httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kaplan, Andrew H." <AHKAP...@PARTNERS.ORG>
Subject RE: [users@httpd] Problem with Automatically Directing Users to P ort 443
Date Wed, 18 Feb 2004 21:49:18 GMT
Owen --

I did some additional tinkering on the system, and here is where I am at:

1. I reinstalled the OS from scratch, and loaded the bundled Apache server with
the mod_ssl package.
		INFO: Red Hat Linux 8.0
			Apache 2.0.40
			OpenSSL 0.9.6
   
2. I tested connectivity to ports 80 and 443, and both came back with the test
page.

3. I wanted to achieve an automatic redirection to port 443, so I added the
following to the 
VirtualHost section of the httpd.conf file -
<VirtualHost 192.168.1.100:80>
			ServerName example.com
			ServerAdmin webma	ster@example.com
			DocumentRoot /www
			Redirect / https://example.com/
		</VirtualHost>	


		<VirtualHost 192.168.1.100:443>
			ServerName example.com
			ServerAdmin webmaster@example.com
			DocumentRoot /www

			SSLEngine On
			SSLCertificateFile
/usr/local/apache/conf/ssl.crt/ca-bundle.crt
			SSLCertificateKeyFile
/usr/local/apache/conf/ssl.key/server.key
			SSLCertificateChainFile
/usr/local/apache/conf/ssl.key/server.key
			SetEnvIf User-Agent ".*MSIE.*" nokeepalive
ssl-unclean-shutdown
         </VirtualHost>

4. The Apache server (version 2.0.40 bundled with Red Hat 8.0 along with
mod_ssl) did not start with 
the above information added. THe error message that appeared in the error_log
file was -
	
		Failed to configure CA certificate chain!

5. After I removed the above text, I was able to restart the server
successfully.

What now?

-----Original Message-----
From: Boyle Owen [mailto:Owen.Boyle@swx.com]
Sent: Monday, February 16, 2004 3:27 AM
To: users@httpd.apache.org
Subject: RE: [users@httpd] Problem with Automatically Directing Users to
Port 443


> -----Original Message-----
> From: Kaplan, Andrew H. [mailto:AHKAPLAN@PARTNERS.ORG]
> 
> I tried to restart the server, but it complained that 
> SSLEngine On was an
> invalid command or was defined by a module not included in the 
> server configuration. 

At the point apache encounters this directive, mod_ssl is not loaded.
Check the sequence of LoadModule directives and check that no If-block
is preventing mod_ssl getting loaded. Or compile mod_ssl into httpd
statically...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> have Webmin installed on the server 
> and I checked the
> known configured modules for Apache, and mod_ssl did appear
> as configured. 
> 
> Anyone have an idea what could be the show stopper? Thanks.
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat
keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This
e-mail is of a private and personal nature. It is not related to the
exchange or business activities of the SWX Group. Le présent e-mail est
un message privé et personnel, sans rapport avec l'activité boursière du
Groupe SWX.

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message