httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcos R. Cardoso" <mcard...@furb.br>
Subject Re: [users@httpd] VirtualHost
Date Tue, 06 Jun 2006 17:29:00 GMT
Ok, guys, I've found out the problem and solved it. I was really calling 
twice the ssl.conf from inside the httpd.conf (how couldn't I notice 
that?), so I'm imposing myself a severe punishment for that (I'm gonna 
eat liver for a whole week, eeewwww). Sorry about this unnecessary 
brainburning.

But a new problem has come out: I can establish a secure https 
connection from inside the LAN to the Web Server, but the same can't be 
done outside (the very Internet). You can check it trying to access the 
url https://www.bc.furb.br and you also may notice that the ordinary 
http://www.bc.furb.br works well.

What may I be missing in the conf file?

Here goes the basic configuration in the SSL part:
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

SSLPassPhraseDialog builtin

SSLSessionCache         dbm:logs/ssl_scache
SSLSessionCacheTimeout  300

SSLMutex  default

<VirtualHost *:443>
ServerName www.bc.furb.br
ServerAdmin masterbc@furb.br
ErrorLog logs/error_ssl.log
TransferLog logs/access_ssl.log

SSLEngine on

SSLCipherSuite 
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile conf/www.bc.furb.br.crt
SSLCertificateKeyFile conf/www.bc.furb.br.key

<FilesMatch "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "c:/apache/cgi">
    SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request.log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>                                 



-- 
Marcos R. Cardoso
Seção de Processamento Técnico e Automação
Sistema Integrado de Bibliotecas
FURB - Blumenau
(047) 3321-0660


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message