Secure Apache Server with mod_ssl and openssl
Hi! RedHat Linux 7.1 Apache 1.3.19 Perl 5.005 mod_perl 1.24 embperl mod_ssl and openssl (precompiled from RedHat Linux 7.1) I'm trying to establish an SSL link between browser and apache web server. Before, I had a web page located in two different directories (bla/bla/htdocs/Intro and /bla/bla/htdocs/CIP). The idea is that the first directory should use the non-secure server and the second should use the secure server. I only want to use ONE ip-adress. I tried setting up the following environment in my httpd.conf file: Listen 443 DocumentRoot "/bla/bla/htdocs/CIP" ServerName localhost SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key Files ~ "\.(cgi|shtml)$"> SSLOptions +StdEnvVars SSLOptions +StdEnvVars SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown Error_log /var/log/httpd/ssl_error_log CustomLog /var/log/httpd/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" I'm also using AuthCookie to provide authentication procedure in order to enter the protected directory (/CIP). I specify the login handling procedures for ../CIP in the .htaccess file. I want to be able to access the unprotected documents(http://...) and from them, the protected documents(https://) without having to write https explicitly. But with the above configuration, none of the documents require SSL. When I add the following to my conf file before the virtual host, I get an error message saying "SSL connection required" in my error_log and I can't enter the protected directory. SSLrequireSSL Is this something I can specify in the browser I'm using? I'm using a self-signed certificate along with the generated key. Does anyone understand my dilemma? the ssl_error_log shows nothing and I can't enter https://localhost. I'd be grateful for any help on this matter. I've tried the RedHat secure web server tutorial but I still don't understand how to configure the webserver for the two different directories. Thanks, Emma
Apache::AuthCookie- help on "make test"
hi all! My settings: RedHat Linux7.1 Apache 1.3.19 Perl5.005 mod_perl1.24 embperl When I do "make test" during Apache::AuthCookie installation phase I get the following messages. I've included all input and output from the "perl Makefile.PL" and "make" commands. [root@localhost Apache-AuthCookie-2.011]# perl Makefile.PL For testing purposes, please give the full path to an httpd with mod_perl and at least the following hooks enabled: PERL_AUTHEN, PERL_AUTHZ, PERL_STACKED_HANDLERS, PERL_METHOD_HANDLERS. The path defaults to $ENV{APACHE}, if present. [/usr/lib/httpd/httpd]: /etc/rc.d/init.d/httpd User to run tests under [root]: apache Group to run tests under [apache]: apache Port to run tests under [8228]: Writing Makefile for Apache::AuthCookie [root@localhost Apache-AuthCookie-2.011]# make Manifying blib/man3/Apache::AuthCookie.3pm [root@localhost Apache-AuthCookie-2.011]# make test PERL_DL_NONLAZY=1 /usr/bin/perl -Iblib/arch -Iblib/lib -I/usr/lib/perl5/5.6.0/i386-linux -I/usr/lib/perl5/5.6.0 -e 'use Test::Harness qw(&runtests $verbose); $verbose=0; runtests @ARGV;' t/*.t t/real..ok 1/12Can't start httpd: Illegal seek at real.t line 171, line 4. t/real..dubious Test returned status 29 (wstat 7424, 0x1d00) DIED. FAILED tests 2-12 Failed 11/12 tests, 8.33% okay Failed Test Status Wstat Total Fail Failed List of failed --- t/real.t 29 742412 11 91.67% 2-12 Failed 1/1 test scripts, 0.00% okay. 11/12 subtests failed, 8.33% okay. make: *** [test_dynamic] Error 2 What am I doing wrong? Please help! Emma
using Apache::AuthCookie and Sample::AuthCookieHandler
hi! RedHat Linux 7.1 apache 1.3.19 perl 5 mod_perl 1.24 embperl (latest version) apache::authcookie (latest version) I found this great module that allows login and logout from a web site using cookies. the problem is that I don't know how to use it myself. Yes, I've read and reread the documentation that comes with installing the module. I want to get an authentication/authorization scheme going for my web page and I thought I'd get started just using the Sample::AuthCookieHandler package. Login.htm is page that displays a form where users can add their credentials. It also includes a hidden field, destination, where the path to the protected page is written, ../CIP/Welcome2.htm At /bla/bla/site/htdocs I have two directories. Intro, which doesn't require authentication/authorization and CIP, which DOES require it. this is how I've configured my httpd.conf file: PerlRequire /usr/src/Apache-AuthCookie-2.011/t/Sample/AuthCookieHandler.pm PerlSetVar /bla/bla/site/htdocs / PerlSetVar perl-script Intro/Login.htm AuthTypeSample::AuthCookieHandler AuthNameDarkness PerlAuthenHandler Sample::AuthCookieHandler->authenticate PerlAuthzHandlerSample::AuthCookieHandler->authorize require valid-user AuthTypeSample::AuthCookieHandler AuthNameDarkness PerlFixupHandlerSample::AuthCookieHandler->recognize_user AuthTypeSample::AuthCookieHandler AuthNameDarkness SetHandler perl-script PerlHandler Sample::AuthCookieHandler->login i don't know how to write the file LOGIN. What does it do? It is also located at /bla/bla/site/htdocs. My server complains that it doesn't have access to it but I've made sure that it is executable for all users. the login.htm page is accessed from the "unprotected" pages in the ../htdocs/Intro directory. I also don't understand how the subroutines are called. If I explicitly want to call login, which parameters do I use? How do I specify package name ($self) and apache request object ($r). I have not altered the subroutines in Apache::AuthCookie and Sample::AuthCookieHandler in any way. I hope there is anyone out there who feels like answering these, probably simple, questions. I've searched the archives already. Thanks for all help! Emma
simple question on installing and configuring
Hi! I want to add mod_perl to my apache server. However, I already have my server up and running and when I do: perl Makefile.PL I get a request for my apache source directory. I don't know where it is located so I just put: /usr/local/etc/apache. Now the procedure continues but I get an error message that the directory /modules/perl/mod_perl.c cannot be found in the Makefile.PL line 2226. how do I go about solving these problems? I tried moving mod_perl manually , but then I just get another error message. Do I have to write anything in the httpd.conf file? So far it has added the mod_perl.c in LoadModule and AddModule automatically. WHen I run the server I get an error message that it does not recognize the command PerlHandler. Why not? Lots of questions! I'd be grateful for at least one answer. Thanks, Emma