httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sander Temme <scte...@apache.org>
Subject Re: [users@httpd] apache + ssl: client denied by server configuration
Date Fri, 26 Jan 2007 17:23:42 GMT
Your VirtualHost has a DocumentRoot, but your main server doesn't.  
This means that when requests are not matched to your virtual host,  
the main server will use the compiled-in default.

Your problem is that your VirtualHost has port number 433: that needs  
to be 443.

S.

On Jan 26, 2007, at 9:04 AM, Sam Carleton wrote:

> I am trying to get SSL up and running on my new apache server.  The
> server starts up just fine and serves up regular pages on port 80, but
> when I direct it towards the SSL port, Firefox give me an error:
>
> "bv.<domain>.com has sent an incorrect or unexpected message.
> Error Code: -12263"
>
> When I look at the apache error log, I get this:
>
> client denied by server configuration: /usr/local/apache2/htdocs/
>
> what is strange is that I am not using /usr/local/apache2/htdocs/
> anywhere in the httpd.conf file. I have searched and searched the
> config file for htdocs and it simply is not there.  Any thoughts?
>
> Sam
>
> P.S.  Here is my complete httpd.conf file:
>
> ServerRoot /usr/local/apache2
> PidFile /usr/local/apache2/logs/httpd.pid
>
> Listen 80
> ServerAdmin scarleton@<domain>.com
> ServerSignature Off
> User httpd
> Group httpd
> HostNameLookups Off
> TimeOut 300
> KeepAlive On
> MaxKeepAliveRequests 100
> KeepAliveTimeout 15
> MinSpareServers 5
> MaxSpareServers 10
> StartServers 5
> MaxClients 150
> MaxRequestsPerChild 1000
> ServerTokens ProductOnly
>
> LoadModule php5_module        modules/libphp5.so
>
> AddHandler application/x-httpd-php .php
> AddHandler application/x-httpd-php .inc
> AddHandler application/x-httpd-php .class
> AddHandler application/x-httpd-php .module
>
> DefaultType text/plain
>
> <IfModule mime_module>
>   TypesConfig conf/mime.types
>   AddType application/x-compress .Z
>   AddType application/x-gzip .gz .tgz
> </IfModule>
>
> DirectoryIndex index.html index.php
>
> <FilesMatch "(^\.ht|~$|\.bak$|\.BAK$)">
>   Order Allow,Deny
>   Deny from all
> </FilesMatch>
>
> <DirectoryMatch /CVS/>
>   Order Allow,Deny
>   Deny from all
> </DirectoryMatch>
>
> <Directory />
>   Order Deny,Allow
>   Deny from all
>   Options None
>   AllowOverride None
> </Directory>
>
> <Directory /home/www/mainroot>
>   Order Allow,Deny
>   Allow from all
> </Directory>
>
> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
> \"%{User-Agent}i\"" combined
> CustomLog /var/log/httpd/access_log combined
>
> LogLevel info
> ErrorLog /var/log/httpd/error_log
>
> <VirtualHost *:80>
>       DocumentRoot /home/www/mainroot
> </VirtualHost>
>
> Listen 443
>
> <IfModule mime.c>
>       AddType application/x-x509-ca-cert      .crt
>       AddType application/x-pkcs7-crl         .crl
> </IfModule>
>
> SSLPassPhraseDialog builtin
> SSLSessionCache shm:/usr/local/apache2/logs/ssl_cache_shm
> SSLSessionCacheTimeout 600
> SSLMutex file:/usr/local/apache2/logs/ssl_mutex
> SSLRandomSeed startup file:/dev/urandom 1024
> SSLRandomSeed connect file:/dev/urandom 1024
>
> <VirtualHost bv.miltonstreet.com:433>
>       DocumentRoot "/home/www/subversion"
>       ServerName bv.<domain>.com
>       SSLEngine on
>       #SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM
>       #SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
>       SSLCipherSuite HIGH:MEDIUM
>       SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
>       SSLCertificateKeyFile /usr/local/apache2/conf/ssl.crt/server.key
>       SSLOptions +StrictRequire
>       SSLProtocol -all +TLSv1 +SSLv3
>       SetEnvIf User-Agent ".*MSIE.*" \
>               nokeepalive ssl-unclean-shutdown \
>               downgrade-1.0 force-response-1.0
> </VirtualHost>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server  
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>


-- 
sctemme@apache.org            http://www.temme.net/sander/
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF



Mime
View raw message