Contact Us Contact Us

hpe apache-based web server v. on hp-ux 11i (pa-risc) for IPv6 - archive

  Software Depot
Electronic download
Frequently asked questions
Product details and specifications

hpe Apache-based web server on hp-ux 11i (PA-RISC) for IPv6

This archive is available for your reference. All updates and enhancements are contained in the current release of the product and customers are urged to install the current release.

what is the hpe Apache-based web server?

According to Netcraft (, the Apache Web Server dominates over 60% of today's web server market as the most popular and frequently deployed web server for publishing and serving static and dynamic web pages.

Engineered through state-of-the-art processes for the highest quality and tailored to run smoothly on the HP-UX PA-RISC architecture, HPE offers the HPE Apache-based Web Server as a total solution for web server deployment. The Open Source Apache Web Server 2.0 software (ASF version 2.0.43) developed by the Apache Software Foundation (Apache HTTP Server Project described at serves as the base for the HPE Apache-based Web Server.

Apache 2.0 is a significant enhancement over the Apache 1.3.x line from ASF with many architectural improvements that increase Apache's power and flexibility while retaining its legendary stability as the world's most popular web server. In addition to the base HTTP server, HPE has combined numerous popular modules from other Open Source projects as well as provided HPE value-added features just for the HP-UX platform.

This product supports IPv6 on HP-UX 11i servers and workstations. IPv6 offers a greatly expanded number of Internet addresses, more complete security and authentication, and greater ease of manageability and configuration over IPv4. See the "system requirements" below and the IPv6 Admin Guide in the bundle for more information.

Note: HPE Apache-based Web Server for IPv6 will not start without the HP-UX 11i IPv6 product installed. To download HPE Apache-based Web Server 2.0.43 for IPv4, click here.

what's new with HPE Apache-based web server v.2.0.43?

HPE Apache

       This version of HPE Apache is principally a security-fix and bug-fix release.

  • Apache 2.0.43: Addresses and fixes three security vulnerabilities in this release:
    1. CAN-2002-0840: cross-site scripting vulnerability in the default error page when using wildcard DNS.
    2. CAN-2002-1156: Prevent POST requests for CGI scripts from serving the source code when DAV is enabled on the location. This only affected Apache version 2.0.42.
    3. CAN-2002-0843: possible overflows in ab.c which could be exploited by a malicious server.
    For more information about the security vulnerabilities, go to, and search for:
         CAN-2002-0839, CAN-2002-1156, CAN-2002-0843

    Highlights of enhancements and bug-fixes included in this release:

    • mod_cache fix.
    • mod_ssl dbm session cache support fix for mutex problem.
    • UserDir directive accepts list of directories, as in 1.3.x.
    • mod_cache's CacheMaxStreamingBuffer directive works within virtual hosts.
    • Pass the WWW-Authenticate header on a 4xx responses from the proxy.
    • Due to changes in Apache's API, all modules built with previous versions of Apache must be recompiled. More information can be found in the HPE Apache Admin Guide.
  • mod_perl 1.99_07: Numerous enhancements and bug-fixes.
Security Advisories Previously Addressed
This release contains all changes from previous HPE Apache releases including the following security advisories:
  Apache 2.0.39 CA-2002-17 (
CAN-2002-0392 (
  OpenSSL 0.9.6g CAN-2002-0656, CAN-2002-0657, CAN-2002-0655 (
  PHP 4.2.2 CA-2002-21 (

why use the HPE Apache-based web server?

From displaying information on simple, static web pages to serving as a secured e-Commerce store handling many simultaneous clients, today's web site must support a wide variety of technologies. To meet these needs, HPE offers customers the HPE Apache-based Web Server for their HP-UX PA-RISC environment.

  • investment protection by leveraging the Open Source community and industry effort in continuous, leading-edge development of the most popular web server. HPE has bundled many valuable technologies with the core Apache web server to provide a highly optimized web server solution. HPE customers receive direct cost savings because the HPE Apache-based Web Server is absolutely free and is pre-bundled with the HP-UX Operating Environment.
  • rich and flexible features with breadth when compared to other commercial web servers, new functionality is easily added with Perl, C and C++ server modules. Server-side Java technologies are supported through Tomcat servlets and JSP. Delivery of dynamic data is quick and easy using the PHP scripting language and its built-in database connectivity. WebDAV provides efficient remote web publishing and content management.
  • security you can trust for secure transactions with full strength 128-bit/168-bit encryption using the bundled solution of RSA's BSAFE Crypto-C libraries and the most popular Open Source security modules, mod_ssl and OpenSSL. The HPE Apache-based Web Server also supports Digital Badge/certificate and authentication, secure HTTP client authentication using LDAP, and file system security (Chroot) to provide additional layers of protection from intruders. The HPE Apache-based Web Server offers high-speed data encryption so HPE customers don't have to sacrifice performance for good security.
  • simple, easy, and out-of-the-box is what HPE customers can expect. The HPE Apache-based Web Server allows customers to install in simple steps and manage using easy-to-use, web-based admininstration with customization capability. The HPE Apache-based Web Server is available as a free web download or pre-bundled with HP-UX.

product specifications

  • Apache Web Server v.2.0.43 from ASF, built with worker MPM

  • Modules statically included: core, http_core, mod_so, worker
    Other standard modules dynamically included: mod_access, mod_actions, mod_alias, mod_asis, mod_auth, mod_auth_anon, mod_auth_dbm, mod_auth_digest, mod_autoindex, mod_cache, mod_cache_filter, mod_cache_filter_in, mod_cern_meta, mod_cgi, mod_cgid, mod_dav, mod_dav_fs, mod_dir, mod_disk_cache, mod_env, mod_expires, mod_ext_filter, mod_file_cache, mod_headers, mod_imap, mod_include, mod_info, mod_log_config, mod_mime, mod_mime_magic, mod_negotiation, mod_proxy, mod_proxy_connect, mod_proxy_ftp, mod_proxy_http, mod_rewrite, mod_setenvif, mod_speling, mod_ssl, mod_status, mod_unique_id, mod_userdir, mod_usertrack, mod_vhost_alias
  • mod_suexec
  • allows CGI and SSI programs to run under user IDs different from the user ID of the web server.
  • IPv6 capability is incorporated into this product. Since HPE Apache-based Web Server is dependent on other products such as Java and Perl, this version of the web server may or may not work the same as in the HPE Apache-based Web Server for IPv4 product. Read the "system requirements" below, as well as the documentation provided in the bundle. This product can be used in either IPv4 or IPv6 mode and includes the same feature set as the IPv4 HPE Apache product.
  • The enhanced Apache Application Programmable Interface (API/APR) increases portability of customized and third-party modules by isolating platform-specific implementations.
  • Worker MPM (Multi-Processing Module) offers better scalability and robustness in load balancing than Apache 1.3.
  • WebDAV (Web-based Distributed Authoring and Versioning) permits users to create, move, copy, and delete files and directories remotely for easier web publishing and content management.

hpe-added features for v.2.0.43:

  • Modules dynamically included: auth_ldap, mod_jk, mod_perl, mod_php4
  • RSA's BSAFE Crypto-C Library v.5.2 has U.S. Commerce approval for worldwide export of 128-bit encryption
  • OpenSSL v.0.9.6g is an Open Source toolkit that implements the SSL/TLS security protocols.
  • Chroot enables a named directory to become the root directory to protect the root file system.
  • auth_ldap v.1.5.4 authenticates users by utilizing entries in an LDAP directory. auth_ldap supports iPlanet (Netscape) Directory Server and OpenLDAP. auth_ldap can be configured to use the Stunnel program for secure SSL queries to the LDAP server.
  • mod_jk v.1.2 is the servlet connector to Tomcat that replaces mod_jserv servlet connector found in previous versions of HPE Apache. mod_jk can use either the original ajpv12 protocol or the newer ajpv13 protocol.
  • mod_perl v.1.99_07 makes it possible to write Apache modules entirely in Perl. In addition, the persistent interpreter embedded in the server avoids the overhead of starting an external interpreter for each Perl CGI request. mod_perl is configured for Perl v.5.6.1.
  • PHP v.4.2.2 is an HTML embedded, server-side, cross-platform, scripting language with support for database access. It also supports Oracle 8.1.6 database connectivity using PHP extensions.
  • Tomcat v.3.3.1 is a servlet container which is compliant with Java Servlets 2.2 and JavaServer Pages 1.1 specifications.
  • Support for loading customized Apache Modules implemented in C++.
  • Webmin v.0.980 is a web-based administration and configuration tool from Webmin. It has been enhanced to handle administration and configuration for the HPE Apache-based Web Server 2.0.
  • Automatic Restart of Apache/Tomcat/Webmin on reboot. More information on customization configuration of this feature can be found in the Admin Guide.
  • apr_shm is a 2-layer abstraction library which simplifies the usage of shared memory between forked processes on Unix platforms. apr_shm supports session caching using either hash tables or circular buffers. apr_shm replaces Shmem support that was in previous versions of HPE Apache 2.x and MM support that was in HPE Apache 1.3.x.
  • certmig makes it possible to share certificates between the iPlanet Web Server, Enterprise Edition, and any server that supports PKCS #12 formats possible. The certmig utility is an extension of the pk12util utility, provided by the Mozilla community. In addition to the pk12util functionality, certmig lists and extracts certificates from iWS 4.x certificate databases. This tool has a helper script,
  • alternate root utility moves HPE Apache to another directory after it is installed in its default location.
  • cache utility helps create a caching file for improved Apache performance.
  • chroot utility copies commonly used HPE Apache files into the chroot directory.
  • mkcert utility generates private keys, certicate signing requests, and certificates for the Certificate Authority (CA), server, and client.
  • ports utility reads and displays the ports for all the components currently configured in the bundle.
  • stunnel utility starts and stops the Stunnel encryption program.
  • test certmig utility tests importing and exporting certificates from a Netscape Certificate Database.
  • Example modules for developers (mod_hello, mod_example, mod_echo).
  • HPE integration, testing and optimization for smooth deployment in the HP-UX environment.
  • Documentation created specifically for HPE Apache including FAQs, user, administration and migration guides.

system requirements

The installation path is /opt/hpapache2/.

The HPE Apache-based Web Server can be installed on HP-UX 11i (PA-RISC). In addition, the following are bundle requirements. Since the product supports both IPv4 and IPv6, these requirements are different if the component uses IPv4 or IPv6 networking calls. For example, since Perl does not currently support IPv6, CGI scripts will return failure for any calls to gethostbyname() for IPv6 addresses. IPv4 addresses will return successfully. Details are provided in the IPv6 Admin Guide bundled with the product.

  1. Binaries are dependent on the B.11.32 or later versions of ld and libdld. To determine the version on your machine, type ld -V and what /usr/lib/ at the command line. Install
    • PHSS_26559 for HP-UX 11.00 or
    • PHSS_26560 for HP-UX 11i (11.11)
    or later to solve this problem.
  2. If you have previously installed the Technology Preview of the HPE Apache-based Web Server 2.0.0, completely remove the product and the installation directory (/opt/hpapache2) before installing this product. For more information, see the installation link below.
  3. IPv6 Support
    • HP-UX 11.0: IPv6 is not supported
    • HP-UX 11i (11.11): IPv6 requires a separate (free) IPv6 product to be installed. The product Number is T1306AA.
      The IPv6 Product is available at HPE Software Depot using search keywords: T1306AA, or directly go here
  4. Tomcat Java Support
    • IPv6 Java support requires Java 1.4.
    • IPv4 Java support requires HPE JRE 1.3 or higher to be used.
    If your web application uses JSPs (Java Server Pages) then you will also need the JDK (Java Development Kit) so you can compile the JSPs.
    The latest versions of Java can be downloaded from
  5. mod_perl Support:
    • IPv6 Perl support not available at this time.
    • IPv4 Perl support requires Perl 5.6.1, downloadable from HPE Software Depot using the search keywords: Perl v.5.6.1, or directly go here.
  6. Webmin Support:
    Depends on Perl 5. More information on Perl support for IPv4 / IPv6, refer to the mod_perl section above.
  7. Building DSOs using apxs (Apache Extension Tool) depends on Perl. The expected location for Perl is /opt/perl/bin/perl. Either download and install Perl as described for mod_perl, or change the path in the apxs script to the Perl location installed on your machine.

IPv6 Functionality Supported

Since HPE Apache-based Web Server is dependent on other products such as Java and Perl, HPE Apache-based Web Server may or may not work the same as in the IPv4 HPE Apache-based Web Server product.
  1. Complete Support
    The following components work on IPv6 platform, and all the functionality of IPv6 is also implemented.
    • Apache Core
    • SSL
    • PHP
    • SSI
    • CGI (C-based and shell script)
    • Tomcat
    • Servlets
    • JSP

  2. Partial Support
    Although the following components work on the IPv6 platform, they may not behave correctly for networking calls related to IPv6 address, due to lack of underlying support.

    • OpenSSL
      OpenSSL does not have support for IPv6. However, on an IPv6 machine, it could still be used in IPv4 mode.
    • mod_ssl
      Since HPE Apache-based Web Server implements the SSL using the OpenSSL library, mod_ssl does not support IPv6 addresses.
    • ab and OpenSSL
      /opt/hpapache2/bin/ab implements SSL using OpenSSL. Since OpenSSL does not have support for IPv6, ab does not either.
    • Stunnel
      Stunnel currently does not have IPv6 capabilities, i.e. it cannot listen on IPv6 addresses. Therefore, when one starts Stunnel they need to specify an IPv4 address/port for Stunnel. Hence your auth_ldap configuration should point to the IPv4 address/port that Stunnel is listening on.
    • SSL clients
      Currently, there are no SSL clients available from HPE on HP-UX for IPv6. However, one could use the standard SSL clients in IPv4 mode.

    • CGI (Perl-based)
    • mod_perl
    • Webmin
      CGI scripts or Perl modules written in Perl will return failure for any calls to gethostbyname() for the IPv6 addresses, as Perl does not support IPv6. Hence, CGI, mod_perl and Webmin are supported only in IPv4 mode.

    • LDAP connectivity
      If your LDAP server is not IPv6 capable, then you will need to configure your auth_ldap to connect to the LDAP server using the IPv4 address.

    • WebDAV
      Currently there are no IPv6 compatible clients for WebDAV. Hence, WebDAV with IPv6 addresses is not supported for this release of HPE Apache-based Web Server.

technical support

  • HPE Apache-based Web Server is supported by the HPE Worldwide Response Centers for customers with an HP-UX support contract.

Date released: 2002/10/18

Additional product information
Product #: B9416BAPA2043
Software specification: