Files:
-rw-r--r-- 1 root 859 Apr 3 11:45 /etc/apache2/ssl/crt/vhost1.crt
-rw-r--r-- 1 root 916 Apr 3 11:45 /etc/apache2/ssl/key/vhost1.key
So AFAIK I've got a certificate I've generated myself. Nobody vouches
for me but it shoud enable encryption and make my TCP/IP packets hard to
read.
Contents of /etc/apache2/ports.conf:
NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
Files:
-rw-r--r-- 1 andy 1439 Apr 3 14:48 /etc/apache2/sites-available/default
-rw-r--r-- 1 andy 7485 Jun 16 2011 /etc/apache2/sites-available/default-ssl
-rw-r--r-- 1 root 7469 Feb 7 2012
/etc/apache2/sites-available/default-ssl.original
-rw-r--r-- 1 root 950 Feb 7 2012
/etc/apache2/sites-available/default.original
I see here that /etc/apache2/sites-available has one symbolic link to
/etc/apache2/sites-available/default, and no symbolic links to any of
the other entries in the sites-available directory. Also all the other
entries in /etc/apache2/sites-available are symbolic links to
configuration files such as
lrwxrwxrwx 1 root 21 May 6 2012 /etc/apache2/sites-enabled/opal.conf ->
/www/opal/apache.conf
These links have been working fine for years as links into the site
control directory and not into 'sites-available'. But perhaps that is wrong.
Maybe what I need is a symbolic link from sites-enabled to
../sites-available/default-ssl ? Nope, tested, did not solve the problem....
When I give this command (as root) -
/etc/init.d/apache2 restart
I see only this output:
apache2: Could not reliably determine the server's fully qualified
domain name, using 192.168.1.112 for ServerName
... waiting apache2: Could not reliably determine the server's fully
qualified domain name, using 192.168.1.112 for ServerName
[ OK ]
But nmap still says that nothing is listening to port 443.
Thank you Oren.
On 04/03/2014 04:04 PM, Oren wrote:
> Hi Andy.
> Process basically include getting/creating a certificate, define it on
> your site and reload apache.
> here is a centos manual which is not exactly the same on ubuntu but
> pretty much explains the order of things
> http://wiki.centos.org/HowTos/Https
>
> on ubuntu you will have to open the 443 port
> <IfModule mod_ssl.c>
> Listen 443
> </IfModule>
>
> once the https is ready, you can do a redirect to the https site from
> http. (with mod_rewrite)
>
> do you have logs or any information on what is not working?
>
> Oren
>
> On 04/03/2014 11:39 AM, Andy Canfield wrote:
>> I have been using apache for maybe ten years now, and maintain two
>> servers in addition to the apache on my notebook computer for testing.
>> All using Ubuntu Linux *.04 LTS. It now appears that I ought to convert
>> from http to https.
>>
>> But the documentation is insane. A piece here, a piece there, have to do
>> X (but first? and afterwards?). Assuming everything is else is OK, this
>> is way you edit this line in VirtualHost file (there is no
>> "/etc/apache2/.../VirtualHost" file!)
>>
>> I figure that I need to do it in two steps:
>> [1] Get the https version up and running, and
>> [2] Make the http version automatically switch to https.
>>
>> But I can't get https working at all, for anything. There's a "Listen
>> 443" in /etc/apache2/ports.conf but 'nmap localhost' says 443 is a
>> closed port.
>>
>> Has anybody else ever converted a hosted site from http to https? What
>> did you have to do to get the secure one working?
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>> For additional commands, e-mail: users-h...@httpd.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>
> .
>
