httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 37031] New: - Unconstructive error message with common mod_ssl configuration mistake
Date Tue, 11 Oct 2005 20:45:50 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=37031>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=37031

           Summary: Unconstructive error message with common mod_ssl
                    configuration mistake
           Product: Apache httpd-2.0
           Version: 2.0.54
          Platform: Other
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_ssl
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: sf@je-ju.net


I have a simple webserver, for which I wanted to add SSL support. So I added mod_ssl, looked
at the 
configuration.
I then found a howto, complete with the procedure for generating a (self)signed certificate.
But then 
came the hard part: there was absolutely no documentation whatsoever on how you would add
SSL 
support for even the simple case of having just one webserver, let alone several virtual domains.

I googled somewhat and vaguely remembered something I did once with Apache 1.3 and made a
copy 
of ssl.conf and added my own stuff to it. Of course I also added "Listen 443" to the ports.conf
and 
finally I added "SSLEngine On" after the check that everything was correct.

I immediately found the following error message in my error.log:

    Illegal attempt to re-initialise SSL for server (theoretically shouldn't happen!)

The last addition drew most of my attention, because it was very much possible what I was
doing and in 
my mind not very stupid either. I googled for it, but I didn't come up with much.

I finally tried to disable "SSLEngine On", leaving the rest of the configuration in and that
worked, httpd 
was even listening on port 443 (plain text, but still).

After a couple of days of letting this sink in, I finally came up with the solution, googled
for the 
configuration of virtual hosts and got it to work by changing the configuration by using a
virtual host 
for SSL.

Conclusion:
The error message is vague at best and the addition between parenthesis should be deleted

immediately. It is very much possible to make this to happen and only makes the user feel
stupid.

And it would also be nice if there was some really simple example configuration for how to
configure 
SSL. (And perhaps add the error message to the FAQ as well, because there's not a lot of google
hits for 
it that provide useful feedback).

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message