Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 44918 invoked from network); 15 Oct 2003 08:28:54 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 15 Oct 2003 08:28:54 -0000 Received: (qmail 76051 invoked by uid 500); 15 Oct 2003 08:28:15 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 76030 invoked by uid 500); 15 Oct 2003 08:28:15 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 76015 invoked from network); 15 Oct 2003 08:28:14 -0000 Received: from unknown (HELO smtp.inreach.com) (209.142.2.34) by daedalus.apache.org with SMTP; 15 Oct 2003 08:28:14 -0000 Received: (qmail 378 invoked from network); 15 Oct 2003 08:28:27 -0000 Received: from unknown (HELO w2k30g) (209.142.39.228) by smtp.inreach.com with SMTP; 15 Oct 2003 08:28:27 -0000 Message-ID: <01db01c392f6$40dcad00$0a01a8c0@w2k30g> From: "David Christensen" To: References: Date: Wed, 15 Oct 2003 01:27:52 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Subject: Re: [users@httpd] CGI script runs under http, but browser tries to download under https X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N users@httpd.apache.org: Boyle Owen wrote: > Eh? If you do not have "Listen 443" somewhere in your apache config > then apache is not listening on that port and so apache cannot be > responding to the HTTPS requests. So it must be something else which > is responding... > Let me see if I understand your situation correctly: > - you set up a plain HTTP site on the usual port 80 and with CGI: this > worked as expected. > - For some reason, you tried putting a small "s" into the URL to see > what would happen if you HTTPS'd to the same URL. I'm not sure what > you expected to happen, but you were suprised to find that the CGI > source was listed in the browser. > To be clear, when you type "https" into a browser, it makes the > request to port 443 on the server. If you only had your plain HTTP > apache running, this should not have worked - you should have got a > "connection refused" error at the TCP/IP level. The fact that you got > a response means that there must be something listening on that port - > could it be a default webserver that comes with Debian? Thanks for the reply. :-) Okay. I had assumed that Apache was responding to both the http and the https requests. > To check this out, you need to "ps -ef" and look for httpd processes. root@d3020g:~# ps -ef UID PID PPID C STIME TTY TIME CMD root 1 0 0 Oct14 ? 00:00:04 init [2] root 2 1 0 Oct14 ? 00:00:00 [keventd] root 3 0 0 Oct14 ? 00:00:00 [ksoftirqd_CPU0] root 4 0 0 Oct14 ? 00:00:00 [kswapd] root 5 0 0 Oct14 ? 00:00:00 [bdflush] root 6 0 0 Oct14 ? 00:00:00 [kupdated] root 7 1 0 Oct14 ? 00:00:00 [i2oevtd] root 9 1 0 Oct14 ? 00:00:00 [kjournald] root 44 1 0 Oct14 ? 00:00:00 [khubd] root 52 1 0 Oct14 ? 00:00:00 [kapmd] root 83 1 0 Oct14 ? 00:00:00 [kjournald] root 84 1 0 Oct14 ? 00:00:00 [kjournald] root 107 1 0 Oct14 ? 00:00:00 [eth0] root 167 1 0 Oct14 ? 00:00:00 /sbin/syslogd root 170 1 0 Oct14 ? 00:00:00 /sbin/klogd root 178 1 0 Oct14 ? 00:00:00 /usr/sbin/inetd root 185 1 0 Oct14 ? 00:00:00 /bin/sh /usr/bin/safe_my sqld mysql 220 185 0 Oct14 ? 00:00:00 /usr/sbin/mysqld --based ir=/usr mysql 222 220 0 Oct14 ? 00:00:00 /usr/sbin/mysqld --based ir=/usr mysql 223 222 0 Oct14 ? 00:00:00 /usr/sbin/mysqld --based ir=/usr mysql 224 222 0 Oct14 ? 00:00:00 /usr/sbin/mysqld --based ir=/usr root 236 1 0 Oct14 ? 00:00:00 /usr/sbin/sshd daemon 239 1 0 Oct14 ? 00:00:00 /usr/sbin/atd root 242 1 0 Oct14 ? 00:00:00 /usr/sbin/cron root 246 1 0 Oct14 ? 00:00:00 /usr/sbin/apache www-data 251 246 0 Oct14 ? 00:00:00 /usr/sbin/apache www-data 252 246 0 Oct14 ? 00:00:00 /usr/sbin/apache www-data 253 246 0 Oct14 ? 00:00:00 /usr/sbin/apache www-data 254 246 0 Oct14 ? 00:00:00 /usr/sbin/apache www-data 255 246 0 Oct14 ? 00:00:00 /usr/sbin/apache root 256 1 0 Oct14 ? 00:00:00 /usr/sbin/apache-ssl root 259 1 0 Oct14 tty1 00:00:00 /sbin/getty 38400 tty1 root 260 1 0 Oct14 tty2 00:00:00 /sbin/getty 38400 tty2 root 261 1 0 Oct14 tty3 00:00:00 /sbin/getty 38400 tty3 root 262 1 0 Oct14 tty4 00:00:00 /sbin/getty 38400 tty4 root 263 1 0 Oct14 tty5 00:00:00 /sbin/getty 38400 tty5 www-data 264 256 0 Oct14 ? 00:00:00 /usr/lib/apache-ssl/gcac he 33 /v root 265 1 0 Oct14 tty6 00:00:00 /sbin/getty 38400 tty6 www-data 266 256 0 Oct14 ? 00:00:00 /usr/sbin/apache-ssl www-data 267 256 0 Oct14 ? 00:00:00 /usr/sbin/apache-ssl www-data 268 256 0 Oct14 ? 00:00:00 /usr/sbin/apache-ssl www-data 269 256 0 Oct14 ? 00:00:00 /usr/sbin/apache-ssl www-data 270 256 0 Oct14 ? 00:00:00 /usr/sbin/apache-ssl root 311 236 0 00:53 ? 00:00:00 /usr/sbin/sshd dpchrist 313 311 0 00:53 ? 00:00:00 /usr/sbin/sshd dpchrist 314 313 0 00:53 pts/0 00:00:00 -bash root 315 314 0 00:53 pts/0 00:00:00 -su www-data 323 246 0 00:53 ? 00:00:00 /usr/sbin/apache root 343 315 0 00:55 pts/0 00:00:00 ps -ef I see apache and apache-ssl. I don't see httpd or httpsd (?). > Also, look in the /etc/rc.local (or thereabouts) for startup scripts > that might be starting a built-in apache at boot (find and grep will > be useful here...) root@d3020g:~# runlevel N 2 root@d3020g:~# l /etc/rc2.d ./ S11klogd@ S20inetd@ S20ssh@ S91apache@ ../ S14ppp@ S20makedev@ S89atd@ S91apache-ssl@ S10sysklogd@ S20exim@ S20mysql@ S89cron@ S99rmnologin@ root@d3020g:~# l /etc/init.d/apache* /etc/init.d/apache* /etc/init.d/apache-ssl* Looks like apache and apache-ssl get started automatically in run level 2 (I run the server in text mode and SSH in). > I'm not sure you understand the difference between HTTP and HTTPS - to > be clear, they are separate protocols and, unless configured to do so, > a webserver will not respond to HTTPS requests. So a new installation > of apache will not respond to an HTTPS request (I get the impression > you might've expected it to do so): You're right -- I was assuming that one server was handling both requests. So, it looks like apache is serving port 80 and apache-ssl is serving port 443. I wonder -- is there an httpd.conf for apache-ssl? root@d3020g:~# l /etc/apache* /etc/apache: ./ ../ access.conf conf@ httpd.conf mime.types@ srm.conf /etc/apache-ssl: ./ access.conf c0bd8a4a.0@ httpd.conf srm.conf ../ apache.pem conf@ mime.types@ Yup. Try adding per-user cgi-bin stuff to /etc/apache-ssl/httpd.conf: root@d3020g:~/d3020g/etc/apache-ssl:CVS> cvs diff httpd.conf Index: httpd.conf =================================================================== RCS file: /cvs/dpchrist/d3020g/etc/apache-ssl/httpd.conf,v retrieving revision 1.1 diff -r1.1 httpd.conf 395a396,399 > > Options +ExecCGI > > 780a785 > AddHandler cgi-script .pl root@d3020g:~/d3020g/etc/apache:CVS> apache-sslctl configtest [Wed Oct 15 01:18:59 2003] [alert] apache-ssl: Could not determine the server's fully qualified domain name, using 192.168.254.2 for ServerName Syntax OK root@d3020g:~/d3020g/etc/apache:CVS> apache-sslctl graceful /usr/sbin/apache-sslctl graceful: httpsd gracefully restarted Now it works! http://192.168.254.2/~ramdra3/hello.html -> ok https://192.168.254.2/~ramdra3/hello.html -> ok http://192.168.254.2/~ramdra3/cgi-bin/hello.pl -> ok https://192.168.254.2/~ramdra3/cgi-bin/hello.pl -> ok Hip, Hip, Hazzah! for Owen! :-) David --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org