Re: Apache with mod_ssl
Are you quite certain that the LoadModule for mod_ssl has been commented out? The reason I ask: the output from 'apachectl start' which you provided below shows 'mod_ssl/2.2.4'. In the log file /opt/apache-2.2.4/logs/error_log, on lines that contain 'Apache/2.2.4' and 'configured -- resuming normal operations', do you see 'mod_ssl/2.2.4'? If so, it is still being loaded from somewhere in your configuration. Saikat Saha wrote: Sorry for late response on this one. This is what we have in httpd.conf which is generated at compile time. This problem does not go away even if I comment out last four lines and restart apache. Could you please advise what else could be leading apache to think it is https rather than http? # Secure (SSL/TLS) connections #Include conf/extra/httpd-ssl.conf # # Note: The following must must be present to support # starting without SSL on platforms with no /dev/random equivalent # but a statically compiled-in mod_ssl. # SSLRandomSeed startup builtin SSLRandomSeed connect builtin With above commented out, when I try to start apache, I get following passphrase prompt and apache does not start even after saying passphrase successful, no logs in logs directory although log level is "debug" ]# ./apachectl start httpd: Could not reliably determine the server's fully qualified domain name, using 10.3.110.109 for ServerName Apache/2.2.4 mod_ssl/2.2.4 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases. Server 10.3.110.109:443 (RSA) Enter pass phrase: OK: Pass Phrase Dialog successful. [EMAIL PROTECTED] bin]# Thanks you very much for your help. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet Sent: Monday, June 18, 2007 8:34 AM To: modssl-users@modssl.org Subject: Re: Apache with mod_ssl Do you have tags surrounding all SSL directives in your configuration file? For example: SSLPassPhraseDialog builtin # etc. Saikat Saha wrote:_module> Apache was compiled as below ./configure --with-ldap --enable-mods-shared="all ssl ldap cache proxy authn_alias mem_cache file_cache authnz_ldap charset_lite dav_lock disk_cache" --prefix=/opt/apache-2.2.4 Httpd -l gives below [EMAIL PROTECTED] bin]# httpd -l Compiled in modules: core.c prefork.c http_core.c mod_so.c How do I compile so that it does not load mod_ssl automatically and loads only if httpd.conf is configured. Surprisingly there are no error logs even at debug level. Thank you so very much for the kind help. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet Sent: Friday, June 15, 2007 4:13 PM To: modssl-users@modssl.org Subject: Re: Apache with mod_ssl Saikat Saha wrote: We have apache 2.2.4 compiled with all modules but commented out all load modules. Do not have anything in httpd.conf file to state that this is https. But when I start apache, it tries to goto https and prompts for pass phrase. How does apache determine that this is https whereas this is actually a http server. Perhaps mod_ssl is a compiled-in module. Run 'httpd -l' to check this. After I enter a passphrase, it shows successful but the server never starts up. Can someone please help? The reason probably can be found in Apache's error_log file. Also can apache support both http and https at different ports at the same time? Yes. The defaults are port 80 for http and port 443 for https. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
RE: SSL by Domain Name Error
I'll have a word with them tomorrow see what they say !!! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet Sent: 19 June 2007 17:28 To: modssl-users@modssl.org Subject: Re: SSL by Domain Name Error I'll bet you're right when you say your provider may not be forwarding https requests properly. I'd run this one past them and see what they have to say about it. Rob Archer wrote: > When accessing it by ip address using the debug option of openssl it > returns what you would expect (i.e. the text of the key certificate). > > When accessing by domain name it says :- > > Loading 'screen' into random state - done > Connect: bad file descriptor > Connect:errno=10060 > > > I assume this is the equivalent of the "Internet Explorer cannot > display the webpage" error in IE !!! > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet > Sent: 19 June 2007 17:07 > To: modssl-users@modssl.org > Subject: Re: Ref : RE: Ref : RE: Ref : RE: SSL by Domain Name Error > > > Rob Archer wrote: > >> No entry for https and domain name in the access.log and a "Internet >> Explorer cannot display the webpage" in ie when trying to get to the >> server. > > Do you have access to the openssl command line program? > It would tell you whether you are making a connection, and possibly > shed some light on the problem. Like this: > > openssl s_client -connect www.mydomain.com:443 -debug > GET / __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED] Click https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== NoIrNOBa4kXlVepWQxhvS70n7wnaGifHgxpDYH9XzgnhdWNGqAEoj0QjdX2jmb6nMJ8gJruT 33EzOK5GVXfbNyKb+LzKW!I6Mmqa51c3EUWCLSmoTIRNb1cRcyi5C3p!RNtjA2lYb5YgUOqG mlb5L!FRO2AUfWDh4BWlXfwQkELAaC8nK3p6uY3 to report this email as spam. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
Re: SSL by Domain Name Error
I'll bet you're right when you say your provider may not be forwarding https requests properly. I'd run this one past them and see what they have to say about it. Rob Archer wrote: When accessing it by ip address using the debug option of openssl it returns what you would expect (i.e. the text of the key certificate). When accessing by domain name it says :- Loading 'screen' into random state - done Connect: bad file descriptor Connect:errno=10060 I assume this is the equivalent of the "Internet Explorer cannot display the webpage" error in IE !!! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet Sent: 19 June 2007 17:07 To: modssl-users@modssl.org Subject: Re: Ref : RE: Ref : RE: Ref : RE: SSL by Domain Name Error Rob Archer wrote: No entry for https and domain name in the access.log and a "Internet Explorer cannot display the webpage" in ie when trying to get to the server. Do you have access to the openssl command line program? It would tell you whether you are making a connection, and possibly shed some light on the problem. Like this: openssl s_client -connect www.mydomain.com:443 -debug GET / __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
RE: SSL by Domain Name Error
When accessing it by ip address using the debug option of openssl it returns what you would expect (i.e. the text of the key certificate). When accessing by domain name it says :- Loading 'screen' into random state - done Connect: bad file descriptor Connect:errno=10060 I assume this is the equivalent of the "Internet Explorer cannot display the webpage" error in IE !!! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet Sent: 19 June 2007 17:07 To: modssl-users@modssl.org Subject: Re: Ref : RE: Ref : RE: Ref : RE: SSL by Domain Name Error Rob Archer wrote: > No entry for https and domain name in the access.log and a "Internet > Explorer cannot display the webpage" in ie when trying to get to the > server. Do you have access to the openssl command line program? It would tell you whether you are making a connection, and possibly shed some light on the problem. Like this: openssl s_client -connect www.mydomain.com:443 -debug GET / -- Omar W. Hannet http://www.allez-oop.net/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED] Click https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== fEC2jdu7IGByacx3ArIKIUT!lvVH!USL09885GdzcRHkJQbUg!t!lTlF8wvspJ8KRJ!C1T7b oyyYNM1LsOoq7xQn9PpPmf0RViWH8KrV2XgKm6g+xXis8qqUS8WsUnUSQI75M3p9YidETs!4 SYY9PML3cPraQ8WwaBWlXfwQkELAaC8nK3p6uY3 to report this email as spam. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
Re: Ref : RE: Ref : RE: Ref : RE: SSL by Domain Name Error
Rob Archer wrote: No entry for https and domain name in the access.log and a "Internet Explorer cannot display the webpage" in ie when trying to get to the server. Do you have access to the openssl command line program? It would tell you whether you are making a connection, and possibly shed some light on the problem. Like this: openssl s_client -connect www.mydomain.com:443 -debug GET / -- Omar W. Hannet http://www.allez-oop.net/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
RE: Ref : RE: Ref : RE: Ref : RE: SSL by Domain Name Error
I can't find an error in the error.log, access.log or ssl.log files. In the access.log file it logs :- When accessing the web site via http and the ip address 0.0.0.0 - - [19/Jun/2007:10:27:04 +0100] "GET / HTTP/1.1" 304 - When accessing the web site via https and the ip address 0.0.0.0 - - [19/Jun/2007:10:28:12 +0100] "GET / HTTP/1.1" 200 44 0.0.0.0 - - [19/Jun/2007:10:28:12 +0100] "GET /favicon.ico HTTP/1.1" 404 209 When accessing the web site via http and the domain name 0.0.0.0 - - [19/Jun/2007:10:28:39 +0100] "GET / HTTP/1.1" 304 - No entry for https and domain name in the access.log and a "Internet Explorer cannot display the webpage" in ie when trying to get to the server. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 19 June 2007 10:08 To: modssl-users@modssl.org Subject: Ref : RE: Ref : RE: Ref : RE: SSL by Domain Name Error What is the message in apache error log file ? Abel NIVAULT Inspecteur PSE- PSN-CT - CSI LYON [EMAIL PROTECTED] "Rob Archer" <[EMAIL PROTECTED]> Envoyé par : [EMAIL PROTECTED] 19/06/2007 11:05 Veuillez répondre à modssl-users Pour : cc : Objet : RE: Ref : RE: Ref : RE: SSL by Domain Name Error ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key This is exactly how I've got it set up and unfortunately I can't use SSL through my domain name (https://www.mydomain.com) but can access it via my ip address (https://1.2.3.4). -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 19 June 2007 09:53 To: modssl-users@modssl.org Subject: Ref : RE: Ref : RE: SSL by Domain Name Error No, you speak here about the url to access your web server. What I ment is : when you configure your virtual host in httpd.conf, if you want it to run in https mod, you have to set up the virtual host directive with an IP an not with a host name: ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key will work ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key will not Abel NIVAULT Inspecteur PSE- PSN-CT - CSI LYON [EMAIL PROTECTED] "Rob Archer" <[EMAIL PROTECTED]> Envoyé par : [EMAIL PROTECTED] 19/06/2007 10:08 Veuillez répondre à modssl-users Pour : cc : Objet : RE: Ref : RE: SSL by Domain Name Error I read this on other posts, so does that mean I'll never be able to configure my apache set up to be accessed like this :- https:\\www.mydomain.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 19 June 2007 08:47 To: modssl-users@modssl.org Cc: modssl-users@modssl.org; [EMAIL PROTECTED] Subject: Ref : RE: SSL by Domain Name Error Virutal host name based doesn't work with ssl mod you must configure ssl with ip based virtual hosts Abel NIVAULT Inspecteur PSE- PSN-CT - CSI LYON [EMAIL PROTECTED] "Rob Archer" <[EMAIL PROTECTED]> Envoyé par : [EMAIL PROTECTED] 18/06/2007 18:30 Veuillez répondre à modssl-users Pour : cc : Objet : RE: SSL by Domain Name Error Unfortunately exactly the same, I've even put the domain name as the virtual host and it behaves the same !!! (i.e ) I was thinking that the way the web server is set up is by "web forwarding", where the holders of our domain name forward requests onto the ip address of our web server. This works for http, could it be possible that something needs configuring at the company that holds our domain name (easily.co.uk) to forward on https requests, or is that a real long shot ? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet Sent: 18 June 2007 17:06 To: modssl-users@modssl.org Subject: Re: SSL by Domain Name Error What's the result when you set ServerName to your domain name within the virtual host?: ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key Rob Archer wrote: > Thanks for the response, I'm using the following in the httpd.conf > file:- > > > SSLMutex default > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > SSLSessionCache none > ErrorLog logs/ssl.log > LogLevel info > > > > SSLEngine On > SSLCertificateFile conf/ssl/server.crt > SSLCertificateKeyFile conf/ssl/server.key > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet > Sent: 18 June 2007 16:13 > To: modssl-users@modssl.org > Subject: Re: SSL by Domain Name Error > > > Rob Archer wrote: >> Anybody have any suggestions ? > >> Have created the key through open ssl and configured apache (using >> http://raibledesigns.com/wiki/Wiki.js
Ref : RE: Ref : RE: Ref : RE: SSL by Domain Name Error
What is the message in apache error log file ? Abel NIVAULT Inspecteur PSE- PSN-CT - CSI LYON [EMAIL PROTECTED] "Rob Archer" <[EMAIL PROTECTED]> Envoyé par : [EMAIL PROTECTED] 19/06/2007 11:05 Veuillez répondre à modssl-users Pour : cc : Objet : RE: Ref : RE: Ref : RE: SSL by Domain Name Error ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key This is exactly how I've got it set up and unfortunately I can't use SSL through my domain name (https://www.mydomain.com) but can access it via my ip address (https://1.2.3.4). -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 19 June 2007 09:53 To: modssl-users@modssl.org Subject: Ref : RE: Ref : RE: SSL by Domain Name Error No, you speak here about the url to access your web server. What I ment is : when you configure your virtual host in httpd.conf, if you want it to run in https mod, you have to set up the virtual host directive with an IP an not with a host name: ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key will work ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key will not Abel NIVAULT Inspecteur PSE- PSN-CT - CSI LYON [EMAIL PROTECTED] "Rob Archer" <[EMAIL PROTECTED]> Envoyé par : [EMAIL PROTECTED] 19/06/2007 10:08 Veuillez répondre à modssl-users Pour : cc : Objet : RE: Ref : RE: SSL by Domain Name Error I read this on other posts, so does that mean I'll never be able to configure my apache set up to be accessed like this :- https:\\www.mydomain.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 19 June 2007 08:47 To: modssl-users@modssl.org Cc: modssl-users@modssl.org; [EMAIL PROTECTED] Subject: Ref : RE: SSL by Domain Name Error Virutal host name based doesn't work with ssl mod you must configure ssl with ip based virtual hosts Abel NIVAULT Inspecteur PSE- PSN-CT - CSI LYON [EMAIL PROTECTED] "Rob Archer" <[EMAIL PROTECTED]> Envoyé par : [EMAIL PROTECTED] 18/06/2007 18:30 Veuillez répondre à modssl-users Pour : cc : Objet : RE: SSL by Domain Name Error Unfortunately exactly the same, I've even put the domain name as the virtual host and it behaves the same !!! (i.e ) I was thinking that the way the web server is set up is by "web forwarding", where the holders of our domain name forward requests onto the ip address of our web server. This works for http, could it be possible that something needs configuring at the company that holds our domain name (easily.co.uk) to forward on https requests, or is that a real long shot ? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet Sent: 18 June 2007 17:06 To: modssl-users@modssl.org Subject: Re: SSL by Domain Name Error What's the result when you set ServerName to your domain name within the virtual host?: ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key Rob Archer wrote: > Thanks for the response, I'm using the following in the httpd.conf > file:- > > > SSLMutex default > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > SSLSessionCache none > ErrorLog logs/ssl.log > LogLevel info > > > > SSLEngine On > SSLCertificateFile conf/ssl/server.crt > SSLCertificateKeyFile conf/ssl/server.key > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet > Sent: 18 June 2007 16:13 > To: modssl-users@modssl.org > Subject: Re: SSL by Domain Name Error > > > Rob Archer wrote: >> Anybody have any suggestions ? > >> Have created the key through open ssl and configured apache (using >> http://raibledesigns.com/wiki/Wiki.jsp?page=ApacheSSL > instructions) and >> can access https via the IP address of the web server but not the >> domain name. When trying to get the to the webserver via the > domain >> name through https it says internet explorer cannot display this > web >> page. Using the normal http protocol I can get the "It Works" page >> through both IP address and domain name. >> >> Have tried to get around this by fiddling about with the virtual >> hosts settings but haven't found any solution. Can anyone help >> !!! > > You might try adding a NameVirtualHost directive: > > NameVirtualHost 1.2.3.4:443 > > (Your own IP address in place of '1.2.3.4'.) > > If that doesn't help, please show us the block for this > domain in your current Apache configuration. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.or
RE: Ref : RE: Ref : RE: SSL by Domain Name Error
ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key This is exactly how I've got it set up and unfortunately I can't use SSL through my domain name (https://www.mydomain.com) but can access it via my ip address (https://1.2.3.4). -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 19 June 2007 09:53 To: modssl-users@modssl.org Subject: Ref : RE: Ref : RE: SSL by Domain Name Error No, you speak here about the url to access your web server. What I ment is : when you configure your virtual host in httpd.conf, if you want it to run in https mod, you have to set up the virtual host directive with an IP an not with a host name: ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key will work ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key will not Abel NIVAULT Inspecteur PSE- PSN-CT - CSI LYON [EMAIL PROTECTED] "Rob Archer" <[EMAIL PROTECTED]> Envoyé par : [EMAIL PROTECTED] 19/06/2007 10:08 Veuillez répondre à modssl-users Pour : cc : Objet : RE: Ref : RE: SSL by Domain Name Error I read this on other posts, so does that mean I'll never be able to configure my apache set up to be accessed like this :- https:\\www.mydomain.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 19 June 2007 08:47 To: modssl-users@modssl.org Cc: modssl-users@modssl.org; [EMAIL PROTECTED] Subject: Ref : RE: SSL by Domain Name Error Virutal host name based doesn't work with ssl mod you must configure ssl with ip based virtual hosts Abel NIVAULT Inspecteur PSE- PSN-CT - CSI LYON [EMAIL PROTECTED] "Rob Archer" <[EMAIL PROTECTED]> Envoyé par : [EMAIL PROTECTED] 18/06/2007 18:30 Veuillez répondre à modssl-users Pour : cc : Objet : RE: SSL by Domain Name Error Unfortunately exactly the same, I've even put the domain name as the virtual host and it behaves the same !!! (i.e ) I was thinking that the way the web server is set up is by "web forwarding", where the holders of our domain name forward requests onto the ip address of our web server. This works for http, could it be possible that something needs configuring at the company that holds our domain name (easily.co.uk) to forward on https requests, or is that a real long shot ? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet Sent: 18 June 2007 17:06 To: modssl-users@modssl.org Subject: Re: SSL by Domain Name Error What's the result when you set ServerName to your domain name within the virtual host?: ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key Rob Archer wrote: > Thanks for the response, I'm using the following in the httpd.conf > file:- > > > SSLMutex default > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > SSLSessionCache none > ErrorLog logs/ssl.log > LogLevel info > > > > SSLEngine On > SSLCertificateFile conf/ssl/server.crt > SSLCertificateKeyFile conf/ssl/server.key > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet > Sent: 18 June 2007 16:13 > To: modssl-users@modssl.org > Subject: Re: SSL by Domain Name Error > > > Rob Archer wrote: >> Anybody have any suggestions ? > >> Have created the key through open ssl and configured apache (using >> http://raibledesigns.com/wiki/Wiki.jsp?page=ApacheSSL > instructions) and >> can access https via the IP address of the web server but not the >> domain name. When trying to get the to the webserver via the > domain >> name through https it says internet explorer cannot display this > web >> page. Using the normal http protocol I can get the "It Works" page >> through both IP address and domain name. >> >> Have tried to get around this by fiddling about with the virtual >> hosts settings but haven't found any solution. Can anyone help >> !!! > > You might try adding a NameVirtualHost directive: > > NameVirtualHost 1.2.3.4:443 > > (Your own IP address in place of '1.2.3.4'.) > > If that doesn't help, please show us the block for this > domain in your current Apache configuration. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED] Click https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== 1zjrSD8hWEe96repmpaOSdLMvmLORniQDfYJTSjBfD!nkU9R0u8dlLFoNT85Zo6jf9yegQzk pg9iGvxGJKsNeMk8vpdiUWF8qBDGGfaGgdaAcnXV!xUKnI0XzkSD3mUR0s
Ref : RE: Ref : RE: SSL by Domain Name Error
No, you speak here about the url to access your web server. What I ment is : when you configure your virtual host in httpd.conf, if you want it to run in https mod, you have to set up the virtual host directive with an IP an not with a host name: ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key will work ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key will not Abel NIVAULT Inspecteur PSE- PSN-CT - CSI LYON [EMAIL PROTECTED] "Rob Archer" <[EMAIL PROTECTED]> Envoyé par : [EMAIL PROTECTED] 19/06/2007 10:08 Veuillez répondre à modssl-users Pour : cc : Objet : RE: Ref : RE: SSL by Domain Name Error I read this on other posts, so does that mean I'll never be able to configure my apache set up to be accessed like this :- https:\\www.mydomain.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 19 June 2007 08:47 To: modssl-users@modssl.org Cc: modssl-users@modssl.org; [EMAIL PROTECTED] Subject: Ref : RE: SSL by Domain Name Error Virutal host name based doesn't work with ssl mod you must configure ssl with ip based virtual hosts Abel NIVAULT Inspecteur PSE- PSN-CT - CSI LYON [EMAIL PROTECTED] "Rob Archer" <[EMAIL PROTECTED]> Envoyé par : [EMAIL PROTECTED] 18/06/2007 18:30 Veuillez répondre à modssl-users Pour : cc : Objet : RE: SSL by Domain Name Error Unfortunately exactly the same, I've even put the domain name as the virtual host and it behaves the same !!! (i.e ) I was thinking that the way the web server is set up is by "web forwarding", where the holders of our domain name forward requests onto the ip address of our web server. This works for http, could it be possible that something needs configuring at the company that holds our domain name (easily.co.uk) to forward on https requests, or is that a real long shot ? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet Sent: 18 June 2007 17:06 To: modssl-users@modssl.org Subject: Re: SSL by Domain Name Error What's the result when you set ServerName to your domain name within the virtual host?: ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key Rob Archer wrote: > Thanks for the response, I'm using the following in the httpd.conf > file:- > > > SSLMutex default > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > SSLSessionCache none > ErrorLog logs/ssl.log > LogLevel info > > > > SSLEngine On > SSLCertificateFile conf/ssl/server.crt > SSLCertificateKeyFile conf/ssl/server.key > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet > Sent: 18 June 2007 16:13 > To: modssl-users@modssl.org > Subject: Re: SSL by Domain Name Error > > > Rob Archer wrote: >> Anybody have any suggestions ? > >> Have created the key through open ssl and configured apache (using >> http://raibledesigns.com/wiki/Wiki.jsp?page=ApacheSSL > instructions) and >> can access https via the IP address of the web server but not the >> domain name. When trying to get the to the webserver via the > domain >> name through https it says internet explorer cannot display this > web >> page. Using the normal http protocol I can get the "It Works" page >> through both IP address and domain name. >> >> Have tried to get around this by fiddling about with the virtual >> hosts settings but haven't found any solution. Can anyone help >> !!! > > You might try adding a NameVirtualHost directive: > > NameVirtualHost 1.2.3.4:443 > > (Your own IP address in place of '1.2.3.4'.) > > If that doesn't help, please show us the block for this > domain in your current Apache configuration. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED] Click https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== 1zjrSD8hWEe96repmpaOSdLMvmLORniQDfYJTSjBfD!nkU9R0u8dlLFoNT85Zo6jf9yegQzk pg9iGvxGJKsNeMk8vpdiUWF8qBDGGfaGgdaAcnXV!xUKnI0XzkSD3mUR0s5mD0+fIpcaD4yO 5vBMHXJE1FQ0bouh7TVke8vo28dsfWWo4QK!9LC to report this email as spam. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Supp
RE: Ref : RE: SSL by Domain Name Error
I read this on other posts, so does that mean I'll never be able to configure my apache set up to be accessed like this :- https:\\www.mydomain.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 19 June 2007 08:47 To: modssl-users@modssl.org Cc: modssl-users@modssl.org; [EMAIL PROTECTED] Subject: Ref : RE: SSL by Domain Name Error Virutal host name based doesn't work with ssl mod you must configure ssl with ip based virtual hosts Abel NIVAULT Inspecteur PSE- PSN-CT - CSI LYON [EMAIL PROTECTED] "Rob Archer" <[EMAIL PROTECTED]> Envoyé par : [EMAIL PROTECTED] 18/06/2007 18:30 Veuillez répondre à modssl-users Pour : cc : Objet : RE: SSL by Domain Name Error Unfortunately exactly the same, I've even put the domain name as the virtual host and it behaves the same !!! (i.e ) I was thinking that the way the web server is set up is by "web forwarding", where the holders of our domain name forward requests onto the ip address of our web server. This works for http, could it be possible that something needs configuring at the company that holds our domain name (easily.co.uk) to forward on https requests, or is that a real long shot ? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet Sent: 18 June 2007 17:06 To: modssl-users@modssl.org Subject: Re: SSL by Domain Name Error What's the result when you set ServerName to your domain name within the virtual host?: ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key Rob Archer wrote: > Thanks for the response, I'm using the following in the httpd.conf > file:- > > > SSLMutex default > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > SSLSessionCache none > ErrorLog logs/ssl.log > LogLevel info > > > > SSLEngine On > SSLCertificateFile conf/ssl/server.crt > SSLCertificateKeyFile conf/ssl/server.key > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet > Sent: 18 June 2007 16:13 > To: modssl-users@modssl.org > Subject: Re: SSL by Domain Name Error > > > Rob Archer wrote: >> Anybody have any suggestions ? > >> Have created the key through open ssl and configured apache (using >> http://raibledesigns.com/wiki/Wiki.jsp?page=ApacheSSL > instructions) and >> can access https via the IP address of the web server but not the >> domain name. When trying to get the to the webserver via the > domain >> name through https it says internet explorer cannot display this > web >> page. Using the normal http protocol I can get the "It Works" page >> through both IP address and domain name. >> >> Have tried to get around this by fiddling about with the virtual >> hosts settings but haven't found any solution. Can anyone help >> !!! > > You might try adding a NameVirtualHost directive: > > NameVirtualHost 1.2.3.4:443 > > (Your own IP address in place of '1.2.3.4'.) > > If that doesn't help, please show us the block for this > domain in your current Apache configuration. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED] Click https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== 1zjrSD8hWEe96repmpaOSdLMvmLORniQDfYJTSjBfD!nkU9R0u8dlLFoNT85Zo6jf9yegQzk pg9iGvxGJKsNeMk8vpdiUWF8qBDGGfaGgdaAcnXV!xUKnI0XzkSD3mUR0s5mD0+fIpcaD4yO 5vBMHXJE1FQ0bouh7TVke8vo28dsfWWo4QK!9LC to report this email as spam. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
Ref : RE: SSL by Domain Name Error
Virutal host name based doesn't work with ssl mod you must configure ssl with ip based virtual hosts Abel NIVAULT Inspecteur PSE- PSN-CT - CSI LYON [EMAIL PROTECTED] "Rob Archer" <[EMAIL PROTECTED]> Envoyé par : [EMAIL PROTECTED] 18/06/2007 18:30 Veuillez répondre à modssl-users Pour : cc : Objet : RE: SSL by Domain Name Error Unfortunately exactly the same, I've even put the domain name as the virtual host and it behaves the same !!! (i.e ) I was thinking that the way the web server is set up is by "web forwarding", where the holders of our domain name forward requests onto the ip address of our web server. This works for http, could it be possible that something needs configuring at the company that holds our domain name (easily.co.uk) to forward on https requests, or is that a real long shot ? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet Sent: 18 June 2007 17:06 To: modssl-users@modssl.org Subject: Re: SSL by Domain Name Error What's the result when you set ServerName to your domain name within the virtual host?: ServerName example.com SSLEngine On SSLCertificateFile conf/ssl/server.crt SSLCertificateKeyFile conf/ssl/server.key Rob Archer wrote: > Thanks for the response, I'm using the following in the httpd.conf > file:- > > > SSLMutex default > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > SSLSessionCache none > ErrorLog logs/ssl.log > LogLevel info > > > > SSLEngine On > SSLCertificateFile conf/ssl/server.crt > SSLCertificateKeyFile conf/ssl/server.key > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Omar W. Hannet > Sent: 18 June 2007 16:13 > To: modssl-users@modssl.org > Subject: Re: SSL by Domain Name Error > > > Rob Archer wrote: >> Anybody have any suggestions ? > >> Have created the key through open ssl and configured apache (using >> http://raibledesigns.com/wiki/Wiki.jsp?page=ApacheSSL > instructions) and >> can access https via the IP address of the web server but not the >> domain name. When trying to get the to the webserver via the > domain >> name through https it says internet explorer cannot display this > web >> page. Using the normal http protocol I can get the "It Works" page >> through both IP address and domain name. >> >> Have tried to get around this by fiddling about with the virtual >> hosts settings but haven't found any solution. Can anyone help >> !!! > > You might try adding a NameVirtualHost directive: > > NameVirtualHost 1.2.3.4:443 > > (Your own IP address in place of '1.2.3.4'.) > > If that doesn't help, please show us the block for this > domain in your current Apache configuration. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED] Click https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== 1zjrSD8hWEe96repmpaOSdLMvmLORniQDfYJTSjBfD!nkU9R0u8dlLFoNT85Zo6jf9yegQzk pg9iGvxGJKsNeMk8vpdiUWF8qBDGGfaGgdaAcnXV!xUKnI0XzkSD3mUR0s5mD0+fIpcaD4yO 5vBMHXJE1FQ0bouh7TVke8vo28dsfWWo4QK!9LC to report this email as spam. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]