LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 12-09-2003, 11:47 PM   #1
Swift&Smart
Member
 
Registered: Jan 2003
Location: Hong Kong,China
Distribution: Slackware,OpenSUSE
Posts: 472

Rep: Reputation: 30
Angry mod_ssl & Apache


Yup,what's up,everyone.

I am working hard to deal with tons of problems on linux regarding SSL to enhance the security.However,first question is always the most thorny one I've ever seen.

My Apache,MySQL and PHP is working fine now.However,I want to enhance the security by installing mod_ssl.<---RPM.After I installed it,I typed https://mysiteaddress:8080 and nothing happens. I followed my book's procedure but...By the way,I have discovered that I can't find libssl.so in the path of /usr/lib. Is that causing the problem?And do I need to configure apache configuration file to make it work?is that file named ssl.conf rather than httpd.conf?

Any suggestions are appreciative!
 
Old 12-10-2003, 12:03 AM   #2
Tomasfuego
Member
 
Registered: Nov 2002
Location: USA
Distribution: Lenny at work
Posts: 168

Rep: Reputation: 30
i was pretty sure it was port 443 ... so try http://localhost:443
 
Old 12-10-2003, 09:26 AM   #3
Swift&Smart
Member
 
Registered: Jan 2003
Location: Hong Kong,China
Distribution: Slackware,OpenSUSE
Posts: 472

Original Poster
Rep: Reputation: 30
Unhappy No.....

Tomasfuego,maybe I am wrong.But https://mysitename.com:8080 is the same as http://mysitename.com:443.I think my problem is not here.

Anyway,thanks a lot.
 
Old 12-10-2003, 04:13 PM   #4
Tomasfuego
Member
 
Registered: Nov 2002
Location: USA
Distribution: Lenny at work
Posts: 168

Rep: Reputation: 30
https is telling it to look at port 443 automatically, thus

https://whatever = http://whatever:443

http is port 80, so i really have no idea where you are getting 8080 from ... your http.conf should have the port number for ssl on there somewhere
 
Old 12-10-2003, 08:37 PM   #5
Swift&Smart
Member
 
Registered: Jan 2003
Location: Hong Kong,China
Distribution: Slackware,OpenSUSE
Posts: 472

Original Poster
Rep: Reputation: 30
Thank you very much,Tomasfuego.I add :8080 because my web server is listening to port 8080 (My ISP has blocked port 80).However,I don't really have a clue on configuring SSL.As far as I know,SSL setting has resided from the httpd.conf file.
 
Old 12-11-2003, 12:00 AM   #6
Tomasfuego
Member
 
Registered: Nov 2002
Location: USA
Distribution: Lenny at work
Posts: 168

Rep: Reputation: 30
alright ... after you installed the mod_ssl rpms, then there should be an entry on which port SSL will operate on. Usually, it is 443, but it looks like you will need to change that too. https://mysite.com:8080 is still going to send it to the regular http protocol and not what we want, so accessing will look like

http://mysite.com:ThePortIpicked, which is different from 8080

make sure RH's firewall is not blocking the port you want

you can test all of this offline too ... just replace "localhost" for "mysite.com" and use the same port numbers

httpd.apache.org should have some more documentation as well if you are the researching kind.
 
Old 12-11-2003, 01:19 AM   #7
Swift&Smart
Member
 
Registered: Jan 2003
Location: Hong Kong,China
Distribution: Slackware,OpenSUSE
Posts: 472

Original Poster
Rep: Reputation: 30
Sorry,I can't get it.

https://mysitename.com:8080 != connect to port 443???

Please help me to clarify that.
 
Old 12-11-2003, 06:08 AM   #8
Tomasfuego
Member
 
Registered: Nov 2002
Location: USA
Distribution: Lenny at work
Posts: 168

Rep: Reputation: 30
https is telling it to use the SSL protocol ( like saying, use french in this conversation) and 8080 is telling it where ( like 8080 Wallaby Street)

When at 8080, it should expext the http protocol, and now you have to figure out what port your SSL is configured to so that we can use the SSL ... (again, is the firewall on RH letting you through?)

Last edited by Tomasfuego; 12-11-2003 at 06:10 AM.
 
Old 12-11-2003, 09:05 AM   #9
andrewlkho
Member
 
Registered: Jul 2003
Location: London
Posts: 548

Rep: Reputation: 30
check what ports are open - portscan yourself:
# localhost,
and that should tell you what port it's running on
 
Old 12-11-2003, 09:44 AM   #10
Swift&Smart
Member
 
Registered: Jan 2003
Location: Hong Kong,China
Distribution: Slackware,OpenSUSE
Posts: 472

Original Poster
Rep: Reputation: 30
Lightbulb Ports are open??Maybe...

Excuse me,ho_10.Do you mean I should take a look at what ports are listening?Yup,I have checked.

tcp 0 0 *:1024 *:* LISTEN
tcp 0 0 *:mysql *:* LISTEN
tcp 0 0 *pop3 *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 localhost:1136 *:* LISTEN
tcp 0 0 *:x11 *:* LISTEN
tcp 0 0 *:ftp *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 *:https *:* LISTEN
tcp 0 0 *:8080 *:* LISTEN

Obviously,the SSL port is listening.However,I mean how do I configure the ssl.conf file in order to make it work.Thanks.
 
Old 12-11-2003, 12:13 PM   #11
andrewlkho
Member
 
Registered: Jul 2003
Location: London
Posts: 548

Rep: Reputation: 30
Is the https service running on port [8]443 though? Sorry, I meant
# nmap localhost
last time
 
Old 12-11-2003, 08:27 PM   #12
Swift&Smart
Member
 
Registered: Jan 2003
Location: Hong Kong,China
Distribution: Slackware,OpenSUSE
Posts: 472

Original Poster
Rep: Reputation: 30
I'm terribly sorry,ho_10.How do I know https service is running on port 443?

I'm a
 
Old 12-13-2003, 10:40 AM   #13
Swift&Smart
Member
 
Registered: Jan 2003
Location: Hong Kong,China
Distribution: Slackware,OpenSUSE
Posts: 472

Original Poster
Rep: Reputation: 30
Would anybody help me out,please?
 
Old 12-13-2003, 04:53 PM   #14
Tomasfuego
Member
 
Registered: Nov 2002
Location: USA
Distribution: Lenny at work
Posts: 168

Rep: Reputation: 30
in a browser like mozilla, see if you can look at this in your browser:
https://localhost

if it works, then its port 443 ... if it doesnt, then you need to look at your conf files in the /etc/httpd folder
 
Old 12-14-2003, 04:07 AM   #15
Swift&Smart
Member
 
Registered: Jan 2003
Location: Hong Kong,China
Distribution: Slackware,OpenSUSE
Posts: 472

Original Poster
Rep: Reputation: 30
Unhappy I got it!But...

Thanks for your reply,Tomasfuego. I can connect to my server with SSL support.However,the webpage is the default page of Apache!! I have replaced all my webpage to my serving folder.It works well when I use port 8080.So,my question is,how to change this dumb default page??

Thanks a lot.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache 2.0 and mod_ssl pimp1911 Linux - Security 4 02-03-2006 03:36 PM
apache & mod_ssl wwnexc Linux - Software 4 11-23-2005 09:40 PM
Apache - Mod_SSL Mr_Munkey Linux - Software 0 12-27-2004 09:52 AM
mod_ssl and apache 2 xfurious_mindx Linux - Newbie 0 07-21-2004 03:49 PM
apache domain for mod_ssl gvrglife Linux - Networking 1 02-24-2003 10:46 AM


All times are GMT -5. The time now is 10:44 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration