Invalid command 'SSLVerifyClient'
9 views
Skip to first unread message
Jeremy Demers
Jul 6, 2022, 5:05:07 PM7/6/22
to modwsgi
Hello,
I configured mod_wsgi as such:
python manage.py runmodwsgi --port 80 --log-to-terminal --user jdemers --group www-data --startup-log --https-port 443 --working-directory . --setup-only --url-alias /static/ /srv/disso/static --url-alias /media/ /srv/disso/static/media/ --https-only --server-name dissodev.pfizer.com --ssl-certificate-file /etc/pki/tls/certs/dissodev.pfizer.com.crt --ssl-ca-certificate-file /etc/pki/tls/certs/PBACA-G2.crt --server-root /srv/dissohttps.
From /srv/dissohttps I run ./apachectl start and I get the error:
"Invalid command 'SSLVerifyClient', perhaps misspelled or defined by a module not included in the server configuration".
I have also setup another directory without ssl and it works fine:
python manage.py runmodwsgi --port 80 --working-directory . --url-alias /static/ /srv/disso/static/ --url-alias /media/ /srv/disso/static/media/ --setup-only --server-root /srv/dissohttpd --host dissodev.pfizer.com
From /srv/dissohttpd I run ./apachectl start and it works fine. Just not working for the SSL setup.
In python I have
mod-wsgi==4.9.2
mod-wsgi-httpd==2.4.48.1This is a RHEL type server. AWS Linux 2.
Any help would be greatly appreciated!
Thanks,
Jeremy
Graham Dumpleton
Jul 6, 2022, 5:45:48 PM7/6/22
to mod...@googlegroups.com
You are missing "--ssl-certificate-key-file" option for the private key file.
add_option('all', '--ssl-certificate-file', default=None,
metavar='FILE-PATH', help='Specify the path to the SSL '
'certificate file.')
add_option('all', '--ssl-certificate-key-file', default=None,
metavar='FILE-PATH', help='Specify the path to the private '
'key file corresponding to the SSL certificate file.')
You need to have both these options for certificate and private key file.
The error isn't great, but that is the cause.
--
You received this message because you are subscribed to the Google Groups "modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email to modwsgi+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/modwsgi/2adaa272-9fb7-43eb-ae9d-1f00e0154f2fn%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages