Re: [users@httpd] Probably small problem with SSL config
>When I try to connect with HTTPS, I get the error: > >“Unable to retrieve https:///: > >SSL error” Isn't everything working as designed, since it is unlikely that you have SSL certificate issued for ip address? Probably try to connect by domain name instead? -- With Best Regards, Marat Khalili - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Probably small problem with SSL config
I would agree that you should start by turning on logging. Do you get a slightly different error if you use a different browser? Firefox usually gives more detail than Internet Explorer. Better not to use in configuration you write yourself unless you need it for a specific reason. If you use it, then you won't know that the reason your system doesn't work is that the module is not loaded. If you don't include and the module is not loaded, HTTPD will give you an error when it starts up and you will know you need to fix it. This is particularly bad when an access control directive is in because it often results in all content becoming accessible to anyone if a module is missing. - Y Sent from a device with a very small keyboard and hyperactive autocorrect. On Feb 5, 2018 8:02 PM, "mlrx" wrote: Hello, Le 06/02/2018 à 01:02, Jeff Cauhape a écrit : > I’m setting up an Apache server 2.4.25 in our DMZ for the first time, > > and having an issue with getting SSL configured correctly. > > I am using links text based browser to connect from a second machine > […] > > > Is the directive "LogLevel" used with "debug" or more ? https://httpd.apache.org/docs/2.4/en/mod/core.html#loglevel The virtualhost can be included in "IfModule ssl_module" : Does it work without SSL ? I’m loading modules ssl_module, authn_dbm_module among others. > > The ssl directory is 755, root/root and the crt and key files are > daemon/root 644. > chown -Rfv apache_user:apache_group /srv/www/html/your_site/ (?) […] > > > Ideas? Suggestions where to look? > httpd -S ? Reload httpd daemon evry time you change somethings ? Firewall ? Thanks, > > Jeff Cauhape > Regards, -- benoist - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Probably small problem with SSL config
Hello, Le 06/02/2018 à 01:02, Jeff Cauhape a écrit : I’m setting up an Apache server 2.4.25 in our DMZ for the first time, and having an issue with getting SSL configured correctly. I am using links text based browser to connect from a second machine […] Is the directive "LogLevel" used with "debug" or more ? https://httpd.apache.org/docs/2.4/en/mod/core.html#loglevel The virtualhost can be included in "IfModule ssl_module" : Does it work without SSL ? I’m loading modules ssl_module, authn_dbm_module among others. The ssl directory is 755, root/root and the crt and key files are daemon/root 644. chown -Rfv apache_user:apache_group /srv/www/html/your_site/ (?) […] Ideas? Suggestions where to look? httpd -S ? Reload httpd daemon evry time you change somethings ? Firewall ? Thanks, Jeff Cauhape Regards, -- benoist - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] Probably small problem with SSL config
I'm setting up an Apache server 2.4.25 in our DMZ for the first time, and having an issue with getting SSL configured correctly. I am using links text based browser to connect from a second machine to the first machine. The connection works with HTTP but not with HTTPS. When I try to connect with HTTPS, I get the error: "Unable to retrieve https://https://%3cip> address>/: SSL error" Unfortunately I'm not finding any useful log information to help me figure out what I'm doing wrong. Here's the relevant bits from the httpd.conf file: SSLRandomSeed startup builtin SSLRandomSeed connect builtin SSLSessionCache dbm:/apps/apache_2.4.25/ssl/ssl_cache Listen 443 ServerName SSLEngineon SSLCertificateFile"/apps/apache_2.4.25/ssl/nvdetr.crt" SSLCertificateKeyFile "/apps/apache_2.4.25/ssl/nvdetr.key" I'm loading modules ssl_module, authn_dbm_module among others. The ssl directory is 755, root/root and the crt and key files are daemon/root 644. >From the error_log file: [Mon Feb 05 15:42:00.247694 2018] [mpm_event:notice] [pid 5604:tid 139772366497600] AH00489: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips configured -- resuming normal operations [Mon Feb 05 15:42:00.247945 2018] [core:notice] [pid 5604:tid 139772366497600] AH00094: Command line: '/apps/apache_2.4.25/bin/httpd' There is no HTTPS reference in the access_log file. The only references to http in /var/log/messages is referring to syslogd. The /var/log/dmesg just has boot info. nb - this is RHEL 7.4 Ideas? Suggestions where to look? Thanks, Jeff Cauhape IT Professional III Department of Employment, Training and Rehabilitation Phone 1-775-684-3804 Email: jpcauh...@nvdetr.org