| Oracle® Application Server Release Notes 10g Release 3 (10.1.3.2) for Microsoft Windows B32199-05 |
|
 Previous |
 Next |
| Oracle® Application Server Release Notes 10g Release 3 (10.1.3.2) for Microsoft Windows B32199-05 |
|
Previous |
Next |
This chapter describes issues associated with Oracle HTTP Server. It includes the following topics:
This section contains the following topics:
In the Oc4jMount directive, weighted load balancing works only when the destinations are instances or clusters. Weighted load balancing does not work for AJP13 destinations. For AJP13 destinations, the load is distributed evenly in a round-robin manner. For example, if your mod_oc4j.conf file contains the following lines, Host_A and Host_B will get an equal number of requests despite the settings in the Oc4jRoutingWeight directives.
Oc4jSelectMethod roundrobin:weighted Oc4jRoutingWeight Host_A 1 Oc4jRoutingWeight Host_B 25 Oc4jMount /j2ee ajp13://Host_A:<AJP Port>,Host_B:<AJP Port> Oc4jMount /j2ee/* ajp13://Host_A:<AJP Port>,Host_B:<AJP Port> # Instance weighted routing work as expected #Oc4jMount /j2ee instance://Host_A:home,Host_B:home #Oc4jMount /j2ee/* instance://Host_A:home,Host_B:home
A possible workaround to achieve weighted load balancing for AJP13 destinations is to specify the same host multiple times in the Oc4jMount directive. The following example specifies Host_B twice.
Oc4jMount /j2ee ajp13://Host_A:<AJP Port>,Host_B:<AJP Port>,Host_B:<AJP Port>
This section describes documentation errata. It includes the following topic:
Section 5.2.2, "Log Level Choices for Configuring IIS Listener for Single Sign-On are Incorrect"
Section 5.2.3, "Correction to SSLCARevocationFile Directive Description"
Section 5.2.4, "Correction to SSLCARevocationPath Directive Description"
Section 5.2.5, "Incorrect Tags Listed for 40-Bit and 56-Bit Export Ciphers"
Section 5.2.6, "Incorrect Web Address for mod_php Extensions Information"
Oracle HTTP Server is based on Apache version 1.3.34.
The "Configuring IIS Listener for Single Sign-On" section in Oracle HTTP Server Administrator's Guide incorrectly states that the valid log levels are debug, inform, error, and emergency.
The valid log levels are debug, inform, error, and emerg.
The description for the SSLCARevocationFile directive in Oracle HTTP Server Administrator's Guide, Chapter 10, "Enabling SSL for Oracle HTTP Server," should be corrected as follows:
Specifies the file where you can assemble the Certificate RevocationLists (CRLs) from CAs (Certificate Authorities) that you accept certificates from. These are used for client authentication. Such a file is the concatenation of various PEM-encoded CRL files in order of preference. CRL files should be from a single issuer. Files specified by SSLCARevocationFile should not be hashed. There should be only one SSLCARevocationFile entry; if there are multiple entries, then the last one will be used. SSLCARevocationFile can be used alternatively and/or additionally to SSLCARevocationPath.
The description for the SSLCARevocationPath directive in Oracle HTTP Server Administrator's Guide, Chapter 10, "Enabling SSL for Oracle HTTP Server," should be corrected as follows:
Specifies the directory where PEM-encoded Certificate Revocation Lists (CRLs) are stored. These CRLs come from the CAs (Certificate Authorities) that you accept certificates from. If a client attempts to authenticate itself with a certificate that is on one of these CRLs, then the certificate is revoked and the client cannot authenticate itself with your server.
CRL files in the SSLCARevocationPath directory must be hashed. You can find the instructions to hash a CRL in Oracle Application Server Administrator's Guide, Section 11.2.5.2.1, "Renaming CRLs with a Hash Value for Certificate Validation." Note that orapki creates a file with a ".rN" extension. SSLCARevocationPath will not work with this extension and it is still possible to access with a revoked certificate. To get it to work with Oracle HTTP Server, change the extension from ".rN" to ".r0".
SSLCARevocationPath can be used alternatively and/or additionally to SSLCARevocationFile.
Table 10-1, "SSLCipher Suite Tags", in the Oracle HTTP Server Administrator's Guide listed incorrectly the aliases for the 40-bit and the 56-bit export ciphers.
For 40-bit export cipher, do not use EXP40. Use EXPORT40 instead.
For 56-bit export cipher, do not use EXP56. Use EXPORT56 instead.
The Web site provided for additional information on mod_php extensions was incorrect. The correct Web site is
