RE: [users@httpd] Configuration Errors on SSL+Apache 2.2 +mod_jk +Tomcat 5.5

Mon, 21 Jul 2008 10:45:50 -0700 

Hi MK, 

   Correct. 

   In that case, discard your current installation, get the source code
and compile your own version of apache. You will have to do a good
amount of reading to understand all the options for compiling and then
running Apache. The documentation is pretty good as well as the help
from the commands. (E.g. configure -help). 

   You can compile modules to be linked statically or for dynamic
loading. I think dynamic loading is better.  In order to compile, you
may need some other libraries (you may get errors during the configure
phase or while compiling).

 

-Jorge

 

________________________________

From: kohanm [mailto:[EMAIL PROTECTED] 
Sent: Monday, July 21, 2008 11:30 AM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] Configuration Errors on SSL+Apache 2.2
+mod_jk +Tomcat 5.5

 

I do not have mod_ssl.so under Apache/modules. I downloaded Apache 2.2
the binary version and then the  jk_module  separately.

I read from different sources that I have to install Apache 2.2.* from
source than I have to enable mod_ssl  and there is not any separate SSL
module for Apache 2.2. am I  right?

MK



 

On 7/21/08, Jorge Medina <[EMAIL PROTECTED]> wrote: 

Depending on your flavor of Linux and how you got Apache, you may
already have the mod_ssl module and you may need just to load it. 

Check if the file mod_ssl.so already exists on the directory where
apache is installed.

 

________________________________

From: kohanm [mailto:[EMAIL PROTECTED] 
Sent: Friday, July 18, 2008 6:26 PM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] Configuration Errors on SSL+Apache 2.2
+mod_jk +Tomcat 5.5

 

Thanks for your reply:
 


 

        Did you enable (LoadModule) the ssl module ? 

No, I thought the only thing that I have to do is to modify on
httpd.conf :

include  conf/extra/httpd-ssl.conf

 

I have linux binary version so,  do I have to download the ssl_module?
and then

add it  to the   httpd.conf :

LoadModule ssl_module modules/mod_ssl.so

 


 

         

        How did you get your certificate and key? Is your public key
protected by a password ? If not, you don't need to include the
SSLPassPhraseDialog directive.

 

After creating key,csr then sent to Thawte. I got certificate form
Thawte and the key and certificate are on the conf file.

I am not sure if the public key is protected by a passowd.

 

Thanks,

MK
 

         

         

         

         

        
________________________________


        From: kohanm [mailto:[EMAIL PROTECTED] 
        Sent: Friday, July 18, 2008 4:35 PM
        To: users@httpd.apache.org
        Subject: [EMAIL PROTECTED] Configuration Errors on SSL+Apache 2.2
+mod_jk +Tomcat 5.5

         

        Hi,

         

        I'am having probem to configure the SSL with the  Apache 2.2
+mod_jk +Tomcat 5.5.

        Without SSL implementation the Tomcat 5.5 +Apache2.2 + mod_k
works fine.

        For implementing the SSL first I take it out the  # from Include
ssl:
        Include conf/extra/httpd-ssl.conf 
        and also in the httpd-ssl.conf file I modified these lines:
        ServerName  mydomain:443
        SSLCertificateFile "/usr/local/apache2/conf/server.crt"
        SSLCertificateKeyFile "/usr/local/apache2/conf/sever.key" 

         When I run apachectl after running tomcat,  I get these ERRORs:
        [Fri Jul 18 13:22:20 2008] [warn] Useless use of AllowOverride
in line 114.
        Syntax error on line 57 of
/usr/local/apache2/conf/extra/httpd-ssl.conf:
        Invalid command 'SSLPassPhraseDialog', perhaps misspelled or
defined by a module not included in the server configuration

        
        Here the httdf.conf file(short describtion):

        Listen  mydomainIP:80
         LoadModule jk_module modules/mod_jk-apache-2.2.4.so
<http://mod_jk-apache-2.2.4.so/>  

         

        <IfModule mod_jk.c>

        JkWorkersFile conf/workers.properties
        JkLogFile logs/mod_jk.log
        JkLogLevel error
        JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
        JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
        JkRequestLogFormat "%w %V %T"

         

        Alias /list  "/usr/local/jakarta-tomcat/webapps/list/"

         <Directory "/usr/local/jakarta-tomcat/webapps/list/">
                Options Indexes +FollowSymLinks
                AllowOverride None
                Allow from all
            </Directory>

         
        Alias /example  "/usr/local/jakarta-tomcat/webapps/example/"

         <Directory "/usr/local/jakarta-tomcat/webapps/example/">
                Options Indexes +FollowSymLinks
                AllowOverride None
                Allow from all
            </Directory>

        
            <Location "/*/WEB-INF/*">
                AllowOverride None
                deny from all
            </Location>

        
         JkMount  /list/*  example
         JkMount /example/* example

        </IfModule>

        
        # Secure (SSL/TLS) connections
        Include conf/extra/httpd-ssl.conf

        <IfModule ssl_module>
        SSLRandomSeed startup builtin
        SSLRandomSeed connect builtin
        </IfModule>

         

        
        ____________________

        in the httpd-ssl.conf file the only lines that I changed from
default are :

        ServerName  mydomain:443
        SSLCertificateFile "/usr/local/apache2/conf/server.crt"
        SSLCertificateKeyFile "/usr/local/apache2/conf/sever.key"

         

        Thanks for your help,

        MK
         




-- 
Massoud 




-- 
Massoud

Reply via email to