httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Angus" <>
Subject [users@httpd] Question about setting up secure service
Date Tue, 02 May 2006 13:24:40 GMT
Dear All: sorry for the length of this -- I am an SSL newbie and need a bit of install advice.

We have a windows environment, and have installed Apache2.0.55 with SSL support plus openSSL.
We have one dedicated IP address which is currently shared by two name-based virtual hosts.
I want to set up a secure subdirectory of one of these domains, in which I can place my e-commerce
web-store (and later, possibly some online services). My router is assigned to forward the
incoming port 80 and port 443 to the box with IP which has apache on it.

I bought a certificate from a CA and attempted to set up the SSL.conf to give me another virtual
server -- but so far no joy. I can't seem to get port 443 virtual service
to work alongside port 80 service 

The instructions from the CA I dealt with were brief, and upon following them, the setup didn't
work. A call to their customer support indicates that the CA lets me secure a specific subdomain,
BUT they also want a unique dedicated internet ip address before letting me secure a "subdomain"
with one of their certs. 

Is there a different CA or some way I can to secure a subdirectory or subdomain without getting
another dedicated IP address? Can anybody tell me what is the best way to set up for us?

below is my ssl.conf
<IfDefine SSL>

Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

SSLPassPhraseDialog  builtin

SSLSessionCache         dbm:logs/ssl_scache
SSLSessionCacheTimeout  300

SSLMutex  file:logs/ssl_mutex

#<VirtualHost *:443> (doesn't work)
#<VirtualHost _default_:443> 

DocumentRoot "C:/Homepage/secure"

<Directory "C:/Homepage/secure">
    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all

SSLEngine on


# 3 fiels sent to me from the CA
SSLCertificateFile C:/Homepage/Certs/
SSLCertificateKeyFile C:/Homepage/Certs/MyCertifcate.key
SSLCertificateChainFile C:/Homepage/Certs/sf_issuing.crt

SSLVerifyDepth  5

<FilesMatch "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
<Directory "C:\Program Files\Apache Group\Apache2\cgi-bin">
    SSLOptions +StdEnvVars

SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"



View raw message