Did you add any directories to be served over SSL? e.g. for CGI,
<VirtualHost _default_:443>
<Directory "/usr/local/apache/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
-a
Mitchell, Edmund said:
> Hello all
>
> I just built from source apache 2 on RedHat 8 with this config:
> $->./configure --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin
> --sbindir=/usr/sbin --enable-mods-shared=all --enable-so
> --with-mpm=worker --enable-ssl --with-ssl=/usr/include/openssl
> --libexecdir=/usr/lib/httpd/modules --mandir=/usr/share/man
> --sysconfdir=/etc/httpd/conf --datadir=/var/www --localstatedir=/var
> --disable-imap --disable-dav --disable-dav_fs --disable-speling
> --disable-autoindex
>
> and it went smoothly, as did make and make install.
>
> I tried to startssl, but it complained about the cert and key file, so
> I
> built those using the makefile that RedHat provides to build dummy
> certs
> and
> keys, and that went smoothly. It then complained about the
> DocumentRoot,
> so
> I fixed that, and now it doesn't complain, but nothing happens.
>
> #->/usr/sbin/apachectl startssl
> #->ps -eaf | grep httpd
> root 19590 19172 0 13:53 pts/1 00:00:00 grep httpd
>
> #->/usr/sbin/httpd -DSSL
> #->ps -eaf | grep httpd
> root 19594 19172 0 13:53 pts/1 00:00:00 grep httpd
>
> I figured it was a weird situation so I tore out everything, and
> rebuilt from
> scratch. Twice, and yes, both times I md5summed the tarball.
>
> However, each time, if I don't start ssl, it works:
>
> #->/usr/sbin/httpd -k start
> #->ps -eaf | grep httpd
> root 19597 1 0 13:56 ? 00:00:00 /usr/sbin/httpd -k
> start nobody 19598 19597 0 13:56 ? 00:00:00 /usr/sbin/httpd
> -k start nobody 19599 19597 0 13:56 ? 00:00:00
> /usr/sbin/httpd -k start nobody 19600 19597 1 13:56 ?
> 00:00:00 /usr/sbin/httpd -k start root 19658 19172 0 13:56 pts/1
> 00:00:00 grep httpd
>
> and then, I can connect to localhost, but not to port 443, even though
> I have
> no firewall at all.
>
> #->/sbin/iptables --list
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
> #->/usr/bin/openssl s_client -connect localhost:80
> CONNECTED(00000003)
> 19856:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
> protocol:s23_clnt.c:460:
>
> #->/usr/bin/openssl s_client -connect localhost:443
> connect: Connection refused
> connect:errno=29
>
> The syntax seems to be OK; I haven't changed anything but what I
> mentioned above -
>
> #->/usr/sbin/httpd -t
> Syntax OK
> #->/usr/sbin/httpd -S
> VirtualHost configuration:
> Syntax OK
>
> I'm (obviously) new to this whole thing, so I'd be grateful if anyone
> who's been through this before can steer me in the right direction.
>
> Thanks for your time
>
> E
>
> -------------------------------------------------------
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
--
Aaron Stromas | "Tik-tik-tik!!!... ja, Pantani is weg..."
[EMAIL PROTECTED] | BRTN commentator
+1 (301) 493 4933 | L'Alpe d'Huez
http://www.izoard.com | 1995 Tour de France
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
