Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Apache, mod_ssl, & openssl

0 views
Skip to first unread message

Merlin

unread,
May 24, 2001, 5:13:06 PM5/24/01
to
Ok, I's a little lost. I've got a couple VirtualHosts in apache, in
different directories. I'm trying to get SSL working on one. I've added
these lines to httpd.conf:

<VirtualHost 192.168.0.1:80>
DocumentRoot /var/www/domainname.com
ServerName www.domainname.com
SSLEngine on
SSLCertificateFile /var/www/domainname.com/server.crt
SSLCertificateKeyFile /var/www/domainname.com/server.key
</VirtualHost>

I've checked the server. files, and they look good. The domain name in the
files match the actual name, but when I https to it, I keep getting a
security warning with the certificate file as localhost. Any ideas as to why?

Thank you kindly,
David

______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org

Edward Jiang

unread,
May 24, 2001, 5:43:21 PM5/24/01
to
On Thu, 24 May 2001, Merlin wrote:

|
| <VirtualHost 192.168.0.1:80>
| DocumentRoot /var/www/domainname.com
| ServerName www.domainname.com
| SSLEngine on
| SSLCertificateFile /var/www/domainname.com/server.crt
| SSLCertificateKeyFile /var/www/domainname.com/server.key
| </VirtualHost>
|

First, You may want to change port 80 to 443 which is https' default
listen port. Second, I'm not sure if your server certificate has been
signed by commercial CA, such as Verisign. If not, browser will always pop
up a warning window when the SSL session begins unless you've already
loaded it into your browser's database as trusted certificate.

--
___ ___|~|_ _ ____ _ ___ __|~| Edward...@oracle.com
/ _ \/ _` | \ /\ / / _ `| '__/ _` | 6501 E Belleview Avenue
| __/| (_| |\ V V /| (_| | | | (_| | Englewood, CO 80111, US
\___|\___,_| \_/\_/ \___,_|_| \___,_| Telephone: 720.489.6000

Sean Conkling

unread,
May 25, 2001, 12:39:04 AM5/25/01
to
Greetings All,
I am new to the list, and have a bit of a question/problem. Let me
explain, I came from an ISP that was useing stronghold in side of apache,
and now my new position has the openssl, installed, and the former sys
admin, left with out giveing up the pass phrase. I tried the fix, located
at this link to buypass the builtin pass phrase, and now I get an httpd,
error, stateing I have a </VirtualHost> , with out an <VirtualHost>

http://groups.google.com/groups?q=builtin+pass+phrase&hl=en&lr=&safe=off&rnum=3&ic=1&selm=36C0AF2E.3F2C68E8%40eilio.com

can anyone aide me in this problem ?

seAN

._._._._._._._._._._._._
System Admin buycoin.com
602.443.3050 X1069
._._._._._._._._._._._._

"You can't teach a drum machine how to improv..."


For me, love must be ugly, looks must be devine and death must be beautiful.

- Dali

Valentin Zahariev

unread,
May 25, 2001, 10:52:36 AM5/25/01
to

--OFj+1YLvsEfSXdCH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, May 24, 2001 at 12:55:14PM -0700, Merlin wrote:
> Ok, I's a little lost. I've got a couple VirtualHosts in apache, in=20
> different directories. I'm trying to get SSL working on one. I've added=
=20
> these lines to httpd.conf:
>=20


> <VirtualHost 192.168.0.1:80>
> DocumentRoot /var/www/domainname.com
> ServerName www.domainname.com
> SSLEngine on
> SSLCertificateFile /var/www/domainname.com/server.crt
> SSLCertificateKeyFile /var/www/domainname.com/server.key
> </VirtualHost>

>=20
> I've checked the server. files, and they look good. The domain name in t=
he=20
> files match the actual name, but when I https to it, I keep getting a=20
> security warning with the certificate file as localhost. Any ideas as to=
why?
>=20
> Thank you kindly,
> David
>=20

The config isnt correct, here is some corrected config

if you wanna http:


<VirtualHost 192.168.0.1:80>
DocumentRoot /var/www/domainname.com
ServerName www.domainname.com

</VirtualHost>

if you wannat https:
<VirtualHost 192.168.0.1:443>


DocumentRoot /var/www/domainname.com
ServerName www.domainname.com
SSLEngine on

# probably you need next line
SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNU=
LL
SSLCertificateFile /usr/local/etc/apache/ssl.crt/www.domain.com.crt
SSLCertificateKeyFile /usr/local/etc/apache/ssl.key/www.domain.com.key
# check for user certs
SSLVerifyClient optional
# this is usefull
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
<Files ~ "\.(cgi|shtml|phtml|php|php3?)$">
SSLOptions +StdEnvVars
</Files>
</VirtualHost>

--=20
rgdz
curly
--------------------
http://www.e-card.bg
--------------------
PGP keyID: 0xCB6681D8
Key fingerprint =3D 5A 7B 24 E3 9F CE FF 03 E9 FE D0 BD 81 27 08 2C CB 6=
6 81 D8

--OFj+1YLvsEfSXdCH
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1i

iQA/AwUBOw5xnoEnCCzLZoHYEQJ5ZwCg9SvPkXw7Y7LqL3jXtpIpR98ZwW0AoOV8
BmMggmhEHVnwJQ20WYdEldRT
=q530
-----END PGP SIGNATURE-----

--OFj+1YLvsEfSXdCH--

0 new messages