Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

> Am 08.07.2024 um 17:07 schrieb Yann Ylavic : > > On Fri, Jul 5, 2024 at 5:59 PM Yann Ylavic wrote: >> >> On Fri, Jul 5, 2024 at 5:08 PM Ruediger Pluem wrote: >>> >>> On 7/5/24 4:09 PM, Stefan Eissing via dev wrote: The patches look good to me. I have not tested them as I have n

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

On Fri, Jul 5, 2024 at 5:59 PM Yann Ylavic wrote: > > On Fri, Jul 5, 2024 at 5:08 PM Ruediger Pluem wrote: > > > > On 7/5/24 4:09 PM, Stefan Eissing via dev wrote: > > > > > > The patches look good to me. I have not tested them as I have no old > > > openssl lying around, but I trust in your bui

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

On Fri, Jul 5, 2024 at 5:08 PM Ruediger Pluem wrote: > > On 7/5/24 4:09 PM, Stefan Eissing via dev wrote: > > > > > >> Am 05.07.2024 um 15:44 schrieb Ruediger Pluem : > >> > >> > >> > >> On 7/5/24 3:40 PM, Yann Ylavic wrote: > >>> On Fri, Jul 5, 2024 at 3:35 PM Yann Ylavic wrote: > > On

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

On 7/5/24 4:09 PM, Stefan Eissing via dev wrote: > > >> Am 05.07.2024 um 15:44 schrieb Ruediger Pluem : >> >> >> >> On 7/5/24 3:40 PM, Yann Ylavic wrote: >>> On Fri, Jul 5, 2024 at 3:35 PM Yann Ylavic wrote: On Fri, Jul 5, 2024 at 3:05 PM Ruediger Pluem wrote: > > md_cr

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

> Am 05.07.2024 um 15:44 schrieb Ruediger Pluem : > > > > On 7/5/24 3:40 PM, Yann Ylavic wrote: >> On Fri, Jul 5, 2024 at 3:35 PM Yann Ylavic wrote: >>> >>> On Fri, Jul 5, 2024 at 3:05 PM Ruediger Pluem wrote: md_crypt.c: In function 'md_cert_get_ct_scts': md_crypt.

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

On 7/5/24 3:40 PM, Yann Ylavic wrote: > On Fri, Jul 5, 2024 at 3:35 PM Yann Ylavic wrote: >> >> On Fri, Jul 5, 2024 at 3:05 PM Ruediger Pluem wrote: >>> >>> md_crypt.c: In function 'md_cert_get_ct_scts': >>> md_crypt.c:2071:5: error: unknown type name 'SCT' >>> SCT *sct_handle;

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

On 7/5/24 3:26 PM, Yann Ylavic wrote: > On Fri, Jul 5, 2024 at 3:16 PM Yann Ylavic wrote: >> >> On Fri, Jul 5, 2024 at 3:05 PM Ruediger Pluem wrote: >>> >>> >>> >>> On 7/5/24 2:14 PM, Ruediger Pluem wrote: On 7/5/24 2:11 PM, Ruediger Pluem wrote: > > > On 7/5/24 2:04

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

On Fri, Jul 5, 2024 at 3:35 PM Yann Ylavic wrote: > > On Fri, Jul 5, 2024 at 3:05 PM Ruediger Pluem wrote: > > > > md_crypt.c: In function 'md_cert_get_ct_scts': > > md_crypt.c:2071:5: error: unknown type name 'SCT' > > SCT *sct_handle; > > > > This one is caused by r1918195 in

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

On 7/5/24 3:16 PM, Yann Ylavic wrote: > On Fri, Jul 5, 2024 at 3:05 PM Ruediger Pluem wrote: >> >> >> >> On 7/5/24 2:14 PM, Ruediger Pluem wrote: >>> >>> >>> On 7/5/24 2:11 PM, Ruediger Pluem wrote: On 7/5/24 2:04 PM, Stefan Eissing via dev wrote: > > >> Am 05.07.2024

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

On Fri, Jul 5, 2024 at 3:05 PM Ruediger Pluem wrote: > > md_crypt.c: In function 'md_cert_get_ct_scts': > md_crypt.c:2071:5: error: unknown type name 'SCT' > SCT *sct_handle; > > This one is caused by r1918195 in >= 2.4.60. Before r1918195 OPENSSL_NO_CT > was defined when opens

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

On Fri, Jul 5, 2024 at 3:16 PM Yann Ylavic wrote: > > On Fri, Jul 5, 2024 at 3:05 PM Ruediger Pluem wrote: > > > > > > > > On 7/5/24 2:14 PM, Ruediger Pluem wrote: > > > > > > > > > On 7/5/24 2:11 PM, Ruediger Pluem wrote: > > >> > > >> > > >> On 7/5/24 2:04 PM, Stefan Eissing via dev wrote: > >

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

On Fri, Jul 5, 2024 at 3:05 PM Ruediger Pluem wrote: > > > > On 7/5/24 2:14 PM, Ruediger Pluem wrote: > > > > > > On 7/5/24 2:11 PM, Ruediger Pluem wrote: > >> > >> > >> On 7/5/24 2:04 PM, Stefan Eissing via dev wrote: > >>> > >>> > Am 05.07.2024 um 13:51 schrieb Ruediger Pluem : > > >>>

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

On 7/5/24 2:14 PM, Ruediger Pluem wrote: > > > On 7/5/24 2:11 PM, Ruediger Pluem wrote: >> >> >> On 7/5/24 2:04 PM, Stefan Eissing via dev wrote: >>> >>> Am 05.07.2024 um 13:51 schrieb Ruediger Pluem : I just noticed that mod_md in 2.4.61 fails to compile with openssl < 1.

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

On 7/5/24 2:11 PM, Ruediger Pluem wrote: > > > On 7/5/24 2:04 PM, Stefan Eissing via dev wrote: >> >> >>> Am 05.07.2024 um 13:51 schrieb Ruediger Pluem : >>> >>> I just noticed that mod_md in 2.4.61 fails to compile with openssl < 1.1.1. >>> Below is the output against openssl 1.0.2 on RedHat

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

On 7/5/24 2:04 PM, Stefan Eissing via dev wrote: > > >> Am 05.07.2024 um 13:51 schrieb Ruediger Pluem : >> >> I just noticed that mod_md in 2.4.61 fails to compile with openssl < 1.1.1. >> Below is the output against openssl 1.0.2 on RedHat 7: >> >> md_crypt.c: In function 'md_pkey_get_rsa_e6

Re: mod_md in 2.4.61 fails to compile with openssl < 1.1.1

> Am 05.07.2024 um 13:51 schrieb Ruediger Pluem : > > I just noticed that mod_md in 2.4.61 fails to compile with openssl < 1.1.1. > Below is the output against openssl 1.0.2 on RedHat 7: > > md_crypt.c: In function 'md_pkey_get_rsa_e64': > md_crypt.c:982:5: warning: implicit declaration of fu

Re: mod_md update

Had an issue with v2.1.9-beta : Renew Error :: challenge-mismatch. Looks good now. After upgrading to the trunk version 2.2.0, it is renewing (did not change config and /md folder): server-status Activity: The certificate for the managed domain has been renewed successfully and can be use

Re: mod_md update

Thanks! > Am 16.10.2019 um 15:26 schrieb Steffen : > > mod_md.dsp is fine. > > It builds fine here. > > Steffen > > On Wednesday 16/10/2019 at 14:34, Stefan Eissing wrote: >> Update from github tested mod_md in r1868506. >> >> 2 new source files added, you probably need to buildconfig. I add

Re: mod_md update

mod_md.dsp is fine. It builds fine here. Steffen On Wednesday 16/10/2019 at 14:34, Stefan Eissing wrote: Update from github tested mod_md in r1868506. 2 new source files added, you probably need to buildconfig. I added the files to the CMakeLists.txt and modules/md/mod_md.dsp. Hope it w

Re: mod_md with no vhosts, sni and ssl only, no go

Thanks! Very good news : build against 2.4.41 a certificate was generated with the domains in MDomain. When no certificate was specified global, the Apache does not start. After adding a valid other certificate a new certificate is created with the domains in MDomain. Then I replaced th

Re: mod_md with no vhosts, sni and ssl only, no go

Hi Steffen, could you check the v2.1.1 I just released? I fixed the recognition of the "amce-tls/1" protocol when using it in the base server. Hope this works for you as well. - Stefan > Am 06.08.2019 um 10:48 schrieb Steffen : > > Forget to attached the log. > > On 5-8-2019 15:19, Steffen w

Re: mod_md with no vhosts, sni and ssl only, no go

Forget to attached the log. On 5-8-2019 15:19, Steffen wrote: Thanks, Same, also get again : The https: challenge 'tls-alpn-01' is disabled because the Protocols configuration does not include the 'acme-tls/1' protocol. It is in the protocols directive:     ProtocolsHonorOrder On     Protoc

Re: mod_md with no vhosts, sni and ssl only, no go

Thanks, Same, also get again : The https: challenge 'tls-alpn-01' is disabled because the Protocols configuration does not include the 'acme-tls/1' protocol. It is in the protocols directive: ProtocolsHonorOrder On Protocols h2 http/1.1 acme-tls/1 MDomain apachelounge.nl www.apache

Re: mod_md with no vhosts, sni and ssl only, no go

I think mod_md is not particularly suited to server setups without any VirtualHosts. I have at least no tests for this. You can try (with a 2.4.40): # the new, shorter form MDCertificateAgreement accepted # we want the base server to be managed MDBaseServer on # the list of domains, including on

Re: mod_md v2.0.x + mod_ssl backport

> Am 12.07.2019 um 09:53 schrieb Joe Orton : > > On Wed, Jul 10, 2019 at 01:40:10PM +0200, Stefan Eissing wrote: >> Added descriptions for this. >> >> Updated the backport patch. Updated the mod_md version in trunk, 2.4.x >> and github master and github maintenance branch. At this time, each

Re: mod_md v2.0.x + mod_ssl backport

On Wed, Jul 10, 2019 at 01:40:10PM +0200, Stefan Eissing wrote: > Added descriptions for this. > > Updated the backport patch. Updated the mod_md version in trunk, 2.4.x > and github master and github maintenance branch. At this time, each > change is about half a day's work. Thanks, all LGTM!

Re: mod_md v2.0.x + mod_ssl backport

One day later... > Am 09.07.2019 um 13:28 schrieb Joe Orton : > > On Tue, Jul 09, 2019 at 11:57:00AM +0200, Stefan Eissing wrote: >> mod_md v2.0.x has landed in 2.4.x. This offers the ACMEv2 (RFC 8555) support >> and offers various monitoring possibilities for admins to see what is going >> on.

Re: mod_md v2.0.x + mod_ssl backport

> Am 09.07.2019 um 13:28 schrieb Joe Orton : > > On Tue, Jul 09, 2019 at 11:57:00AM +0200, Stefan Eissing wrote: >> mod_md v2.0.x has landed in 2.4.x. This offers the ACMEv2 (RFC 8555) support >> and offers various monitoring possibilities for admins to see what is going >> on. But...it reall

Re: mod_md v2.0.x + mod_ssl backport

On Tue, Jul 09, 2019 at 11:57:00AM +0200, Stefan Eissing wrote: > mod_md v2.0.x has landed in 2.4.x. This offers the ACMEv2 (RFC 8555) support > and offers various monitoring possibilities for admins to see what is going > on. But...it really needs votes for a mod_ssl related backport: > > m

Re: mod_md version 2

Thanks! > Am 14.05.2019 um 09:02 schrieb Ruediger Pluem : > > > > On 05/06/2019 02:53 PM, Stefan Eissing wrote: >> Heya, >> >> the beautiful people at MOSS, Mozilla's Open Source Support, decided to give >> me a grant for Let's Encrypt and Stapling improvements in Apache! Big thanks! >> >> I

Re: mod_md version 2

On 05/06/2019 02:53 PM, Stefan Eissing wrote: > Heya, > > the beautiful people at MOSS, Mozilla's Open Source Support, decided to give > me a grant for Let's Encrypt and Stapling improvements in Apache! Big thanks! > > I described what I plan to do here: > https://github.com/icing/mod_md/wik

Re: mod_md source sync

Ok, I copied the MODSSL_USE_OPENSSL_PRE_1_1_API definitions into md_crypt.c and hope I did it right. Otherwise Bernard will probably kick me politely... > Am 29.06.2018 um 12:00 schrieb Stefan Eissing : > > While synching sources of mod_md between apache and github, I have a question > for the

Re: mod_md OpenSSL version requirement 1.0.0

On 03/16/2018 01:33 PM, Yann Ylavic wrote: > On Fri, Mar 16, 2018 at 1:11 PM, Eric Covener wrote: >> On Fri, Mar 16, 2018 at 7:57 AM, Stefan Eissing >> wrote: >>> Hi Rainer, >>> >>> thanks for solving this issue. The version check indeed was missing. I do >>> not think supporting ACME on serve

Re: mod_md : not possible to use Lets-Encrypt-Win-Simple

On Monday 19 of March 2018, Stefan Eissing wrote: > Thanks, Arkadiusz, that sounds reasonable. I will make that change and let > you know. > > For tracking and so that other Apache user can find it more easily, could > you open a short bug report here? Thanks! https://bz.apache.org/bugzilla/show_

Re: mod_md : not possible to use Lets-Encrypt-Win-Simple

> Am 18.03.2018 um 20:34 schrieb Gregg Smith : > > My read on the original post: > > First we have stated that "For mod_ssl to work in the vote release, mod_md > must also be included..." > > That is what I honed in on. Apache will not start if there's a module > specific directive without t

Re: mod_md : not possible to use Lets-Encrypt-Win-Simple

Thanks, Arkadiusz, that sounds reasonable. I will make that change and let you know. For tracking and so that other Apache user can find it more easily, could you open a short bug report here? Thanks! > Am 18.03.2018 um 19:00 schrieb Arkadiusz Miśkiewicz : > >> On Sunday 18 of March 2018, Eric

Re: mod_md : not possible to use Lets-Encrypt-Win-Simple

My read on the original post: First we have stated that "For mod_ssl to work in the vote release, mod_md must also be included..." That is what I honed in on. Apache will not start if there's a module specific directive without that module being loaded. Since the OP states that *mod_ssl* wil

Re: mod_md : not possible to use Lets-Encrypt-Win-Simple

Am 18.03.2018 um 20:07 schrieb Eric Covener: On Sun, Mar 18, 2018 at 2:25 PM, Steffen wrote: It is indeed a limitation for an "old" account, and when LE enables TLS again (not sure it does already in ACMEv2 protocol) When did this become about TLS-SNI challenges and how does that tie into th

Re: mod_md : not possible to use Lets-Encrypt-Win-Simple

On Sun, Mar 18, 2018 at 2:25 PM, Steffen wrote: > > It is indeed a limitation for an "old" account, and when LE enables TLS > again (not sure it does already in ACMEv2 protocol) When did this become about TLS-SNI challenges and how does that tie into the external ACME client? Can you connect the

Re: mod_md : not possible to use Lets-Encrypt-Win-Simple

It is indeed a limitation for an "old" account, and when LE enables TLS again (not sure it does already in ACMEv2 protocol) You can have mod_md for a few domains and other domains with a client. This a a conf most AL admin/users are using till now, special the seasoned admin's. In my

Re: mod_md : not possible to use Lets-Encrypt-Win-Simple

>> After reading the above and the last post in the forum, it sounds like >> the requirement is: >> >> "Need an option to disable the handling of /.well-known by mod_md so >> an external ACME client can be used more easily". >> >> It seems a bit weird to load mod_md and not use it as your ACME >> c

Re: mod_md : not possible to use Lets-Encrypt-Win-Simple

On Sunday 18 of March 2018, Eric Covener wrote: > On Sun, Mar 18, 2018 at 1:41 PM, Steffen wrote: > > Did some tests: > > > > http://www.apachelounge.com/viewtopic.php?p=36624#36624 > > > > > > My conclusion (correct me if I am wrong): > > > > When you run mod_md , you cannot use a client whi

Re: mod_md : not possible to use Lets-Encrypt-Win-Simple

On Sun, Mar 18, 2018 at 1:41 PM, Steffen wrote: > > Did some tests: > > http://www.apachelounge.com/viewtopic.php?p=36624#36624 > > > My conclusion (correct me if I am wrong): > > When you run mod_md , you cannot use a client which uses TLS . > > It is a limitation when Apache user has an "old"

Re: mod_md : not possible to use Lets-Encrypt-Win-Simple

On Sun, Mar 18, 2018 at 11:52 AM, Steffen wrote: > A note from admin/user at > http://www.apachelounge.com/viewtopic.php?p=36619#36619 > > Asked the reporter to file at bugzilla: > > Not sure it is a issue. > > A suggestion from me for the official release: > > I would not publish the official rel

Re: mod_md : not possible to use Lets-Encrypt-Win-Simple

Did some tests: http://www.apachelounge.com/viewtopic.php?p=36624#36624 My conclusion (correct me if I am wrong): When you run mod_md , you cannot use a client which uses TLS . It is a limitation when Apache user has an "old" LE account and uses a acme client with/without mod_md TLS-SN

Re: mod_md OpenSSL version requirement 1.0.0

> Am 16.03.2018 um 13:33 schrieb Yann Ylavic : > > On Fri, Mar 16, 2018 at 1:11 PM, Eric Covener wrote: >> On Fri, Mar 16, 2018 at 7:57 AM, Stefan Eissing >> wrote: >>> Hi Rainer, >>> >>> thanks for solving this issue. The version check indeed was missing. I do >>> not think supporting ACME

Re: mod_md OpenSSL version requirement 1.0.0

On Fri, Mar 16, 2018 at 1:11 PM, Eric Covener wrote: > On Fri, Mar 16, 2018 at 7:57 AM, Stefan Eissing > wrote: >> Hi Rainer, >> >> thanks for solving this issue. The version check indeed was missing. I do >> not think supporting ACME on servers with such old OpenSSL is really >> something to s

Re: mod_md OpenSSL version requirement 1.0.0

On Fri, Mar 16, 2018 at 7:57 AM, Stefan Eissing wrote: > Hi Rainer, > > thanks for solving this issue. The version check indeed was missing. I do not > think supporting ACME on servers with such old OpenSSL is really something to > strive for. I'd have settled for a check von 1.0.2 even. If your

Re: mod_md OpenSSL version requirement 1.0.0

Hi Rainer, thanks for solving this issue. The version check indeed was missing. I do not think supporting ACME on servers with such old OpenSSL is really something to strive for. I'd have settled for a check von 1.0.2 even. If your changed check makes it working for 1.0.1 also, that's fine. My

Re: mod_md OpenSSL version requirement 1.0.0

Am 16.03.2018 um 12:21 schrieb Rainer Jung: It seems mod_md (trunk and 2.4, currently identical) needs OpenSSL 1.0.2 (for ASN1_TIME_diff), but with a small change (using the already existing LIBRESSL alternative code) it only needs 1.0.0. Since we still support 0.9.8a+ for 2.4.x and trunk, I t

Re: mod_md in docu no valid Certificate Agreement

Noticed now: In the doc 2.4: https://letsencrypt.org/documents/2017.11.15-LE-SA-v1.2.pdf In the Git/Wiki we have: https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf Cannot  test if both work with mod_md. (Both links are pointing to the same pdf). On 20-2-2018 14:01, Stefan

Re: mod_md in docu no valid Certificate Agreement

elukey did fix the agreements in trunk. Now merged into 2.4.x in r1824871. Thanks for checking. > Am 20.02.2018 um 13:42 schrieb Steffen : > > > In the mod_md 2.4 (not in trunk) documentation > https://httpd.apache.org/docs/2.4/mod/mod_md.html > > > I see three times: > > MDCertificateAgree

Re: mod_md, le rename Evgeniy and Ameet

Hi Evgeniy Can you help Stefan work part this issue? Thanks a lot On Dec 13, 2017 11:38 AM, "Stefan Eissing" wrote: To all early adopters of mod_md: I just found out that my config rename in v1.1.0 is not backward compatible for several, valid configurations. If you deplay the new version (or

Re: mod_md 1.1.0 build warnings

Is fixed with Revision 1818031 On Wednesday 13/12/2017 at 13:46, Steffen wrote: Not serious (I think): mod_md.c(285): warning C4003: not enough actual parameters for macro 'APLOGNO' mod_md.c(307): warning C4003: not enough actual parameters for macro 'APLOGNO' mod_md.c(784): warning C40

Re: mod_md and ManagedDomain

Stefan wrote: /Code request for a Windows Service restart call: 0/ I started some time ago a discussion at: https://github.com/icing/mod_md/issues/17 There I want it as an option for Windows. The discussion resulted in the MDNotifyCmd which makes me very happy, a script can now do the job an

Re: mod_md 1.1.0 repeating on error

Luca says: executing scripts in response to an event I hope you are aware of the MDNotifyCmd, which is executing a script on the event that a renew is OK. I am not a coder: for me looks it not that difficult to make an Else statement when it is NOT_OK. To notify on error is much

Re: mod_md 1.1.0 repeating on error

Hi Steffen, 2017-12-12 19:20 GMT+01:00 Steffen : > > > Your advise is that I stop testing/ helping ? Please answer this question. > If yes, then I have to remove the test mod_md download from Apache Lounge > and cannot give anymore support there to the users I represent. Do not > under estimate

Re: mod_md 1.1.0 repeating on error

Help ! Your reaction makes me very sad that you accuse me. Other dev’s are slilence about mod_md, as you said before: they are shoulder clapping etc. And you said: You got to be kiddding me! Afterwords maybe better that I was also more silent. But on the other-hand we did not discovered all th

Re: mod_md 1.1.0 repeating on error

There is so much personal offence and mal-attribution in this mail, I am not sure where you get that from. I ask you to take a deep breath and consider what you want here. Just because I do what I feel is right does not make me your enemy. Give me a break. -Stefan > Am 12.12.2017 um 16:19 sch

Re: mod_md 1.1.0 repeating on error

- No, I will not change the endless retry behaviour. I still not see the reason for retries on all the errors, I am not aware of other modules doing it this way. But Ok, when mdnotifycmd on error is added (see other post feature request). Then I vote a SUPER +1 for an experimental relea

Re: mod_md 1.1.0 repeating on error

> Am 12.12.2017 um 14:37 schrieb Steffen : > > The curl error was just to show you the debug log entries which you asked. > > This curl error we discussed by mail already in the very beginning (mod_md > does not work with curl openssl on Windows). > > 1.1.0 is working fine so far. > > I am

Re: mod_md 1.1.0 repeating on error

The curl error was just to show you the debug log entries which you asked. This curl error we discussed by mail already in the very beginning (mod_md does not work with curl openssl on Windows). 1.1.0 is working fine so far. I am only testing rare cases (you asked to test). Steffen O

Re: mod_md 1.1.0 repeating on error

*without* introducing new ones, I meant. Please provide a log. > Am 12.12.2017 um 14:21 schrieb Stefan Eissing : > > > >> Am 12.12.2017 um 14:17 schrieb Steffen : >> >> To be clear : As I said the curl error I have introduced (by my self), so I >> know exactly what is wrong. > > Ah, that wa

Re: mod_md 1.1.0 repeating on error

> Am 12.12.2017 um 14:17 schrieb Steffen : > > To be clear : As I said the curl error I have introduced (by my self), so I > know exactly what is wrong. Ah, that was not clear to me. So, what is the error happening with you introducing new ones? Is there nothing to see in the logs or did I

Re: mod_md 1.1.0 repeating on error

To be clear : As I said the curl error I have introduced (by my self), so I know exactly what is wrong. Your reply shows me that you want to keep the endless retry loop. I the worst case a user can end with a non working SSL because a certificate is not renewed. Why is it retried again an

Re: mod_md 1.1.0 repeating on error

And btw. what is the Windows OS version that your server runs on? And since you had mod_md running before, what did change in relation to Windows and the curl you use? > Am 12.12.2017 um 13:58 schrieb Stefan Eissing : > > > >> Am 12.12.2017 um 13:47 schrieb Steffen : >> >> It was happening be

Re: mod_md 1.1.0 repeating on error

> Am 12.12.2017 um 13:47 schrieb Steffen : > > It was happening before 1.1.0, but i did not give it attention, seen it in > several situations which all I unfortunate cannot recall (see the retries as > example https://github.com/icing/mod_md/issues/52and > https://github.com/icing/mod_md/is

Re: mod_md 1.1.0 repeating on error

It was happening before 1.1.0, but i did not give it attention, seen it in several situations which all I unfortunate cannot recall (see the retries as example https://github.com/icing/mod_md/issues/52 and https://github.com/icing/mod_md/issues/62 ). It is a more serious issue then I though

Re: mod_md 1.1.0 repeating on error

Can you switch to "LogLevel md:debug" for a while and send me the details? Did this start on the v1.1.0 or before that? > Am 11.12.2017 um 16:09 schrieb Steffen : > > > Running 1.1.0 with the new naming. > > When mod_md encounters an error it looks like it is going in a endless loop: > > > [

Re: mod_md and ManagedDomain

> On Dec 11, 2017, at 9:09 AM, Steffen wrote: > > > A cause for minimal participation can be that dev is going with git. > > Mentioned Issues and Requests are at https://github.com/icing/mod_md/issues > and not at a httpd list. > > The renaming dis

Re: mod_md and ManagedDomain

On 12/11/2017 05:08 AM, Stefan Eissing wrote: There are important questions on how we progress the design of the server. I have asked for participation and feedback on the design of ACME support in httpd since April. Shoulder clapping, "go ahead!", "fine!". Answers to design questions: not rea

Re: mod_md and ManagedDomain

On Dec 11, 2017 08:55, "Stefan Eissing" . Documentation update is still outstanding, but I assume merging those in is not really a voting issue. Docs are CTR. Might be an issue for some to introduce undocumented changes in the maintenance branch, but is easily remedied.

Re: mod_md and ManagedDomain

The following change has been made to trunk: - mod_md v1.1.0 with renamed configuration directives: "ManagedDomain" -> "MDomain" " " Am 11.12.2017 um 15:09 schrieb Steffen : > > > A cause for minimal participation can be that dev is going with git. > > Mentioned Issues and Requests are at

Re: mod_md and ManagedDomain

A cause for minimal participation can be that dev is going with git. Mentioned Issues and Requests are at https://github.com/icing/mod_md/issues and not at a httpd list. The renaming discussion was one of the mod_md sporadic posts on the dev list at a late moment. Do not feel kidding, I t

Re: mod_md and ManagedDomain

I am a SUPER +1 on the design, architecture, etc... As far as the naming, it seems like a bikeshed to me... JFDI ;) > On Dec 11, 2017, at 5:08 AM, Stefan Eissing > wrote: > > >> Am 08.12.2017 um 19:35 schrieb William A Rowe Jr : >> >> On Tue, Dec 5, 2017 at 8:03 AM, Luca Toscano wrote: >>>

Re: mod_md and ManagedDomain

Hi Stefan, 2017-12-11 11:08 GMT+01:00 Stefan Eissing : > > > Am 08.12.2017 um 19:35 schrieb William A Rowe Jr : > > > > On Tue, Dec 5, 2017 at 8:03 AM, Luca Toscano > wrote: > >> Maybe ManagedDomain and , as iiuc we are going to > use > >> for SSLPolicy? > > > > Just an observation, http://httpd

Re: mod_md and ManagedDomain

> Am 11.12.2017 um 11:08 schrieb Stefan Eissing : > > >> Am 08.12.2017 um 19:35 schrieb William A Rowe Jr : >> >> On Tue, Dec 5, 2017 at 8:03 AM, Luca Toscano wrote: >>> Maybe ManagedDomain and , as iiuc we are going to use >>> for SSLPolicy? >> >> Just an observation, >> http://httpd.apach

Re: mod_md and ManagedDomain

> Am 08.12.2017 um 19:35 schrieb William A Rowe Jr : > > On Tue, Dec 5, 2017 at 8:03 AM, Luca Toscano wrote: >> Maybe ManagedDomain and , as iiuc we are going to use >> for SSLPolicy? > > Just an observation, > http://httpd.apache.org/docs/trunk/mod/quickreference.html > illustrated that we ha

Re: mod_md and ManagedDomain

On Tue, Dec 5, 2017 at 8:03 AM, Luca Toscano wrote: > Maybe ManagedDomain and , as iiuc we are going to use > for SSLPolicy? Just an observation, http://httpd.apache.org/docs/trunk/mod/quickreference.html illustrated that we have no verbs in directive block titles, thus far. or followed by Ma

Re: mod_md and ManagedDomain

Restarting from this proposal to make a summary: 2017-12-04 14:16 GMT+01:00 Stefan Eissing : > Not much input regarding this naming change. Personally, I like to keep > ' > I propose the following changes: > > 1. The simple, single line 'ManagedDomain' will be renamed to 'MDGroup' > 2. The not so

Re: mod_md and ManagedDomain

My 2c :) 2017-12-07 16:32 GMT+01:00 Eric Covener : > > Perhaps a more schematic view will clear things up > > > > mod_md: generates certfiicates for domains > > mod_ssl: Load certificates for domains. If mod_md is present and > > manages a domain, mod_ssl is supposed to use mod_md ones instead of

Re: mod_md and ManagedDomain

probably I don't stumble into #httpd enough :P . I'm ezra-s there btw. 2017-12-07 16:32 GMT+01:00 Eric Covener : >> Perhaps a more schematic view will clear things up >> >> mod_md: generates certfiicates for domains >> mod_ssl: Load certificates for domains. If mod_md is present and >> manages a d

Re: mod_md and ManagedDomain

> Perhaps a more schematic view will clear things up > > mod_md: generates certfiicates for domains > mod_ssl: Load certificates for domains. If mod_md is present and > manages a domain, mod_ssl is supposed to use mod_md ones instead of > those manually given through file paths. Think about people

Re: mod_md and ManagedDomain

On Thu, Dec 7, 2017 at 8:34 AM, Steffen wrote: > I find the word Managed in ManagedDomain and MD in the other settings already > confusing, are not easy recognized. > > In fact lots of settings are managing domain(s). > > What does mod_md manage ? > > For me mod_md manages in the area of SSL(cert

Re: mod_md and ManagedDomain

2017-12-07 14:34 GMT+01:00 Steffen : > I find the word Managed in ManagedDomain and MD in the other settings already > confusing, are not easy recognized. > > In fact lots of settings are managing domain(s). > > What does mod_md manage ? A basic understanding or reading of the mod_md page will te

Re: mod_md and ManagedDomain

I find the word Managed in ManagedDomain and MD in the other settings already confusing, are not easy recognized. In fact lots of settings are managing domain(s). What does mod_md manage ? For me mod_md manages in the area of SSL(certificates automation). To be more easy to recognize, I pr

Re: mod_md and ManagedDomain

On 12/05/2017 10:48 AM, Stefan Eissing wrote: Ok, so that something good comes out of all this: Rich just promised to sing at the next ApacheCon, right Rich? If I did, I must have had too much scotch ... "Keys", by ManagedDomainFormerlyCalledYouKnowWhat: "You don't conf certificates to

Re: mod_md and ManagedDomain

Ok, so that something good comes out of all this: Rich just promised to sing at the next ApacheCon, right Rich? "Keys", by ManagedDomainFormerlyCalledYouKnowWhat: "You don't conf certificates to turn me on, I just give encryption, baby, from dusk till dawn." Cheers, Stefan > Am 05.12.2017

Re: mod_md and ManagedDomain

hahaha I understand it it may seem silly to discuss this or that name I think it will be of great benefit to find a good name in the long run, to make it easy to recognize and/or user support. 2017-12-05 15:06 GMT+01:00 Stefan Eissing : > ? > >> Am 05.12.2017 um 15:03 schrieb Luca Toscano : >>

Re: mod_md and ManagedDomain

? > Am 05.12.2017 um 15:03 schrieb Luca Toscano : > > Maybe ManagedDomain and , as iiuc we are going to use > for SSLPolicy? > > Luca > > 2017-12-05 14:47 GMT+01:00 Stefan Eissing : > Totally agree with you. If you make a better proposal that avoids existing > overlaps, I might just pick it

Re: mod_md and ManagedDomain

Just another idea: or perhaps MDDomain, to easily identify it is to specify domains managed by mod_md? 2017-12-05 15:03 GMT+01:00 Luca Toscano : > Maybe ManagedDomain and , as iiuc we are going to use > for SSLPolicy? > > Luca > > 2017-12-05 14:47 GMT+01:00 Stefan Eissing : >> >> Totally agree w

Re: mod_md and ManagedDomain

Maybe ManagedDomain and , as iiuc we are going to use for SSLPolicy? Luca 2017-12-05 14:47 GMT+01:00 Stefan Eissing : > Totally agree with you. If you make a better proposal that avoids existing > overlaps, I might just pick it up. > > -Stefan > > > Am 05.12.2017 um 14:40 schrieb Luca Toscano :

Re: mod_md and ManagedDomain

Totally agree with you. If you make a better proposal that avoids existing overlaps, I might just pick it up. -Stefan > Am 05.12.2017 um 14:40 schrieb Luca Toscano : > > Hi Stefan, > > 2017-12-04 14:16 GMT+01:00 Stefan Eissing : > Not much input regarding this naming change. Personally, I like

Re: mod_md and ManagedDomain

Hi Stefan, 2017-12-04 14:16 GMT+01:00 Stefan Eissing : > Not much input regarding this naming change. Personally, I like to keep > ' > I propose the following changes: > > 1. The simple, single line 'ManagedDomain' will be renamed to 'MDGroup' > I personally find the renaming a bit confusing, si

Re: mod_md and ManagedDomain

+1! > On Dec 4, 2017, at 8:16 AM, Stefan Eissing > wrote: > > Not much input regarding this naming change. Personally, I like to keep > ' > I propose the following changes: > > 1. The simple, single line 'ManagedDomain' will be renamed to 'MDGroup' > 2. The not so intuitive differences betwe

Re: mod_md and ManagedDomain

On 12/04/2017 08:16 AM, Stefan Eissing wrote: Not much input regarding this naming change. Personally, I like to keep ' Sounds good to me.

Re: mod_md backports and happy turkey day

Before Xmas would be a good target date. Status: - The minimal mod_md changes for mod_ssl have the necessary votes. - mod_md is in renaming limbo - SSLPolicy is in renaming limbo and also stalled on the backport changes > Am 30.11.2017 um 15:08 schrieb Jim Jagielski : > > FWIW, I'd like to s

Re: mod_md backports and happy turkey day

FWIW, I'd like to see us maybe do a nice solid 2.4.30 around the end of the year which includes mod_md and some other useful backports.

Re: mod_md backports and happy turkey day

Re: mod_md backports and happy turkey day

I do not understand what "reported as error" means. I speculate 1. you do not want to see the INFO log on '-t' 2a. you do not want to see WARNINGS, when mod_md finds something to warn about in the config? 2b. you mean that your configuration is fine, and there should be no WARN messages at all?

  1   2   >