top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

SSLRequire thread safety on apache?

+1 vote

I'm going to use SSLRequire using the worker MPM.

The docs say, "The implementation of SSLRequire is not thread safe. Using SSLRequire inside .htaccess files on a threaded MPM may cause random crashes."

Does this mean that I'm okay with threaded MPM if I'm only using SSLRequire inside httpd.conf and not in .htaccess?

posted Dec 2, 2013 by Satish Mishra

Looking for an answer?  Promote on:
Facebook Share Button Twitter Share Button LinkedIn Share Button

Similar Questions
+1 vote

Are automatic variables (that are defined in functions, lambdas, blocks) in C++11 thread local? Is the following code correct:

auto f1 = [
 SomeClass1 obj1;
 double z = obj1.f2(y);
 return cos(z);

// Some function which creates several threads which call f1.

+3 votes

I have Apache 2.4 (win32) and have the following in my CA bundle.

Root 1
Subordinate 1
Subordinate 2

My server was signed off Subordinate 1, When I do openssl s_client -connect server:443, it shows both Subordinate 1 and Subordinate 2 in the acceptable CA names.

If I remove Subordinate 2 from the bundle, It only shows Subordinate 1 as a acceptable CA. However, if I remove Subordinate 1, it still shows as an acceptable CA.

It seems httpd references not only cabundle/cafiles but also certs in the Chain file. as acceptable CAs.

Is it possible to prevent a user signed off Subordinate 1 from using client certificate authentication while the server cert is issued off Subordinate 1?

+3 votes

I want to expose backend https servers over internet through reverse proxy. Backend servers are already have SSL certificates. Do I need to install SSL on reverse proxy too.

If I redirect external users requests to https server via reverse proxy then will end user see the SSL certificate in browser.

Can anyone help me in this situation. I already have 3 SSL on internal servers, so do I need more certificates. How the configuration will go in this case.