameTrans fn="ntrans-j2ee" name="j2ee"
NameTrans fn=pfx2dir from=/mc-icons dir="C:/Sun/WebServer6.1/ns-icons" name="es-internal"
#NameTrans fn=document-root root="$docroot"
PathCheck fn=nt-uri-clean
PathCheck fn="check-acl" acl="default"
PathCheck fn=find-pathinfo
#PathCheck fn=find-index index-names="index.html,home.html,index.jsp"
#ObjectType fn=type-by-extension
#ObjectType fn=force-type type=text/plain
#Service method=(GET|HEAD) type=magnus-internal/imagemap fn=imagemap
#Service method=(GET|HEAD) type=magnus-internal/directory fn=index-common
#Service method=(GET|HEAD|POST) type=*~magnus-internal/* fn=send-file
Service method=TRACE fn=service-trace
Error fn="error-j2ee"
AddLog fn=flex-log name="access"
</Object>
<Object name="j2ee">
Service fn="service-j2ee" method="*"
</Object>
<Object name="cgi">
ObjectType fn=force-type type=magnus-internal/cgi
Service fn=send-cgi
</Object>
<Object name="es-internal">
PathCheck fn="check-acl" acl="es-internal"
</Object>
<Object name="send-compressed">
PathCheck fn="find-compressed"
</Object>
<Object name="compress-on-demand">
Output fn="insert-filter" filter="http-compression"
</Object>
<Object name="weblogic" ppath="*">
Service fn="wl_proxy" WebLogicCluster="ukamath:7002,excursion:7002" CookieName=PIIE_USER_SESSION SecureProxy=ON RequireSSLHostMatch=FALSE TrustedCAFile="C:/cvsdir/concordebranch/IntegrationTests/model/integration/ssl/server/trustedcafile.pem" WLProxySSL=ON Debug=ALL DebugConfigInfo=TRUE WLLogFile="C:/Sun/WebServer6.1/https-ukamath.eideawdc1.local/logs/wlproxy.log"\
</Object>
NOTE:
1. i changed entire thing to go to our weblogic but you can change it to your required path by changing ppath
2. I had to comment NameTrans from adding paths to docs etc as for the same reason as weblogic needed to handle it rather than sun one.
3. I changed Sunone to use SSL certificate from Verisign (14 days) by going through the Admin Server of SunOne and clicking manage and then going through Security tab and filling the request. Then installed the certificate on the SunOne managed https-machine server. Then went to preferences and added security enabled ports. Make sure you click enabled on security and certificate host optional.
4. I changed my Java client to use same truststore as SunOne bby doing an import.
For this i copied the certificate received from Verisign to file as .pem and used weblogic utils.pem2der to convert it to derfile and then imported the der file using java keytool to cacerts of jdk.
5. My Java code looked like this using Sun's SSL implementation
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
          //set provider
          java.security.Provider provider = (java.security.Provider)Class.forName("com.sun.net.ssl.internal.ssl.Provider").newInstance();
          java.security.Security.addProvider(provider);
          //set verifier
          com.sun.net.ssl.HostnameVerifier hv = new DHIHostNameVerifier();
          com.sun.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier( hv );
          System.setProperty("javax.net.ssl.trustStore", "C:/cvsdir/concordebranch/cacerts");
          //System.setProperty("javax.net.ssl.trustStore", "C:/Program Files/Java/j2re1.4.2_10/lib/security/cacerts");
          //lets create a url
     URL url = new URL("https://ukamath:443/");
          URLConnection urlCon = url.openConnection();
If you have questions forward me an email and i can guide you. I am doing it as i struggled a lot because of it for first time.
Thanks

WebLogic and Apache

Hi,
          We are developing an application using WebLogic ejb and servlet and we
          are planning to use Apache as the HTTP server. Are there any know
          issues about this combination?
          According to the manual, the mod_proxy of Apache can be used to link
          Apache and Weblogic. Has anybody done that?
          Thanks,
          Cecil Pang
          [email protected]


This doesn't sound like a definitive answer. Are you saying we will NOT
          support you if you use Apache?
          Should it work? What are people doing wrong? The answer below isn't
          much help IMHO.
          Prasad Peddada wrote:
          >
          > At this point we don't have plugins for Apache. We have plugins for NES, IIS only.
          >
          > Thanks
          > Prasad
          >
          > HBO wrote:
          >
          > > Barbara, thanks for the reply.
          > >
          > > So, are we saying that we should not use Apache with Weblogic Server? I
          > > browsed through the discussion groups and I found no definitive answer to this
          > > question. How about folks from BEA/Weblogic? What is your recommendation?
          > >
          > > At this point, we can either go with Apache or Netscape HTTP server. But we
          > > would like to use Apache unless there are issues in linking it to Weblogic
          > > Server.
          > >
          > > Any advice will be appreciated.
          > >
          > > Cecil Pang
          > > 10 Dimensions Technologies Inc.
          > > [email protected]
          > >
          > > Barbara Singer wrote:
          > >
          > > > Hello:
          > > >
          > > > We have tried to setup the exact configuration but with no success to date.
          > > > We are using WebLogic Application Server 4.51 and Apache by
          > > > Stronghold/C2Net. However, this has not worked with the standard Apache
          > > > distrubution either.
          > > >
          > > > /bas
          > > > HBO <[email protected]> wrote in message news:[email protected]...
          > > > > Hi,
          > > > >
          > > > > We are developing an application using WebLogic ejb and servlet and we
          > > > > are planning to use Apache as the HTTP server. Are there any know
          > > > > issues about this combination?
          > > > >
          > > > > According to the manual, the mod_proxy of Apache can be used to link
          > > > > Apache and Weblogic. Has anybody done that?
          > > > >
          > > > > Thanks,
          > > > > Cecil Pang
          > > > > [email protected]
          > > > >
          From Tom Gerber (Surnames: Archer, Knaeble, Lahiff, Mooney, Preisen,
          Sexton)

Sessions wth WL8.1 and Apache Plug In

We are currently facing problems with session failover with WL 8.1(SP4) and Apache(2.0.54) plugin.
          Just wanted to know if session replication works across different subnets.
          We have Managed Servers running on different subnets which are part of a single cluster. Session replication works (tested with the sample InMemRepClient application supplied with weblogic) when machines within the subnet are up and fails when machines within the same subnet are down, although machines are up in a different subnet.
          Does weblogic allow session replpication to work across different clusters with different subnets?
          Is this a limitaion with WL8.1 and is this session replication work across subnets with WL9?
          Thanks.

I believe that we recommend having all the managed srevers in a single subnet. However, even if the cluster spans more than one subnet, you can configure the Multicast Time-To-Live (TTL) parameter for the cluster and it will work fine. Please have a look on following pieces of documentation:
          "If Your Cluster Spans Multiple Subnets in a WAN" on http://e-docs.bea.com/wls/docs81/cluster/features.html
          And
          "Configure Multicast Time-To-Live (TTL)" on http://e-docs.bea.com/wls/docs81/cluster/setup.html#732108
          Hope this helps.

Weblogic server 9.2 and SSL server certificate for the wrong site

I turned on SSL service for a weblogic 9.2 server and later on changed the hostname of the machine that weblogic was running on. So the hostname that my SSL server certificate was issued to has now became an invalid hostname. But my weblogic server continues to run SSL service without any exception. I can still access my web applications thru the SSL port (except of course I get a warning for the server certificate every time that it is for the "wrong site"). My question is this: should weblogic 9.2 verify the hostname in the server certificate and stop SSL service if the certificate is for the wrong site? Or is verifying the certificate strictly the job of the browser? Just want to make sure there is nothing wrong with my SSL configuration. Thanks.

So you are saying that something is wrong with my weblogic 9.2 ssl configuration? And that given a server certificate issued to a different hostname, my weblogic server should NOT be servicing ssl request and/or it should throw some sort of exception during startup? Thanks for clarifying.

Apache, ssl, and php problem

i just added ssl support to my apache website running php. before i added ssl i had a php flash script that has always worked fine until i altered the httpd.conf file to forbid access to this directory unless it was an encrypted connection. i used the code
<Directory "/home/httpd/html/folder">
AuthType Basic
AuthName "user"
AuthUserFile /home/httpd/passwords/folder
Require user user
SSLRequireSSL
</Directory>
i tested the ssl with the directory running php before i altered the code and it worked fine. now that i altered the code to require ssl, the folder's index shows up a blank page. what went wrong, is there some bug or something i did wrong?

steps to use ssl in arch with apache.
1) pacman -S openssl apache
2) Read /etc/httpd/conf/mod_ssl.txt
2a) Edit /etc/conf.d/httpd and set HTTPD_USE_SSL to "yes"
2b) Create an ssl key, request, and certificate.
# This generates the cert and key (valid for 3650 days)
# Be sure to enter the FQDN of your apache server as the "Common Name".
openssl req -new -x509 -newkey rsa:1024 -days 3650
-keyout server.key -out server.crt
# This will remove the passphrase
openssl rsa -in server.key -out server.key
2c) Modify /etc/httpd/conf/ssl.conf to use your new certificate.
SSLCertificateFile /etc/httpd/conf/server.crt
SSLCertificateKeyFile /etc/httpd/conf/server.key
3) Edit /etc/httpd/conf/ssl.conf
Define an appropriate virtualhost for your ssl site
4) Restart apache (/etc/rc.d/httpd restart)
If it hangs or fails to start, check the /var/log/httpd/error_log or try running
'/usr/sbin/apachectl startssl' and looking for errors/prompts.
NOTE: Using the same dir for ssl and non-ssl does not make sense, as someone could just use non-ssl to access the same information. Instead, create a new directory (something like /home/httpd/ssl), and use that dir for ssl web activities. Adjust /etc/httpd/conf/ssl.conf accordingly

Cookie will not write using weblogic 5.1 and Apache

          Hi,
          I'm having problems having my application write cookies under the UNIX environment. It works fine under
          the NT environment. Could this be a problem with the Apache plugin and weblogic 5.1???
          Under the UNIX environment, it will not write to the cookies at all. Is it because I have weblogic and apache
          on two sperate machines?? Any advice would be much appreciated.
          Thanks,
          Wayne


There is no apache 2.x plugin for WLS 5.1.
Sorry,
Eric
"sridhar" <[email protected]> wrote in message
news:[email protected]..
Hi
I am trying to use the webservices of apache 2.x server. I am usingweblogic 5.1 application server. Can you give the details of installation
and configuration of plugins which is compatable for the version as i said
above? As far as i search on BEA site i didnt get the solution for the
version i mentioned. An early reply is expected.
>
Thanks a lot
sridhar

Weblogic 5.1 sp3 with Apache or Stronghold on Solaris 2,7

Hi All,
We are planning to use Apache or Stronghold(most probably Stronghold as it
supports SSL which I was told Apache does not support) and WebLogic 5.1 sp
3. Has anyone used this combination before if so we would like to know if
you have faced any integration issues with this ? If you do what kind of
integration issues were they ? Just connection related or scalability
related ? Has anyone used WebLogic built-in webservevr in production
environment ? How does it scale up ?
Thanks
Prasad

Would you please let me know when exactly(date) the sp4 was released
Thanks,
Ravi.
Vinod Mehra <[email protected]> wrote:
Checkout the 510 service pack 4. It has these binaries:
1. mod_wl.so for standard Apache (non EAPI) installations
2. mod_wl_ssl.so for Apache + SSL/EAPI installations(Stronghold, modssl etc)
3. mod_wl_ssl_raven.so for Apache + Raven installations
mod_wl_ssl_raven.so was required because Raven applies frontpage patches which
makes it incompatible with mod_wl_ssl.so
--Vinod.
Filip Hanik wrote:
Apache supports SSL with two implementations
1. http://www.apache-ssl.org/
2. Apache with OpenSSL (mod_ssl)
On Solaris there are no problems integrating weblogic and Apache.
I would not recommend using the weblogic web server, the performance of image
streaming and serving static webpages is not the greatest - apache will do a
much better job for you.
Weblogic also has a plug in for apache on Solaris that supports fail over. ie.
if one of your weblogic server goes down then apache can reconnect to another
one
Filip Hanik
[email protected]
In article <396a70f4$[email protected]>,
[email protected] says...
Hi All,
We are planning to use Apache or Stronghold(most probably Stronghold as it
supports SSL which I was told Apache does not support) and WebLogic 5.1 sp
3. Has anyone used this combination before if so we would like to know if
you have faced any integration issues with this ? If you do what kind of
integration issues were they ? Just connection related or scalability
related ? Has anyone used WebLogic built-in webservevr in production
environment ? How does it scale up ?
Thanks
Prasad

WLS 6.1 SP3 and apache plugin

Hello,
I have WLS 6.1 SP3 and apache 1.3.26 installed on solaris 8.
I enabled the weblogic Weblogic Plug-In Enabled for my wls server and
then I configured my apache server like the following:
1) I used mod_wl.so that comes with wls under
\bea\wlserver6.1\lib\solaris
2) Then I loaded that module using APACHE_HOME/bin/apxs -i -a -n
weblogic mod_wl.so
When I load the module I get the following:
[Thu Jan 15 10:05:53 2004] [warn] Loaded DSO libexec/mod_wl.so uses
plain Apache 1.3 API, this module might crash under EAPI!
please recompile it with -DEAPI)
/usr/apache/bin/apachectl start: httpd started
I don't understand that message
3) The following lines were added to httpd.conf:
LoadModule weblogic_module libexec/mod_wl.so
AddModule mod_weblogic.c
4) Then I added the following to the httpd.conf:
<IfModule mod_weblogic.c>
WebLogicHost 10.1.10.205(my weblogic IP)
WebLogicPort 7020 (my weblogic port)
FileCaching On
MatchExpression *.jsp
</IfModule>
The problem is that the apache server is not able to redirect the jsp
calls to the WLS server and I'm always getting "The page cannot be
displayed"
Any information that might guide me to solve this problem is appreciated
Itani Mohamed
SoftSolutions
Tel: +961.1.90.11.70 ext:141
Fax: +961.1.90.11.75
www.softsolutions.fr

Itani,
Please try the mod-wl-ssl.so module shipped with weblogic, as this module is compiled with -DEAPI flag

Apache SSL segment faults

Have seen throughout the newsgroups references to the segmenation faults occuring with Apache-SSL and the WLS module. The fix in most instances was to was to remove a PathTrim statement, and the segfaults went away.I do not have any PathTrim statements, and only have to add the LoadModule and AddModule lines to the httpd.conf and any attempted SSL connection will generaet a segfault (I have not even added the IfModule mod_weblogic.c statement)I am running Apache 1.3.9, mod_ssl, Weblogic 6 SP1.Any help would be greatly appreciated.ThanksMark Parker

Is there a tentative list of accelerators that will be supported? If the
Sun accelerators are not on that list, please add them.
-chris
"Michael Young" <[email protected]> wrote in message
news:[email protected]..
whoops - got ahead of myself.
I don't know that there are plans to have the plugin use hardwareaccelerators. I was
writing about the WLS server supporting hardware ssl accelerators in thefuture.
>
Michael
Michael Young wrote:
Hi.
Currently there is no support for ssl hardware accelerators. There are
plans for this
in the next major release of WLS due out next year.
Thanks.
Michael
Lloyd Sher wrote:
Does anyone know if the apache ssl weblogic plug-in supports hardware
accelerators
(ie nCipher)?
If so how would this work? If not, are there any plans?
Thanks,
Lloyd--
Developer Relations Engineer
BEA Support--
Developer Relations Engineer
BEA Support

Apache Proxy Plug-in with multiple clusters?

We are using the Apache Proxy Plug-in , the
          basic question is if we can place multiple cluster
          IP's in the same Location definition or do we have
          to have a different definition for each cluster?
          Currently we have only 1 cluster, but if we decide
          to segment the large cluster into smaller clusters
          this is a critical network,url question.
          For example we have 4 clusters containing 2 IP:PORT pairs each.
          IP1:P1,IP2:P2 <== Cluster 1
          IP3:P3,IP4:P4 <== Cluster 2
          IP5:P5,IP6:P6 <== Cluster 3
          IP7:P7,IP8:P8 <== Cluster 4
          Can we have a single location "application" that services all of these clusters?
          <Location /webapp>
          SetHandler weblogic-handler
          WebLogicCluster IP1:P1,IP2:P2,IP3:P3,IP4:P4,IP5:P5,IP6:P6,IP7:P7,IP8:P8
          </Location>
          Or do we have to have distinct entries?
          <Location /webapp1>
          SetHandler weblogic-handler
          WebLogicCluster IP1:P1,IP2:P2
          </Location>
          <Location /webapp2>
          SetHandler weblogic-handler
          WebLogicCluster IP3:P3,IP4:P4
          </Location>
          <Location /webapp3>
          SetHandler weblogic-handler
          WebLogicCluster IP5:P5,IP6:P6
          </Location>
          <Location /webapp4>
          SetHandler weblogic-handler
          WebLogicCluster IP7:P7,IP8:P8
          </Location>
          Regards.

you should define location for each cluster.This would be a proper setup.
          The setup with same location definition would work partially, all the requests would be roundrobined across all the servers (all the clusters) and most likely you wouldn't get a proper failover.(cluster1 does not know about cluster2 from weblogic perspective)
          Vijay

WebLogic 7.0.1 and apache ssl plug-in

Similar Messages

Maybe you are looking for