httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ion LarraƱaga <>
Subject RE: mod-ssl and authz modules
Date Mon, 26 Aug 2002 12:53:18 GMT
Looks like you haven't really connected ssl on port 443, and that apache is
listening for HTTP connections in that port. There's a directive (SSLEngine)
that you need to connect ssl on a given virtual host (in this case,
_default_:443). You should have something like:

<IfDefine SSL>
<VirtualHost _default_:443>
  SSLEngine on
  DocumentRoot "/usr/unibase/webapps/uniweb"

Hope it helps,

  Ion LarraƱaga

-----Mensaje original-----
De: Jose Correia (J) []
Enviado el: lunes, 26 de agosto de 2002 14:34
Asunto: RE: mod-ssl and authz modules
Importancia: Alta

Hi Dirk

In errors.log I'm not getting anything.

In ssl_engine.og I'm getting

[26/Aug/2002 13:25:06 13435] [warn]  Init:
( You configured HTTP(80) on the standard
HTTPS(443) port!

here is my test httpd.conf (btw I'm starting apache with -DSSL

ServerType standalone
ServerRoot "/opt/apache"
PidFile /opt/apache/logs/
ScoreBoardFile /opt/apache/logs/httpd.scoreboard
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 0

LoadModule vhost_alias_module libexec/
LoadModule env_module         libexec/
LoadModule define_module      libexec/
LoadModule config_log_module  libexec/
LoadModule mime_magic_module  libexec/
LoadModule mime_module        libexec/
LoadModule negotiation_module libexec/
LoadModule status_module      libexec/
LoadModule info_module        libexec/
LoadModule includes_module    libexec/
LoadModule autoindex_module   libexec/
LoadModule dir_module         libexec/
LoadModule cgi_module         libexec/
LoadModule asis_module        libexec/
LoadModule imap_module        libexec/
LoadModule action_module      libexec/
LoadModule speling_module     libexec/
LoadModule userdir_module     libexec/
LoadModule alias_module       libexec/
LoadModule rewrite_module     libexec/
LoadModule access_module      libexec/
LoadModule auth_module        libexec/
LoadModule anon_auth_module   libexec/
LoadModule dbm_auth_module    libexec/
LoadModule digest_module      libexec/
LoadModule proxy_module       libexec/
LoadModule cern_meta_module   libexec/
LoadModule expires_module     libexec/
LoadModule headers_module     libexec/
LoadModule usertrack_module   libexec/
LoadModule unique_id_module   libexec/
LoadModule setenvif_module    libexec/
LoadModule php_module         libexec/
<IfDefine SSL>
LoadModule authz_ldap_module  libexec/
LoadModule ssl_module         libexec/

AddModule mod_vhost_alias.c
AddModule mod_env.c
AddModule mod_define.c
AddModule mod_log_config.c
AddModule mod_mime_magic.c
AddModule mod_mime.c
AddModule mod_negotiation.c
AddModule mod_status.c
AddModule mod_info.c
AddModule mod_include.c
AddModule mod_autoindex.c
AddModule mod_dir.c
AddModule mod_cgi.c
AddModule mod_asis.c
AddModule mod_imap.c
AddModule mod_actions.c
AddModule mod_speling.c
AddModule mod_userdir.c
AddModule mod_alias.c
AddModule mod_rewrite.c
AddModule mod_access.c
AddModule mod_auth.c
AddModule mod_auth_anon.c
AddModule mod_auth_dbm.c
AddModule mod_digest.c
AddModule mod_proxy.c
AddModule mod_cern_meta.c
AddModule mod_expires.c
AddModule mod_headers.c
AddModule mod_usertrack.c
AddModule mod_unique_id.c
AddModule mod_so.c
AddModule mod_setenvif.c
AddModule mod_php.c
<IfDefine SSL>
AddModule mod_authz_ldap.c
AddModule mod_ssl.c

ExtendedStatus On
Port 80

<IfDefine SSL>
Listen 80
Listen 443

User nobody
Group nobody


DocumentRoot "/usr/test/webapps/testweb"

<Directory />
    Options FollowSymLinks
    AllowOverride None

<Directory "/usr/test/webapps/testweb">
	Options Indexes FollowSymLinks MultiViews ExecCGI
	AllowOverride None
	Order allow,deny
      Allow from all

<IfModule mod_userdir.c>
    UserDir public_html

<Directory /usr/test/webapps/testweb/bugzilla>
	Options All ExecCGI
	AllowOverride None
	Order allow,deny
	Allow from all

<Directory /opt/bugzilla>
        Options All ExecCGI
        AllowOverride None
        Order allow,deny
        Allow from all

<IfModule mod_dir.c>
    DirectoryIndex index.html

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all

UseCanonicalName On

<IfModule mod_mime.c>
    TypesConfig /opt/apache/conf/mime.types

DefaultType text/plain

<IfModule mod_mime_magic.c>
    MIMEMagicFile /opt/apache/conf/magic

HostnameLookups on
<Files ~ "\.(html|cgi)$">
    HostnameLookups on

ErrorLog /opt/apache/logs/apache.err
LogLevel debug
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
\"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
LogFormat "%h %l %u %t \"%r\" %>s %b %U %H %m %p %T %b" insane
CustomLog /opt/apache/logs/apache.log insane

ServerSignature EMail

<IfModule mod_alias.c>
	Alias /icons/ "/opt/apache/icons/"
   <Directory "/opt/apache/icons">
        Options Indexes MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all

   ScriptAlias /cgi-bin/ "/opt/apache/cgi-bin/"
   <Directory "/opt/apache/cgi-bin">
        AllowOverride None
        Options None
        Order allow,deny
        Allow from all


<IfModule mod_autoindex.c>

    IndexOptions FancyIndexing

    AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

    AddIconByType (TXT,/icons/text.gif) text/*
    AddIconByType (IMG,/icons/image2.gif) image/*
    AddIconByType (SND,/icons/sound2.gif) audio/*
    AddIconByType (VID,/icons/movie.gif) video/*

    AddIcon /icons/binary.gif .bin .exe
    AddIcon /icons/binhex.gif .hqx
    AddIcon /icons/tar.gif .tar
    AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
    AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
    AddIcon /icons/a.gif .ps .ai .eps
    AddIcon /icons/layout.gif .html .shtml .htm .pdf
    AddIcon /icons/text.gif .txt
    AddIcon /icons/c.gif .c
    AddIcon /icons/p.gif .pl .py
    AddIcon /icons/f.gif .for
    AddIcon /icons/dvi.gif .dvi
    AddIcon /icons/uuencoded.gif .uu
    AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
    AddIcon /icons/tex.gif .tex
    AddIcon /icons/bomb.gif core

    AddIcon /icons/back.gif ..
    AddIcon /icons/hand.right.gif README
    AddIcon /icons/folder.gif ^^DIRECTORY^^
    AddIcon /icons/blank.gif ^^BLANKICON^^
    DefaultIcon /icons/unknown.gif

    AddHandler cgi-script .cgi

Action cgi-script /usr/bin/perl
ErrorDocument 404 /Error.xml

<IfModule mod_setenvif.c>
    BrowserMatch "Mozilla/2" nokeepalive
    BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0

    BrowserMatch "RealPlayer 4\.0" force-response-1.0
    BrowserMatch "Java/1\.0" force-response-1.0
    BrowserMatch "JDK/1\.0" force-response-1.0


<Location /server-status>
    SetHandler server-status
    Order allow,deny
    Allow from all

<Location /server-info>
    SetHandler server-info
    Order deny,allow
    Deny from all
    Allow from

<IfDefine SSL>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

SSLPassPhraseDialog  builtin
SSLSessionCache         dbm:/opt/apache/logs/ssl_scache
SSLSessionCacheTimeout  300
SSLMutex  file:/opt/apache/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLLog      /opt/apache/logs/ssl_engine_log
SSLLogLevel info


<IfDefine SSL>
<VirtualHost _default_:443>
  DocumentRoot "/usr/unibase/webapps/uniweb"
  ErrorLog /opt/apache/logs/error_log
  TransferLog /opt/apache/logs/access_log

  SSLCertificateKeyFile /opt/apache/conf/ssl.key/server.key
  SSLCACertificateFile /opt/apache/conf/ssl.crt/ca-bundle.crt
  SSLVerifyClient require
  SSLVerifyDepth  10

  <Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
  <Directory "/opt/apache/cgi-bin">
    SSLOptions +StdEnvVars

  <Directory "/servlet">

    #Jose 21/08/2002 -  Inserted to get mod_authz_ldap authentication

     AuthName        AuthzLDAP
     AuthType        Basic
     AuthzLDAPServer "localhost:389"

     AuthzLDAPUserKey     users
     AuthzLDAPUserBase    ou=users,o=telkom
     AuthzLDAPUserScope   base

     require valid-user


  SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0



LoadModule jrun_module136
<IfModule mod_jrun.c>
	JRunConfig jrun.rootdir "/opt/jrun/bin/.."
	JRunConfig jvmlist unibase
	JRunConfig Verbose false
	JRunConfig ProxyHost
	JRunConfig ProxyPort 8007
	JRunConfig Mappings "/opt/jrun/servers/test/"

include /opt/jakarta-tomcat-3.2.1/conf/mod_jk.conf-auto


Any idea? Sorry for my cluelessness... I'm trying though

Best regards
Jose Correia

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message