LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-28-2012, 08:38 AM   #1
bweaver
Member
 
Registered: Nov 2010
Posts: 44

Rep: Reputation: 0
help! can't connect to our development web site with new SSL Configuration


Your help is hugely appreciated in advance.

After trying to make a new site available via ssl.conf in apache, I now get an error message in Firefox (and in other browsers):

"Firefox can't establish a connection to the server at apples.nsms.ox.ac.uk"

Originally we had no problems. We wanted to switch our dev location from

https: our_host/oldDev/ (which had been perfectly available)

to

https://out_host/newDev/

It was sometime after I generated new keys (.key and .crt) for newDev that I could reach neither .../oldDev/ nor .../newDev/).

I attempted subsequently to restore .../oldDev, but I cannot do so, even after restoring our original oldDev settings in ssl.conf. I get the same error in Firefox or other browsers as above.

Other than changing and reverting settings in ssl.conf, the only thing I have done in this process was to generate .key and .crt files for newDev. After my failed attempts at establishing newDev, I deleted the new .key and .crt files using a simple linux rm command and reset ssl.conf

Throughout all of this I have stopped and restarted apache, then our tomcat server at appropriate steps. Tomcat appears to have no ssl config in it. it's all in Apache.

I cannot figure out how to troubleshoot and solve this problem.
Do you have any good hints?

1. Could the creation and deletion of the new .key and .crt files be a problem? (I would not think they would affect the existing files that had been previously used).

2. are there good logs? I found ssl_error-log and ssl-access-log, and neither had much information in them.

3. What else could be causing this problem? To my knowledge there have been no other significant network or firewall changes while i have been working on this.
 
Old 09-28-2012, 08:40 AM   #2
bweaver
Member
 
Registered: Nov 2010
Posts: 44

Original Poster
Rep: Reputation: 0
corrected urls

I mis-typed: the host names for oldDev and newDev are identical

https://our_host/oldDev and https://our_host/newDev
 
Old 09-28-2012, 09:24 AM   #3
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,246

Rep: Reputation: 2327Reputation: 2327Reputation: 2327Reputation: 2327Reputation: 2327Reputation: 2327Reputation: 2327Reputation: 2327Reputation: 2327Reputation: 2327Reputation: 2327
I'm not completely clear on the problem, but when I try from here, I get
Code:
Forbidden

You don't have permission to access / on this server.
Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.7a WebAuth/3.5.3 mod_jk/1.2.19 Server at apples.nsms.ox.ac.uk Port 80
I can only suggest checking the log files & Apache's home site.
I do find it slightly odd you've got v2.0.59; most people would be on 2.2 or 2.4 by now.
 
Old 10-02-2012, 06:22 AM   #4
bweaver
Member
 
Registered: Nov 2010
Posts: 44

Original Poster
Rep: Reputation: 0
Thanks, this is helpful.

I noticed that the output you generated indicates we load 2 SSL modules: mod_ssl, and OpenSSL.


I had run the following openssl command to generate the appropriate key and .crt files:


sudo openssl req -new -x509 -days 730 -sha1 -newkey rsa:1024 \
-nodes -keyout oxcort8.key -out oxcort-08.crt



Might the problem simply be that I need to generate .key and .crt pertinent to the mod_ssl, not the OpenSSL, module?

Or might I have to generate 2 sets of keys, one for each of these 2 modules?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache with SSL: Can't connect to the site! djbon2112 Linux - Software 4 11-30-2009 09:08 PM
Migrating to Linux for web site development Tsalagi Linux - General 7 11-15-2009 08:38 PM
web site configuration swap25091 Linux - Networking 1 03-12-2009 09:30 PM
Using Webdav for Web Site Development? fortezza Linux - Software 4 11-30-2005 08:28 AM
I need a good WYSIWYG Web Site Development Tool kkempter Linux - Software 2 08-28-2003 07:12 PM


All times are GMT -5. The time now is 04:01 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration