ssl with apache again

Gregory Nowak greg at romuald.net.eu.org
Mon Aug 5 21:29:24 EDT 2002


Hi Aaron and all.

Doing apachectl startssl tells me that that's already running.

I have listen lines for ports 80 and 443 in mod_ssl.conf.
I also have a <virtualhost _default_:443> block there.
My error log reports that apache, modssl, and openssl restarted without any errors. 
Is there anything else I should check. Thanks for all your help.
Greg


On Tue, Aug 06, 2002 at 11:02:53AM +1000, Aaron Howell wrote:
> Greg, try 
> apachectl startssl
> instead of just plain start.
> If that doesn't work, try to find a listen line in your config file and make sure there is one for both 80 and 443.
> Finally, make sure you have 
> <virtualhost _default_:443>
> and make sure that the ssl stuff is configured in there.
> Also check your error log file for any startup errors.
> Its most likely a missing listen statement though since you seem to be getting ssl stuff in the engine log.
> Regards
> Aaron
> On Mon, Aug 05, 2002 at 07:53:52PM -0500, Gregory Nowak wrote:
> > Thanks Aaron.
> > 
> > Even though it didn't make sense to me why apache would be able to write to all but one log file, I changed the user and group on its log directory, and it works.
> > 
> > However, I still can't use https.
> > 
> > According to my ssl_engine.log, ssl works.
> > 
> > [05/Aug/2002 19:32:43 00203] [info]  Init: 13nd restart round (already detached)
> > [05/Aug/2002 19:32:43 00203] [info]  Init: Reinitializing OpenSSL library
> > [05/Aug/2002 19:32:43 00203] [info]  Init: Seeding PRNG with 1160 bytes of entropy
> > [05/Aug/2002 19:32:43 00203] [info]  Init: Configuring temporary RSA private keys (512/1024 bits)
> > [05/Aug/2002 19:32:43 00203] [info]  Init: Configuring temporary DH parameters (512/1024 bits)
> > [05/Aug/2002 19:32:43 00203] [info]  Init: Initializing (virtual) servers for SSL
> > 
> > 
> > Here is a demonstration of what happens when I try to access https urls. Yes, my lynx has https support, and yes, the sqwebmail binary is running properly. As you can see Aaron, the rewrite rule you gave me does work.
> > 
> > 
> > Looking up www.romuald.net.eu.org
> > Making HTTP connection to www.romuald.net.eu.org
> > Sending HTTP request.
> > HTTP request sent; waiting for response.
> > HTTP/1.1 302 Found
> > Data transfer complete
> > HTTP/1.1 302 Found
> > Looking up www.romuald.net.eu.org
> > Making HTTPS connection to www.romuald.net.eu.org
> > Alert!: Unable to connect to remote host.
> > 
> > lynx: Can't access startfile http://www.romuald.net.eu.org/cgi-bin/sqwebmail
> > 
> > 
> > So, my only guess is that I screwed up somewhere in mod_ssl.conf. If someone could please take the time to look it over and help me learn, please write me privately. Your time would be appreciated. Thanks.
> > Greg
> > 
> > 
> > On Tue, Aug 06, 2002 at 09:28:06AM +1000, Aaron Howell wrote:
> > > Hi Greg,
> > > Look in your httpd.conf file for the lines user= and group=.
> > > The user= line is the important one.
> > > make sure that /var/log/apache is writable (in other words owned by) the user that apache is specified to run as.
> > > Then you should be ok.
> > > Regards
> > > Aaron
> > 
> > _______________________________________________
> > Speakup mailing list
> > Speakup at braille.uwo.ca
> > http://speech.braille.uwo.ca/mailman/listinfo/speakup
> 
> -- 
>      +----------------------------------------------------------+
>     /             |\      _,,,---,,_                           /|
>    /              /,`.-'`'    -.  ;-;;,_                      / |
>   /              |,4-  ) )-,_. ,\ (  `'-'                    /  |
>  /             '---''(_/--'  `-'\_)                         /   |
> +----------------------------------------------------------+    |
> | Aaron Howell                  Kitten Internet            |    |
> | aaron at kitten.net.au           Internet consultancy,      |    |
> | Phone: +61-417-625550         System administration,     |    |
> | fax: +61-7-36010099           system design/integration. |    |
> | icq: 6715521                  http://www.kitten.net.au   |    |
> |                                                          |    |
> |                                                          |    +
> |                                                          |   /
> |                                                          |  /
> |                                                          | /
> |                                                          |/
> +----------------------------------------------------------+
> 
> 
> 
> 
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup




More information about the Speakup mailing list