Re: [users@httpd] How to use DH 4096 parameters?

On 14 Mar 2022, at 19:02, Yann Ylavic wrote: > > Step 3) does not work anymore with latest openssl versions, the only > way to configure custom dhparams in httpd is to append them to the > certificate file (see > https://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcertificatefile >

Re: [users@httpd] configure fails using --with-pcre with httpd-2.4.53

Thanks Yann, that was it (specifying the path to the pcre-config binary rather than the path to its installation directory). The build succeeds on both platforms now. We really appreciate the help. > --- Original Message --- > > On Monday, March 14th, 2022 at 2:06 PM, Yann Ylavic ylavic.

Re: [users@httpd] configure fails using --with-pcre with httpd-2.4.53

On Mon, Mar 14, 2022 at 5:46 PM Ash wrote: > > Configure fails for us when building httpd-2.4.53 from source using the > --with-pcre option. The error occurs on both RHEL 8 and Solaris 11.3. A > prior release of httpd (httpd-2.4.51) builds successfully in these same > environments with the sa

Re: [users@httpd] How to use DH 4096 parameters?

On Sun, Mar 13, 2022 at 3:55 PM Walter Hop wrote: > > On my old setup, this was DH 2048, which is considered “insufficient” > according to internet.nl. I have tried the following things: > > 1) use a 4096 bit RSA key and get a new certificate > 2) generate DH params with: openssl dhparam -out /et

Re: [users@httpd] configure fails using --with-pcre with httpd-2.4.53

You did change "/path/to/pcre" to the correct path, right? On Mon, Mar 14, 2022 at 12:45 PM Ash wrote: > Configure fails for us when building httpd-2.4.53 from source using the > --with-pcre option. The error occurs on both RHEL 8 and Solaris 11.3. A > prior release of httpd (httpd-2.4.51) bui

[users@httpd] configure fails using --with-pcre with httpd-2.4.53

Configure fails for us when building httpd-2.4.53 from source using the --with-pcre option. The error occurs on both RHEL 8 and Solaris 11.3. A prior release of httpd (httpd-2.4.51) builds successfully in these same environments with the same commands. We're using apr 1.7.0, apr-util 1.6.1, P

Re: [users@httpd] How to use DH 4096 parameters?

>> I’m confused where the DH 3072 comes from. My question is, what should I >> configure so that DH 4096 is sent? > > Your problem is in step 2) generate DH params - internet.nl explicitly > states that "Self-generated groups are 'Insufficient'". Follow their > instructions to download one of the

[users@httpd] Re: mod_evasive-2.2.0-win64-VS16 stringent parameters

Hello folks, Your suggestions on this are much appreciated. Regards, On Thu, Mar 3, 2022 at 9:49 AM Shubhankar Soni wrote: > Hello All, > > I have been using mod_evasive-2.2.0 module to enable DoS security. My > Apache web server is behind the Load balancer and I have added the below > paramet

Re: [users@httpd] How to use DH 4096 parameters?

On Sun, Mar 13, 2022 at 8:08 PM Walter Hop wrote: [...] > I’m confused where the DH 3072 comes from. My question is, what should I > configure so that DH 4096 is sent? Your problem is in step 2) generate DH params - internet.nl explicitly states that "Self-generated groups are 'Insufficient'".