[users@httpd] Questions regarding rotation of TLS session ticket keys

Hi everyone, Some questions came up with regards to the SSLSessionTickets and SSLSessionTicketKeyFile directives that we could not find a clear answer for. Perhaps, someone on this mailing list could help answer these questions. # SSLSessionTickets It says in the documentation that Apache ne

AW: [users@httpd] OCSP Stapling Logs with mod_md

Hi Daniel, Thanks for your reply. Yes, mod_ssl does offer OCSP stapling capabilities (https://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslocspenable), however, we use the OCSP stapling implementation provided by mod_md (https://httpd.apache.org/docs/2.4/mod/mod_md.html#mdstapling). That is

[users@httpd] OCSP Stapling Logs with mod_md

Hi everyone, We recently had issues renewing OCSP information with mod_md for Certificates not managed by mod_md. The issue was not related to mod_md and there was no interruption since the OCSP information is cached. While analyzing the issue, we noticed that even at high log levels some info

[users@httpd] h2 reverse proxy

Hello everyone, >From what I understand, the Apache-related problems mentioned in PortSwigger's >article [1] concerning h2 are fixed in the latest Apache Version 2.4.50. >However, there remain other Problems with h2 downgrading on a reverse proxy >that are outside of Apache's control, which is

AW: [users@httpd] Temp files sometimes not deleted (/tmp/modproxy.tmp.*)

Hi Eric, We could not find any bug reports when the issue first came up. I guess I should have checked again before writing to the mailinglist :-) In any case, thank you for pointing out the bug report! Simon -Ursprüngliche Nachricht- Von: Eric Covener Gesendet: Dienstag, 2. Juni 202

[users@httpd] Temp files sometimes not deleted (/tmp/modproxy.tmp.*)

Hi everyone, With the Upgrade to Apache httpd version 2.4.43, a new problem has come up: The temp files /tmp/modproxy.tmp.* are frequently not deleted. This, over time, fills the disk. The problem disappears if we downgrade to the version we had in use before that (which was 2.4.41). We are s

AW: [users@httpd] Is HPACK compression supported in Apache httpd with h2?

Hi Stefan, Thank you for the clarification and for answering so quickly! Best, Simon -Ursprüngliche Nachricht- Von: Stefan Eissing Gesendet: Mittwoch, 27. Mai 2020 16:32 An: users@httpd.apache.org Betreff: Re: [users@httpd] Is HPACK compression supported in Apache httpd with h2? Hi

[users@httpd] Is HPACK compression supported in Apache httpd with h2?

Hi everyone, Currently, I am looking into HTTP/2 and mod_http2. I could not, however find any information concerning HPACK compression support for Apache httpd. The HPACK compression algorithm is specified in RFC 7541: https://tools.ietf.org/html/rfc7541. For nginx, the HTTP/2 module implement

AW: [users@httpd] Segmentation faults on graceful reload of Apache httpd with APR 1.7.0 and mod_auth_openidc

Hi Eric, Just to let you know, it appears that the developer managed to solve the issue with your suggestion: https://github.com/zmartzone/mod_auth_openidc/issues/458#issuecomment-599203268. Thanks again! Simon -Ursprüngliche Nachricht- Von: Studer Simon, I253 extern Gesendet: Dienst

AW: [users@httpd] Segmentation faults on graceful reload of Apache httpd with APR 1.7.0 and mod_auth_openidc

Hi Eric, Thank you for your quick reply! This information might be interesting for the developers of mod_auth_openidc. I will show them your message and report back here if we manage to solve the issue. Best, Simon -Ursprüngliche Nachricht- Von: Eric Covener Gesendet: Montag, 2. Mär

[users@httpd] Segmentation faults on graceful reload of Apache httpd with APR 1.7.0 and mod_auth_openidc

Hi everyone, We have been having issues with segmentation faults on graceful restarts of Apache httpd in combination with the module mod_auth_openidc. After a back and forth with one of the developers over on Github, we came to the finding that the segmentation faults occur with version 1.7.0 o