On Wed, May 16, 2001 at 10:42:34AM -0600, Chris M wrote:
[SNIP]
> Your first post said to check file names
> and paths. Gawd, if I hadn't checked that and read the FAQ first (AND STFW
> too) I think I'd be pretty embarrassed.
You wouldn't be the first to ask a question without having read docs and FAQ.
We get quite a lot of questions like that on this list.
>
> I'll see if this cert has a passphrase associated with it and try removing
> it, that is a good idea.
>
The "About Certificates" section in the FAQ has several good pointers about
how you can test/verify certificates.
> One wonders why mod_ssl has to hang all of Apache on startup just for one
> duff cert, and why it can't just log an error message someplace useful and
> English-like and continue with the other hundred domains on there serving
> HTTP requests.
It is a bit tricky if it happens while waiting for a passphrase. Ideally
apache should exit giving you as good an error description as possible.
> A curious architectural choice to say the least that I must
> not understand the reasoning behind.
It is the standard choice for Apache to abort the startup on configuration
errors and IMNSHO the right way to do it. If there is a problem in your
httpd.conf, then it should be fixed immediately instead of spending time
on startup, when you will still have to bring down the server again to fix
the problem anyway. If for some reason you don't care enough about availability
to test your configurations thoroughly outside of your production system, then
you're asking for trouble and probably deserve the downtime.
> If BIND/DNS did this half of the
> domains on the web wouldn't come up on any given day :)O
>
> That last part *is* whining. mod_ssl should not be allowed to hang the
> process on startup, it should complain about oddities and continue
> processing.
No. Sure it would be preferable if it didn't hang, but it should _never_
just continue processing - see the reasons stated above and add the security
concern that a misconfigured server could allow intruders access to content
that weren't supposed to be accessible ...
ex1: if you misspell deny from all in an access control directive, should it
then be ignored just allowing everybody access as if there was no directive
at all?
ex2: if there is no certificate defined on a HTTPS vhost, should it just
serve plain HTTP instead?
ex3: apache with 2000 vhost takes a while to start so would you want to
go through that twice because you made a minor mistake with one vhost? or
would you rather fix it right away and save the extra downtime?
(and yes, these are more or less rethorical questions ;-)
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
