LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian
User Name
Password
Debian This forum is for the discussion of Debian Linux.

Notices

Reply
 
Search this Thread
Old 08-31-2004, 07:17 PM   #1
KneeLess
Member
 
Registered: May 2003
Distribution: Debian GNU/Linux 3.0 Sid, OpenBSD 3.5
Posts: 190

Rep: Reputation: 30
Apache2, SSL, HTTPS...


The default config of apache2.conf with the Debian package does not include SSL support. I don't know how to. I tried consulting the documentation for Apache2.0 at Apache's website, but they talked of things I don't know how to do. If someone could help me out getting a secure connection only (https only, not http at all) that would be great. Thanks a bunch.
 
Old 08-31-2004, 08:12 PM   #2
smaida
Member
 
Registered: Apr 2004
Location: Richmond, VA - USA
Distribution: Debian
Posts: 62

Rep: Reputation: 15
Apache 2 and SSL

Hi,

I am using Apache2 with SSL on debian without a problem. SSL should be available to you fom the main apache2 install. You will want to look in /etc/apache2/mod-available

You should see both ssl.conf and ssl.load.

If you see them then you will need to sym-link them into mods-enabled

From within /etc/apache2/mods-enabled/
ln -s /etc/apache2/mods-available/ssl.load ssl.load
ln -s /etc/apache2/mods-available/ssl.conf ssl.conf

You will then need to edit /etc/apache/ports.conf and add the line
Listen 443

From there all you should need to do is edit httpd.conf to contain a VirtualHost entry. Of course there are several other ways, but you can checkout apache's site from there.

<VirtualHost *:443>
ServerName www.domain.com
ServerAlias domain.com *.domain.com

DocumentRoot /var/www
SSLEngine On
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/certs/www.domain.com.csr.thawte
SSLCertificateKeyFile /etc/ssl/private/www.domain.com.key2
CustomLog /var/log/apache2/ssl.log "%t %{version}c %{cipher}c %{clientcert}c"

and so forth....
</VirtualHost>

Let me know if you still have an issus....
-Shawn
 
Old 09-01-2004, 12:25 AM   #3
KneeLess
Member
 
Registered: May 2003
Distribution: Debian GNU/Linux 3.0 Sid, OpenBSD 3.5
Posts: 190

Original Poster
Rep: Reputation: 30
After I made my key and cert, I did all the things you told me. But when I run '/etc/init.d/apache2 start' it fails silently. It includes -DSSL, so I'm confused.

But, the servername things, do they have to be the same as the hostname + extension like in the debian config files? This is just a webserver without an actual domain so I am unsure of how to answer that part. And what did you mean by 'and so forth...'? Was I supposed to put extra stuff in there?
 
Old 09-02-2004, 09:44 PM   #4
smaida
Member
 
Registered: Apr 2004
Location: Richmond, VA - USA
Distribution: Debian
Posts: 62

Rep: Reputation: 15
Hi,

The information I gave you was an example of virtual hosts. There is probably no reason for you to go that route. I was posting part of my config file hoping it would get you started. Anyway, All you really need to do is put the line
Code:
DocumentRoot /var/www
in your httpd.conf. That will at the very lease tell your server where you web directory is. From there we can add in the other options. Also, take a look at /var/log/apache2/error.log
You should see an error message saying why the server failed to start. If you need to, post the log and we can take a look at it.

-Shawn
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
HTTPS not working under Apache2 and OpenSSL pennywind Linux - Security 7 12-29-2005 01:45 PM
apache2 - ssl : connection via ssl interrupted ldp Linux - Software 0 10-02-2005 09:07 AM
apache2 + https on suse 9.2 linux svanati Suse/Novell 0 02-22-2005 01:47 PM
https server..cetificate and ssl name_in_use450 Linux - General 0 09-05-2004 11:03 AM
apache2 w/ ssl - "document contains no data" with https tree_buddy Linux - Security 2 11-23-2003 08:44 PM


All times are GMT -5. The time now is 04:07 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration