it looks as though ssl might not be enabled in the httpd.conf file.
do you have these statements included there:
LoadModule ssl_module libexec/libssl.so
AddModule mod_ssl.c
Thanks,
Ron DuFresne
On Mon, 17 Mar 2003, Mitchell, Edmund wrote:
> Hello all
>
> I just built from source apache 2 on RedHat 8 with this config:
> $->./configure --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin
> --sbindir=/usr/sbin --enable-mods-shared=all --enable-so --with-mpm=worker
> --enable-ssl --with-ssl=/usr/include/openssl
> --libexecdir=/usr/lib/httpd/modules --mandir=/usr/share/man
> --sysconfdir=/etc/httpd/conf --datadir=/var/www --localstatedir=/var
> --disable-imap --disable-dav --disable-dav_fs --disable-speling
> --disable-autoindex
>
> and it went smoothly, as did make and make install.
>
> I tried to startssl, but it complained about the cert and key file, so I
> built those using the makefile that RedHat provides to build dummy certs
> and
> keys, and that went smoothly. It then complained about the DocumentRoot,
> so
> I fixed that, and now it doesn't complain, but nothing happens.
>
> #->/usr/sbin/apachectl startssl
> #->ps -eaf | grep httpd
> root 19590 19172 0 13:53 pts/1 00:00:00 grep httpd
>
> #->/usr/sbin/httpd -DSSL
> #->ps -eaf | grep httpd
> root 19594 19172 0 13:53 pts/1 00:00:00 grep httpd
>
> I figured it was a weird situation so I tore out everything, and rebuilt
> from
> scratch. Twice, and yes, both times I md5summed the tarball.
>
> However, each time, if I don't start ssl, it works:
>
> #->/usr/sbin/httpd -k start
> #->ps -eaf | grep httpd
> root 19597 1 0 13:56 ? 00:00:00 /usr/sbin/httpd -k start
> nobody 19598 19597 0 13:56 ? 00:00:00 /usr/sbin/httpd -k start
> nobody 19599 19597 0 13:56 ? 00:00:00 /usr/sbin/httpd -k start
> nobody 19600 19597 1 13:56 ? 00:00:00 /usr/sbin/httpd -k start
> root 19658 19172 0 13:56 pts/1 00:00:00 grep httpd
>
> and then, I can connect to localhost, but not to port 443, even though I
> have
> no firewall at all.
>
> #->/sbin/iptables --list
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
> #->/usr/bin/openssl s_client -connect localhost:80
> CONNECTED(00000003)
> 19856:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
> protocol:s23_clnt.c:460:
>
> #->/usr/bin/openssl s_client -connect localhost:443
> connect: Connection refused
> connect:errno=29
>
> The syntax seems to be OK; I haven't changed anything but what I mentioned
> above -
>
> #->/usr/sbin/httpd -t
> Syntax OK
> #->/usr/sbin/httpd -S
> VirtualHost configuration:
> Syntax OK
>
> I'm (obviously) new to this whole thing, so I'd be grateful if anyone who's
> been through this before can steer me in the right direction.
>
> Thanks for your time
>
> E
>
> -------------------------------------------------------
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
