I have had the same problem but just live with it. If I just start httpd
manualy (httpd -DSSL) it works but I can't get it to start from apachectl.
After the initial start though apachectl restart etc works fine. This has
been the case for me with 1.3.12, 1.3.14 and still with 1.3.17.
I am using a Thawte signed certificate if that makes any difference.
Kenny
On Fri, 23 Feb 2001, Colin McKinnon wrote:
> I got me apache (1.3.12) mod_ssl (2.6.5) openssl-0.9.4 and php (4.0.4) and
> have tried to install them following the instructions. But I can't get
> apache to run over ssl.
>
> Apache is working for http, and is correclty processing PHP files but I
> can't get https to work. I've generated my certificates (twice - forgot the
> pass-phrase I put on thme 1st time around) and their all in place I've
> added what I beleive are the relevant bits to my httpd.conf (see below). So
> now, when I run .../apachectl startssl, it asks for the passphrase, and
> sems to start OK, in the logs dir I can see ssl_engine_log,
> ssl_mutex.20753, ssl_request_log have appeared (only the former has
> anything in it). There's nothing to suggest anything is going wrong in the
> error_log. But there is nothing listening on the HTTPS port (443).
>
> Any help gratefully received.
>
> Colin
>
> The ssl_engine_log looks like this:
> [23/Feb/2001 14:34:34 20757] [info] Init: Seeding PRNG with 512 bytes of
> entrop
> y
> [23/Feb/2001 14:34:34 20757] [info] Init: Configuring temporary RSA
> private key
> s (512/1024 bits)
> [23/Feb/2001 14:34:34 20757] [info] Init: Configuring temporary DH
> parameters (
> 512/1024 bits)
> [23/Feb/2001 14:34:34 20757] [info] Init: Initializing (virtual) servers
> for SS
> L
> [23/Feb/2001 14:34:34 20757] [info] Init: Configuring server
> lonmay.wew.co.uk:4
> 43 for SSL protocol
> [23/Feb/2001 14:34:34 20757] [warn] Init: (lonmay.wew.co.uk:443) RSA
> server cer
> tificate CommonName (CN) `mail.wew.co.uk' does NOT match server name!?
> [23/Feb/2001 14:35:10 20816] [info] Server: Apache/1.3.12, Interface:
> mod_ssl/2
> .6.5, Library: OpenSSL/0.9.4
> [23/Feb/2001 14:35:10 20816] [info] Init: 1st startup round (still not
> detached
> )
> [23/Feb/2001 14:35:10 20816] [info] Init: Initializing OpenSSL library
> [23/Feb/2001 14:35:10 20816] [info] Init: Loading certificate & private
> key of
> SSL-aware server lonmay.wew.co.uk:443
> [23/Feb/2001 14:35:10 20816] [info] Init: Requesting pass phrase via
> builtin te
> rminal dialog
> [23/Feb/2001 14:35:13 20816] [info] Init: Wiped out the queried pass
> phrases fr
> om memory
> [23/Feb/2001 14:35:39 20816] [info] Init: Seeding PRNG with 512 bytes of
> entrop
> y
> [23/Feb/2001 14:35:39 20816] [info] Init: Generating temporary RSA private
> keys
> (512/1024 bits)
> [23/Feb/2001 14:35:40 20816] [info] Init: Configuring temporary DH
> parameters (
> 512/1024 bits)
>
> (both lonmay and mail are valid names for the server).
>
> my httpd.conf file looks like.....
>
> ...
> # <IfDefine SSL>
> AddModule mod_ssl.c
> # </IfDefine>
> ...
> <IfDefine SSL>
> AddType application/x-x509-ca-cert .crt
> AddType application/x-pkcs7-crl .crl
> </IfDefine>
>
> <IfModule mod_ssl.c>
> SSLPassPhraseDialog builtin
>
> SSLSessionCache dbm:/usr/local/apache/logs/ssl_scache
> SSLSessionCacheTimeout 300
>
> SSLMutex file:/usr/local/apache/logs/ssl_mutex
>
> SSLRandomSeed startup file:/dev/random 512
> SSLRandomSeed connect file:/dev/random 512
>
> # none, error, warn, info, trace, debug.
> SSLLog /usr/local/apache/logs/ssl_engine_log
> SSLLogLevel info
>
> </IfModule>
> <IfDefine SSL>
>
> ##
> ## SSL Virtual Host Context
> ##
>
> <VirtualHost lonmay.wew.co.uk:443>
>
> # General setup for the virtual host
> DocumentRoot "/home/httpd/secure"
>
> # following are same as main
> ServerName lonmay.wew.co.uk
> ServerAdmin [EMAIL PROTECTED]
> ErrorLog /usr/local/apache/logs/error_log
> TransferLog /usr/local/apache/logs/access_log
>
> # as far as I can tell the following are valid
> SSLEngine on
>
> SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
>
> SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
> SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
>
> <Files ~ "\.(cgi|shtml|phtml|php3?)$">
> SSLOptions +StdEnvVars
> </Files>
> <Directory "/usr/local/apache/cgi-bin">
> SSLOptions +StdEnvVars
> </Directory>
> SetEnvIf User-Agent ".*MSIE.*" \
> nokeepalive ssl-unclean-shutdown \
> downgrade-1.0 force-response-1.0
> CustomLog /usr/local/apache/logs/ssl_request_log \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>
> </VirtualHost>
> </IfDefine>
>
>
> --------------------------------------------------------------------
> http://www.lug.org.uk http://www.linuxportal.co.uk
> http://www.linuxjob.co.uk http://www.linuxshop.co.uk
> --------------------------------------------------------------------
>
--------------------------------------------------------------------
http://www.lug.org.uk http://www.linuxportal.co.uk
http://www.linuxjob.co.uk http://www.linuxshop.co.uk
--------------------------------------------------------------------
