httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Lopez <dan...@rawbyte.com>
Subject Re: [users@httpd] apache2/redhat 8/ssl problems
Date Fri, 09 May 2003 20:01:12 GMT
What do you get in /var/log/www/error_log ? This is the Apache error log.

You will need to add also a certificate and a key file, but
you mention you are using name based virtual hosts.
are you familiar with the limitations for SSL with name based virtual
hosts? From the document I pointed you easrlier:

Can I have SSL with name-based virtual hosting?

A question that comes up frequently is how to make
name-based virtual hosts work with SSL. The answer is that you can't, at
least currently. Name-based virtual hosts depend on the Host header of the
HTTP request, but the certificate verification happens when the SSL
connection is being established and no HTTP request can be sent. There is a
protocol for upgrading an existing HTTP connection to TLS, but it is mostly
unsupported by current browsers (see RFC 2817).


Cheers

Daniel


On Fri, May 09, 2003 at 10:44:35AM -0400, Bryan Brannigan wrote:
> Ok.  I reinstalled the RPM and managed to get SSL working under _default_.
> My next task to turning on SSL for virtual hosts.  What I have setup are
> several Name-Based virtual hosts.  I would like to be able to enable SSL for
> some of these hosts.  I turned SSL on for one of them, via WebMin, which
> added the line SSLEngine On.  After that line is added, apache fails to
> start.  This is the message in /var/log/messages "May  9 10:46:54 ns1 httpd:
> httpd startup failed"  I am unable to find any other error messages.
> Running the configtest (/etc/init.d/httpd configtest) returns a syntax OK.
> 
> I'm sure I did something wrong here.....
> 
> ----- Original Message ----- 
> From: "Daniel Lopez" <daniel@rawbyte.com>
> To: <users@httpd.apache.org>
> Sent: Friday, May 09, 2003 10:26 AM
> Subject: Re: [users@httpd] apache2/redhat 8/ssl problems
> 
> 
> >
> > That is very strange that you get no error.
> > what is the command that you use to start Apache and what is th error_log
> > file taht you are looking at?
> >
> > If you are using red hat Apache 2 and installed mod_ssl  rpms, the
> > configuration can be found in
> > /etc/httpd/conf.d/ssl.conf (or somewhere close, I dont have access to my
> > Red Hat box now)
> >
> > To load the ssl module in Apache 2 :
> >
> > LoadModule ssl_module modules/mod_ssl.so
> >
> > (RedHat may hav placed mod_ssl.so somewhere else)
> >
> > > That's the kicker...  There is no error message.  Apache just fails to
> > > start.  When I check the server status, it doesn't appear to load
> mod_ssl.
> > > I have it installed but I can't find any mention of it in httpd.conf.
> When
> > > I added a LoadModule for it I got errors.  What is the correct way to
> load
> > > this module?
> > >
> > >
> > > ----- Original Message ----- 
> > > From: "Daniel Lopez" <daniel@rawbyte.com>
> > > To: <users@httpd.apache.org>
> > > Sent: Friday, May 09, 2003 8:16 AM
> > > Subject: Re: [users@httpd] apache2/redhat 8/ssl problems
> > >
> > >
> > > >
> > > > Which error message do you get in the logs?
> > > >
> > > > For an introduction of Apche 2 and SSL check the secure server chapter
> I
> > > > have online at
> > > > http://apacheworld.org/ty24/
> > > >
> > > > Cheers
> > > >
> > > > daniel
> > > >
> > > > On Thu, May 08, 2003 at 04:26:01PM -0400, Bryan Brannigan wrote:
> > > > > I'm having trouble getting apache 2 and redhat 8 to support SSL.
> I'm
> > > using
> > > > > the default redhat "Web Server" setup and everytime I enable SSL
for
> a
> > > > > virtual domain, apache fails to startup.
> > > > >
> > > > > Suggestions, comments, questions?
> > > >
> > > > -- 
> > > > Teach Yourself Apache 2 -- http://apacheworld.org/ty24/
> > > >
> > > > ---------------------------------------------------------------------
> > > > The official User-To-User support forum of the Apache HTTP Server
> Project.
> > > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > > > For additional commands, e-mail: users-help@httpd.apache.org
> > > >
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > The official User-To-User support forum of the Apache HTTP Server
> Project.
> > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> >
> > -- 
> > Teach Yourself Apache 2 -- http://apacheworld.org/ty24/
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org

-- 
Teach Yourself Apache 2 -- http://apacheworld.org/ty24/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message