Josh, If you are running Apache 1.3 then I am not sure why it would tell you that you are loading the module twice unless you included the line you listed below, "LoadModule ssl_module /usr/lib/apache/1.3/mod_ssl.so" twice in your httpd.conf file.
My old Apache 1.3 httpd.conf file (that seemed to work fine before I upgraded to Apache 2.0) had the following SSL related items in it. ##################################################################### <IfDefine HAVE_SSL> LoadModule ssl_module modules/libssl.so </IfDefine> <IfDefine HAVE_SSL> AddModule mod_ssl.c </IfDefine> <IfDefine HAVE_SSL> Listen 443 SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key ##################################################################### Run the following command to ensure that your httpd.conf file is configured correctly without any errors: apachectl configtest If everything is ok it will say, "Syntax OK". If there is an error in your config file it should let you know. If you try to restart apache with an error in your config file then it will most likely fail to start. Also try checking your logs when you start to see if it mentions anything about SSL starting successfully or failing, and review your ssl log when you open an SSL page to see if any errors appear there. I configured my server so that a password is not required when I restart my server or apache. I read the RedHat documentation on SSL to figure out how to configure it that way. I would recommend it, since it may uncover what your problem is. The RedHat 7.3 reference manual has information on configuring SSL for Apache 1.3. Search for SSL on the following web site: (1.4 MB pdf file) http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/pdf/rhl-rg-en-73.pdf If Debian has any online documentation then you may try looking through that for information on how to configure SSL). Based upon what I read from the previous document (or a similar one for RH8 or RH9), I made the following reference notes on how to create a certificate that does not require a password: # Remove your previous SSL key rm /etc/httpd/conf/ssl.key/server.key # Remove you old SSL certificate rm /etc/httpd/conf/ssl.crt/server.crt # Create a server key that does not require a passphrase when booting up /usr/bin/openssl genrsa 1024 > /etc/httpd/conf/ssl.key/server.key chmod go-rwx /etc/httpd/conf/ssl.key/server.key # Create a self-signed certificate by answering the questions asked cd /usr/share/ssl/certs make testcert #restart your apache server apachectl restart # Open your SSL page to test it. # If I remember correctly, you may have to restart your whole server for your SSL certificate to take effect Apache 1.3 As for your web browser not asking you if you want to accept the certificate that you created, you may have inadvertently clicked a button to install the certificate or accept it for all future visits instead of for that single visit. Try visiting your web site using a different browser (IE, Firefox, or Netscape) or try it on a different computer. My browser continues to prompt me that it cannot verify the identity of my certificate, since I have not registered it with a certificate authority like Verisign or Thawte. -----Original Message----- From: Josh Ricker [mailto:[EMAIL PROTECTED] Sent: Thursday, June 30, 2005 10:59 AM To: [EMAIL PROTECTED] Subject: [RE:] Apache OpenSSL Hey Dave, thanks for the reply. I am still running Apache 1.3. I commented out this line in my httpd.conf file. LoadModule ssl_module /usr/lib/apache/1.3/mod_ssl.so Is that the line that you were talking about? Also, do you have to enter the password for your ssl certificate every time you restart your server? And, when I visit my site it never asks me if I want to accept the certificate that I created. Does that mean that I did something wrong? thanks again, Josh ______________________________ Josh, I am running Apache 2.0, and I had a similar problem when I upgraded from Apache 1.3. Apache 2.0 breaks out many of the configuration options into separate files located in the conf.d directory, and the default Apache 2.0 httpd.conf file has the following line, "Include conf.d/*.conf" that includes each of these files. One of these new configuration files is "conf.d/ssl.conf", which loads the ssl_module. You are probably including the ssl_module in your httpd.conf file, which will result in it being loaded twice. Delete any ssl references from your httpd.conf file, and it should work fine. All ssl references should be in "conf.d/ssl.conf" not httpd.conf. You may want to make a backup copy of the httpd.conf file and conf.d/ssl.conf file before you start changing things. Good luck getting it to work. Dave -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/
