Hello Team,
We received vulnerability alert from Security team for "Apache Tomcat AJP
File Inclusion Vulnerability (unauthenticated check)" and for
remediation they suggested to updated tomcat with latest version.
Can you please help to resolve same without upgrading the existing version
i.e
Hi Chris,
no, the status unfortunately is not available as an Apache env var.
mod_proxy_ajp has a builtin provision for automatic env var forwarding:
alle env vars named AJP_SOMETHING will be forwarded as request attribute
SOMETHING. But I see no easy way of detecting drain mode and setting
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 3/4/20 05:55, Dave Ford wrote:
> On Fri, 2020-02-28 at 13:39 +, Rathore, Rajendra wrote:
>> Caused by: java.lang.IllegalArgumentException: The AJP Connector
>> is configured with secretRequired="true" but the secret attribute
>> is either
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
At $work, we use mod_jk for proxying and I'd like to move to
mod_proxy_ajp with an eye toward moving to mod_proxy_http eventually.
We use the JK_LB_ACTIVATION state to perform load-balanced
node-draining[1] for maintenance and I'm trying to
Am 06.03.20 um 15:41 schrieb Christopher Schultz:
> Markus,
>
> On 3/5/20 13:44, i...@flyingfischer.ch wrote:
> > Try SSLProtocol="TLSv1.2" (mind the case) instead of
> > sslProtocol="-all +TLSv1.2".
>
> This is correct when using either OpenSSL or JSSE. "sslProtocol" will
> only work for JSSE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Thomas,
On 3/4/20 19:37, Thomas Glanzmann wrote:
> allowedRequestAttributesPattern=JK_LB_ACTIVATION
Note that JK_LB_ACTIVATION is already in the list of white-listed
attribute names. You should probably not have to set this
configuration
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Piyush,
On 3/5/20 14:40, Piyush Kumar Nayak wrote:
> Thanks Mark, Two connector configs works. Any ideas, on why the
> behavior if different for ISAPI and mod_jk modules?
What do your configurations look like for each module?
- -chris
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
John,
On 3/5/20 13:30, rugman66 . wrote:
> I have both Apache and Tomcat running on the same RHEL. I have
> successfully configured Apache to use OpenSSL TLSv1.2, but I cannot
> get Tomcat to use TLSv1.2. Tomcat for some reason
>
> will only use
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Markus,
On 3/5/20 13:44, i...@flyingfischer.ch wrote:
> Try SSLProtocol="TLSv1.2" (mind the case) instead of
> sslProtocol="-all +TLSv1.2".
This is correct when using either OpenSSL or JSSE. "sslProtocol" will
only work for JSSE configuration, and
On 06/03/2020 06:46, Thomas Glanzmann wrote:
> the issue seems to be that mod_jk no longer works without a password
> with tomcat7. So you need to set a password on both sites, and than
> everything works again.
This is not the case. Tomcat can be configured so a secret is not required.
>
> . wrote:
>>On 2020-03-05 at 23:10 rugman66 wrote:
> On Thu, Mar 5, 2020 at 10:44 AM i...@flyingfischer.ch
> wrote:
>> Try SSLProtocol="TLSv1.2" (mind the case) instead of sslProtocol="-all
>> +TLSv1.2".
>>
>> Had this issue too. The connector parameters for SSL are a huge mess and
>> have
11 matches
Mail list logo