OK - I think I found it.
For anyone trying to configure this there are aome pointers.
1) The httpsd.conf file found in the apache directory, typically in
/usr/local/apache_1.3.14/conf is not used. The server instead looks for
httpd.conf. You can grab the one Ben Laurie created and mofify it heavily. Pay
careful attention to the paths where things are found.
2) Ben has set up heap as his virtual machine. The server seems to key on the port
number as follows:
- standard http port is 80
- secure https port is 443
- you typically want the server to listen to both ports (and you can use Ben's 8887
and 8888 for testing if you wish)
- Apache is dumb as a brick and does NOT KNOW which protocol is running on which
port. You need to tell it like this.
Port 80
Listen 80
Listen 443
NameVirtualHost www.mydomain.com
<VirtualHost www.mydomain.com:80>
ServerAdmin [EMAIL PROTECTED]
DocumentRoot /webroot/
ServerName www.mydomain.com
ServerPath /mydomain
ErrorLog logs/error-log-mydomin
TransferLog logs/access-log-mydomin
SSLDisable
</VirtualHost>
When the http requst comes in on port 80 it is directed to a virtual host which does
NOT run https. If you do not do this then apache will fire the handshake into the
openSSL code and it will result in a trap in routine s23_srvr.c around line 285 or so.
Of course the error message will not clue you in to the fact that apache is trying to
feed http protocol into https code.
3) Debugging output is enabled in the code. Before you put it into production you
will probably want to disable it and recompile.
4) There is a LOT of configuration that you need to do.
5) Note: the above example has somne special directives that are designed for Name
Based Virtual Hosting. In particular the ServerPath directive allows you some support
for brain dead old browsers such the one shipped in OS/2. Read all about it in the
apache docs. It really does not belong in here but there's a tip anyway.
6) You do not seem to have to do any patching to openSSL 0.9.6 (0.9.5a does require
the patch)
If peeople want I'll document all this and put it up on my website. Just let me know.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]