HP Secure Web Server for OpenVMS (based on Apache) Version 2.1 Release Notes

This document comprises the Release Notes for HP Secure Web Server for OpenVMS Version 2.1, released in November 2005. This version is based on Apache 2.0.52 and is available for both OpenVMS Alpha and i64 platforms, including Secure Sockets Layer (SSL) support via mod_ssl and OpenSSL.

Key Highlights:

• Foundation: Based on Apache 2.0.52 (Version 2.0 was based on 2.0.47, a significant upgrade from the Apache 1.3 series).

• New Features (v2.1):

  • Reintroduces suEXEC and WebDAV support (these were present in SWS 1.x but not 2.0).
  • Includes modauthkerberos.exe and modauthldap.exe modules, though they are unsupported and not fully tested.
  • The Stream-LF restriction from SWS 2.0 has been removed, with EnableMMAP now defaulting to OFF.

• New Features (v2.0, inherited by 2.1):

  • IPv6 support.
  • Enhanced UNIX compatibility (ODS-5 naming).
  • Redesigned server configuration with a new configuration menu.
  • Inclusion of new Apache modules and updated logical names.

• Changed Features (v2.1):

  • Many loadable modules are no longer loaded by default and must be uncommented in httpd.conf.
  • mod_ssl.conf is renamed to ssl.conf.
  • Introduces new directives (e.g., VMSServerTag, EnableMMAP) and obsoletes others (ServerType, Port).
  • Updated server process naming scheme and startup/shutdown procedures.

• Changed Features (v2.0, inherited by 2.1):

  • The FLUSH | NEW command syntax changed to httpd -k flush | new.
  • APACHE$FIXBG() routine and APACHE$FIXBG.EXE image were replaced by apache$$setsockopt() and APACHE$SET_CCL.EXE respectively.

Key Known Problems and Restrictions (v2.1):

• Incompatibility: SWS V2.1 is not compatible with older SWS optional kits (e.g., PERL, PHP, JAVA from V2.0, 1.1, 1.3-1) and requires specific newer versions (e.g., PERL 5.8.6, CSWSPERL V2.1, CSWSPHP V1.3, CSWS-JAVA V3.0).
• Installation: Must be installed on an ODS-5 target volume. Attempting to install on ODS-2 will fail and corrupt any existing V1.3 installation.
• PDF Corruption (IE): PDF files downloaded with Microsoft Internet Explorer may be corrupted due to incorrect handling of range headers. A workaround involves adding Header unset Accept-Ranges to httpd.conf.
• WebDAV/SSLSessionCache: WebDAV support and SSL session caching require the VDBM database manager type. SDBM and GDBM are not supported and will cause errors.
• suEXEC in Cluster: Adding a node to a cluster fails if suEXEC is enabled during the initial configuration; a workaround involves temporarily disabling suEXEC.
• APACHE$MENU.COM Issues: The "Create an Apache instance" option fails under specific conditions (e.g., non-existent target directory).
• Proxy Cache: The proxy cache feature does not serve cached files.
• Authentication: AuthUserFile/AuthGroupFile directives override mod_auth_openvms equivalents, and usernames in mod_auth_openvms must be uppercase.
• ApacheBench Tool: The ApacheBench tool fails on OpenVMS i64.