/ Zope / Apsis / Pound Mailing List / Archive / 2010 / 2010-08 / Re: [Pound Mailing List] Pound SSL 2048 Key

[ << ] [ >> ]

[ Pound SSL 2048 Key / "Alfonso Espitia" ... ] [ 2.6a testing / Joe Gooch <mrwizard(at)k12system... ]

Re: [Pound Mailing List] Pound SSL 2048 Key
Eirik Øverby <eirik.overby(at)modirum.com>		 2010-08-09 20:40:50 [ FULL ] 
On Aug 9, 2010, at 8:18 PM, Alfonso Espitia wrote:
[...]

-des3 means it should encrypt the key with a passphrase. Leave that out, and
the passphrase becomes optional.

/Eirik

[...]
RE: Pound SSL 2048 Key
Joe Gooch <mrwizard(at)k12system.com>		 2010-08-09 20:49:56 [ FULL ] 
Remove the -des3 option.

You must do the key without the passphrase so Pound can start without human
interaction.

Joe
[...]
Re: [Pound Mailing List] Pound SSL 2048 Key
Dave Steinberg <dave(at)redterror.net>		 2010-08-09 20:53:07 [ FULL ] 
On 8/9/2010 2:18 PM, Alfonso Espitia wrote:[...]

Remove the -des3 ... you're telling openssl to encrypt your key, which 
is the problem.  Don't bother - it doesn't offer any extra security.

The best ref on generating certs I've found is OpenBSD's 'ssl' manpage:

http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html

You want the section on generating server certificates for web servers.

Regards,[...]
Re: [Pound Mailing List] 2.6a testing
Albert <pound(at)alacra.com>		 2010-08-10 21:11:53 [ FULL ] 
We've been running that version with couple of minor changes (which 
I'm hoping would be added in the next release) on couple of our machines 
for the last few weeks.  Haven't seen anything unusual.  I restarted 
pound last week, and the memory consumption is inline with what we've 
seen before.

Albert

On 8/10/2010 2:43 PM, Joe Gooch wrote:[...]
Attachments:  
text.html text/html 1465 Bytes
RE: [Pound Mailing List] 2.6a testing
Joe Gooch <mrwizard(at)k12system.com>		 2010-08-10 22:21:56 [ FULL ] 
What changes if you don't mind me asking? :)

Joe
[...]
Re: [Pound Mailing List] 2.6a testing
Albert <pound(at)alacra.com>		 2010-08-10 22:56:02 [ FULL ] 
Couple of changes:
1. When using LogLevel 5, and there is a redirect, the code doesn't log 
the VirtualHost (as LogLevel=5) should.
2. More importantly (at least for us), in case of an error, pound 
doesn't put a very informative message in error logs. Specifically, if 
the error occurs after pound receives the request, and starts talking to 
the backend, I don't know what the original request was.  This results 
in some number of requests (which ended up with some sort of error) not 
being logged.  So, every time there is an error (after the client has 
sent the request), I'm trying logging the URI of the request & the 
backend.  My changes are a bit crude, and I was thinking of logging 
messages in some sort of standard format (i.e. LogLevel=2 + error 
message), but didn't want to spend to much time on it.

I'm attaching the http.c file with my changes.

Albert


On 8/10/2010 4:21 PM, Joe Gooch wrote:[...][...]
>>> Robert released 2.6a on 6/23/2010. I just thought I'd throw out
there[...]
>>> Thanks!
>>> Joe
>>>
>>>
>>>
>>> --
>>> To unsubscribe send an email with subject unsubscribe to[...]
>>> Please contact roseg(at)apsis.ch for questions.
>>>[...][...]
Attachments:  
text.html text/html 3821 Bytes
http.c text/plain 58409 Bytes
MailBoxer