Stefan de Konink | 1 Jul 01:35 2009
Picon

Re: question about several ssl enabled virtual hosts


Michiel van Es wrote:
> How can I use diffirent ip adresses for my virtual hosts?
> I got 2 SSL virtual websites, how do I tell them to use ip adress a and 
> the other ip address b ?

It is as simple as configuring your BIND and configuring your bind ;)

Aka, configure your DNS that it has two A records for the SSL site.

> And off course if possible through the cherokee-admin interface ;)

...and go in the admin to: General -> Ports to listen and specify the
Bind to. Technically it will bind to all anyway :) so you don't even
have to worry.

Now you can create a new virtual server, enable https only if you are
paraniod, and if you really don't like your clients do something nice
with incomming port or the http hearder.

Stefan
Michiel van Es | 1 Jul 02:03 2009
Picon

Re: question about several ssl enabled virtual hosts


Stefan de Konink wrote:
> Michiel van Es wrote:
>> How can I use diffirent ip adresses for my virtual hosts?
>> I got 2 SSL virtual websites, how do I tell them to use ip adress a and 
>> the other ip address b ?
> 
> It is as simple as configuring your BIND and configuring your bind ;)
> 
> Aka, configure your DNS that it has two A records for the SSL site.
I have 2 websites with both use SSL..why should I make a round robin dns
rule per SSL website?

> 
> 
>> And off course if possible through the cherokee-admin interface ;)
> 
> ...and go in the admin to: General -> Ports to listen and specify the
> Bind to. Technically it will bind to all anyway :) so you don't even
> have to worry.
> 
> Now you can create a new virtual server, enable https only if you are
> paraniod, and if you really don't like your clients do something nice
> with incomming port or the http hearder.

How can I tell which virtual host should use ip adress A and the other
ip adress B ?

For example:

(Continue reading)

Denis Kot | 1 Jul 10:40 2009
Picon

Cherokee feels panic! (r3406)

Cherokee feels panic!
which: no dbx in
(/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.3.2)
ptrace: Operation not permitted.
/tmp/tmp.nwvumLqmO2:1: Error in sourced command file:
No symbol table is loaded.  Use the "file" command.
PID 24052: received a signal=6

what more information do you need?

Denis Kot
denis?jabber.org.by
ICQ: 13680126
Mobil: +375 29 6-1234-78
Alvaro Lopez Ortega | 1 Jul 10:46 2009

Re: Cherokee feels panic! (r3406)

On 01-jul-09, at 10:40, Denis Kot wrote:

> Cherokee feels panic!
> which: no dbx in
> (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/ 
> bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.3.2)
> ptrace: Operation not permitted.
> /tmp/tmp.nwvumLqmO2:1: Error in sourced command file:
> No symbol table is loaded.  Use the "file" command.
> PID 24052: received a signal=6
>
> what more information do you need?

A way to reproduce it would be perfect.
You could also try to get the back-trace:

# gdb cherokee-worker
(gdb) run
(gdb) bt full

--
Octality
http://www.octality.com/
Denis Kot | 1 Jul 11:25 2009
Picon

Re: Cherokee feels panic! (r3406)

# gdb cherokee-worker
GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu"...
(gdb) run
Starting program: /usr/local/sbin/cherokee-worker
[Thread debugging using libthread_db enabled]
[New Thread 0x7fe3959986f0 (LWP 26098)]
[01/06/2009 12:24:07.570] (critical) spawner.c:86 - Could initialize
SHM '/cherokee-spawner-26095': Operation not permitted

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fe3959986f0 (LWP 26098)]
cherokee_logger_writer_open (writer=0x0) at logger_writer.c:255
255             switch (writer->type) {
(gdb) bt full
#0  cherokee_logger_writer_open (writer=0x0) at logger_writer.c:255
        ret = <value optimized out>
        __func__ = "cherokee_logger_writer_open"
#1  0x00007fe3939d5920 in cherokee_logger_ncsa_init (logger=0x22c4a10)
at logger_ncsa.c:140
        ret = <value optimized out>
#2  0x00007fe3953498b6 in cherokee_server_initialize (srv=0x2267800)
at server.c:648
        re = -1818404592
        ret = ret_ok
(Continue reading)

Alvaro Lopez Ortega | 1 Jul 11:45 2009

Re: Cherokee feels panic! (r3406)

Hello Denis,

On 01-jul-09, at 11:25, Denis Kot wrote:

> (gdb) bt full
> #0  cherokee_logger_writer_open (writer=0x0) at logger_writer.c:255
>        ret = <value optimized out>
>        __func__ = "cherokee_logger_writer_open"
> #1  0x00007fe3939d5920 in cherokee_logger_ncsa_init (logger=0x22c4a10)
> at logger_ncsa.c:140

Could you please paste the output of: grep logger /path/to/ 
cherokee.conf ?

--
Greetings, alo
http://www.alobbs.com/
Alvaro Lopez Ortega | 1 Jul 12:17 2009

Re: Cherokee feels panic! (r3406)

Hello Denis,

On 01-jul-09, at 11:47, Denis Kot wrote:

> # grep logger /usr/local/etc/cherokee/cherokee.conf

It's fixed in r3407: http://svn.cherokee-project.com/changeset/3407

Cherokee was not checking whether log writers were defined.. it  
assumed they were. There is a virtual host in your configuration that  
uses the logging but does not define any log writers. That was leading  
the server to crash on startup.

You'll have to define them in the virtual server "30". That will fix  
the problem.

Thanks for reporting!!

--
Greetings, alo
http://www.alobbs.com/
Michiel van Es | 1 Jul 14:08 2009
Picon

Re: question about several ssl enabled virtual hosts

Sorry for bothering but I am trying to set up multiple SSL virtual hosts.
How does Cherokee know which https request goes to which virtual server?
(if it does not allow binding virtual hosts to diffirent ip adresses)

Kind regards,

Michiel

> 
> Stefan de Konink wrote:
>> Michiel van Es wrote:
>>> How can I use diffirent ip adresses for my virtual hosts?
>>> I got 2 SSL virtual websites, how do I tell them to use ip adress a and 
>>> the other ip address b ?
>> It is as simple as configuring your BIND and configuring your bind ;)
>>
>> Aka, configure your DNS that it has two A records for the SSL site.
> I have 2 websites with both use SSL..why should I make a round robin dns
> rule per SSL website?
> 
>>
>>> And off course if possible through the cherokee-admin interface ;)
>> ...and go in the admin to: General -> Ports to listen and specify the
>> Bind to. Technically it will bind to all anyway :) so you don't even
>> have to worry.
>>
>> Now you can create a new virtual server, enable https only if you are
>> paraniod, and if you really don't like your clients do something nice
>> with incomming port or the http hearder.
> 
(Continue reading)

Armando Camarero | 1 Jul 14:15 2009
Picon

Re: question about several ssl enabled virtual hosts

Cherokee supports TLS Server Name Indication[1], which is similar to the 
Host: field in HTTP, but for HTTPS.

Armando.

[1] http://en.wikipedia.org/wiki/Server_Name_Indication

Michiel van Es wrote:
> Sorry for bothering but I am trying to set up multiple SSL virtual hosts.
> How does Cherokee know which https request goes to which virtual server?
> (if it does not allow binding virtual hosts to diffirent ip adresses)
>
> Kind regards,
>
> Michiel
>
>   
>> Stefan de Konink wrote:
>>     
>>> Michiel van Es wrote:
>>>       
>>>> How can I use diffirent ip adresses for my virtual hosts?
>>>> I got 2 SSL virtual websites, how do I tell them to use ip adress a and 
>>>> the other ip address b ?
>>>>         
>>> It is as simple as configuring your BIND and configuring your bind ;)
>>>
>>> Aka, configure your DNS that it has two A records for the SSL site.
>>>       
>> I have 2 websites with both use SSL..why should I make a round robin dns
(Continue reading)

Stefan de Konink | 1 Jul 14:16 2009
Picon

Re: question about several ssl enabled virtual hosts

On Wed, 1 Jul 2009, Michiel van Es wrote:

> Sorry for bothering but I am trying to set up multiple SSL virtual hosts.
> How does Cherokee know which https request goes to which virtual server?
> (if it does not allow binding virtual hosts to diffirent ip adresses)

Obvious question, did you already try to set it up?

Stefan

Gmane