Well...
As far as I can tell, my config is correct. ;-) startssl seems to
get Apache up w/o any problems... However, when I go to
https://www.domain.com the browser just hangs... So, I played around a
bit and found that http://www.domain.com:443/ does work. I want all of my
port 443 traffic to be encrypted, and I'm not sure why it
isn't. When I added a SSLRequireSSL to my :443 VirtualHost, I get a
forbidden message. Error logs say that the page was forbidden b/c the
page wasn't SSL. Even so, I shouldn't be getting that, I should be
getting
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>400 Bad Request</TITLE>
</HEAD><BODY>
<H1>Bad Request</H1>
Your browser sent a request that this server could not understand.<P>
Reason: You're speaking plain HTTP to an SSL-enabled server port.<BR>
Instead use the HTTPS scheme to access this URL, please.<BR>
when I try.
Here's the pertinent info:
Server: Apache/1.3.17 (Unix) PHP/4.0.4pl1 mod_ssl/2.8.0 OpenSSL/0.9.6
OS: Solaris 8
<IfDefine SSL>
<VirtualHost <domain.com>:443 <domain.com>:443>
SSLCertificateFile /opt/apache/conf/ssl.crt/my.crt
SSLCertificateKeyFile /opt/apache/conf/ssl.key/my.key
SSLEngine on
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
ServerAdmin hostmaster@<domain.com>
DocumentRoot /export/www
ServerName <domain.com>
<Location />
SSLRequireSSL
AllowOverride All
Order allow,deny
Allow from all
</Location>
<Directory /export/www>
SSLRequireSSL
Options FollowSymLinks
</Directory>
SetEnv BUGS Y
</VirtualHost>
</IfDefine>
Any thoughts?
Best,
Alan
--
Alan Halachmi
mailto:[EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]