httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jose Correia (J)" <>
Subject RE: mod-ssl and authz modules
Date Mon, 26 Aug 2002 15:01:50 GMT
Thanks Dirk.

I do have open-ssl installed (vs 2.8.4-1.3.20) and I think I did run
that option when I installed it. When I sent you the httpd.conf file I
didn't send the commented out lines, which included:

#SSLCertificateFile /opt/apache/conf/ssl.crt/server.crt
#SSLCertificateFile none
#SSLCertificateFile /opt/apache/conf/ssl.crt/server-dsa.crt

Must I enable the first one or the third one? I think the first one
because we are using RSA right?

I took a look at the first above certificate pass and it does exist.

I'll try this first and if it doesn't work, I'll use your script files
(which I thank you very much for).


-----Original Message-----
From: Dirk-Willem van Gulik []
Sent: 26 August 2002 16:32
To: Jose Correia (J)
Subject: RE: mod-ssl and authz modules

> "[Mon Aug 26 16:10:39 2002] [error] mod_ssl: Init: Server
> should be SSL-aware but has no
> configured [Hint: SSLCertificateFile]"
> Does SSL always require a certificate...? I just want basic
> authentication but no certificate authentication... maybe I'm
> the point and one does need at least some kind of fake certificate
> bypass this??

Though not strictly needed - in practice SSL needs at the very least a
server side Certificate. Assuming you are using the open source
openssl/modssl combinatatio; type the following commands to make
a home grown signed certificate:

>From the section 'Installation' in the INSTALL readme file of mod_ssl:

	... `make certificate' is to create a test
        server test certificate. Read the message box which occurs

	$ make certificate TYPE=custom

Or alternatively copy the attached script/file into your apache
configuration directory and run them as illustrated. Note that you
will need to edit the PATH in *both* files if you are using anything
but the default.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message