LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] apache2 & mod_ssl

[ILUG] apache2 & mod_ssl

Bernhard Rohrer graylion at sm-wg.net
Fri Apr 7 22:16:10 IST 2006 

I can hear the groan already ;)

I followed this http://dejavu.mu.nu/archives/080566.php

OS is Ubuntu hoary

and my /etc/apache2/ssl looks like this

root at serf:/etc/apache2/ssl # ls -al
total 24
drwxr-xr-x  2 root     root 4096 2006-04-07 21:42 .
drwxr-xr-x  8 root     root 4096 2006-03-23 15:10 ..
-rw-rw----  1 root     root 2224 2006-03-29 09:45 ca.pem
-rw-rw----  1 www-data root 7627 2006-04-07 21:29 cert.pem
lrwxrwxrwx  1 root     root   28 2006-04-07 20:33 crl -> 
/usr/lib/ssl/misc/demoCA/crl
-rw-rw----  1 www-data root 3243 2006-04-07 21:32 req.pem

the vhost section reads like this:

<virtualhost *:443>

         #  General setup for the virtual host
         DocumentRoot "/srv/www/www.sm-wg.net"
         ServerName www.sm-wg.net
         ServerAdmin webmaster at sm-wg.net
         ErrorLog /var/log/apache2/www.sm-wg.net.443.error_log
         TransferLog /var/log/apache2/www.sm-wg.net.443.access_log

         SSLEngine on

         SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+SSLv2:+EXP:+eNULL


         SSLCertificateFile /etc/apache2/ssl/cert.pem
         #SSLPassPhraseDialog exec:/usr/local/sbin/certpw

         SSLCertificateKeyFile /etc/apache2/ssl/req.pem
         #SSLCertificateKeyFile /etc/apache2/ssl.key/server-dsa.key
         #SSLCertificateChainFile /etc/apache2/ssl.crt/ca.crt

         #SSLCACertificatePath /etc/apache2/ssl
         SSLCACertificateFile /etc/apache2/ssl/ca.pem

         SSLCARevocationPath /etc/apache2/ssl/crl
         #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl

         <Files ~ "\.(cgi|shtml|phtml|php3?)$">
             SSLOptions +StdEnvVars
         </Files>
         <Directory "/usr/lib/cgi-bin">
             SSLOptions +StdEnvVars
         </Directory>
         SetEnvIf User-Agent ".*MSIE.*" \
                  nokeepalive ssl-unclean-shutdown \
                  downgrade-1.0 force-response-1.0

         CustomLog /var/log/apache2/ssl_request_log   ssl_combined

</VirtualHost>

apache starts fine:

[Fri Apr 07 21:53:26 2006] [notice] Apache/2.0.53 (Ubuntu) 
PHP/4.3.10-10ubuntu4.4 mod_ssl/2.0.
53 OpenSSL/0.9.7e configured -- resuming normal operations

but when I test it:

openssl s_client -connect www.sm-wg.net:443 -state -debug
connect: Connection refused
connect:errno=29

so I am officially lost

thanks

Bernhard

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell