LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices



Reply
 
Search this Thread
Old 07-23-2009, 05:07 AM   #1
alxasamy
LQ Newbie
 
Registered: Jul 2009
Location: Mumbai, India
Distribution: CentOS 5.5, RHEL5
Posts: 7

Rep: Reputation: 0
Please help with configuring SSL in Apache2


Hello Moderator

I am a bit confused as to which file I need to incorporate the SSLProtocol and SSLCipherSuite directives into.

Searching for the httpd.conf file in /usr/local returns me with this listing.

Code:
All are under /usr/local/
./apache2/man/man8/httpd.8
./apache2/manual/programs/httpd.html
./apache2/manual/programs/httpd.html.ko.euc-kr
./apache2/manual/programs/httpd.html.tr.utf8
./apache2/manual/programs/httpd.html.en
./apache2/bin/httpd
./apache2/conf/extra/httpd-default.conf
./apache2/conf/extra/httpd-manual.conf
./apache2/conf/extra/httpd-info.conf
./apache2/conf/extra/httpd-languages.conf
./apache2/conf/extra/httpd-dav.conf
./apache2/conf/extra/httpd-vhosts.conf
./apache2/conf/extra/httpd-ssl.conf
./apache2/conf/extra/httpd-autoindex.conf
./apache2/conf/extra/httpd-multilang-errordoc.conf
./apache2/conf/extra/httpd-mpm.conf
./apache2/conf/extra/httpd-userdir.conf
./apache2/conf/httpd.conf
./apache2/conf/original/extra/httpd-default.conf
./apache2/conf/original/extra/httpd-manual.conf
./apache2/conf/original/extra/httpd-info.conf
./apache2/conf/original/extra/httpd-languages.conf
./apache2/conf/original/extra/httpd-dav.conf
./apache2/conf/original/extra/httpd-vhosts.conf
./apache2/conf/original/extra/httpd-ssl.conf
./apache2/conf/original/extra/httpd-autoindex.conf
./apache2/conf/original/extra/httpd-multilang-errordoc.conf
./apache2/conf/original/extra/httpd-mpm.conf
./apache2/conf/original/extra/httpd-userdir.conf
./apache2/conf/original/httpd.conf
./apache2/modules/httpd.exp
./apache2/include/httpd.h
./apache2/logs/httpd.pid
./psa/admin/libexec/httpd.exp
./psa/admin/include/httpd.h

The contents of
/usr/local/apache2/conf/httpd.conf

Code:
ServerRoot "/usr/local/apache2"
Listen 80
#LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
#LoadModule authn_default_module modules/mod_authn_default.so
#LoadModule authz_host_module modules/mod_authz_host.so
#LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
#LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
#LoadModule authz_default_module modules/mod_authz_default.so
#LoadModule ldap_module modules/mod_ldap.so
#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
#LoadModule include_module modules/mod_include.so
#LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
#LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule setenvif_module modules/mod_setenvif.so
#LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
#LoadModule status_module modules/mod_status.so
#LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
#LoadModule negotiation_module modules/mod_negotiation.so
#LoadModule dir_module modules/mod_dir.so
#LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
#LoadModule userdir_module modules/mod_userdir.so
#LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
#LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so

<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>

User daemon
Group daemon

</IfModule>
</IfModule>

DocumentRoot "/var/www/html"

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

<Directory "/var/www/html">
    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

AcceptPathInfo On
KeepAlive On
KeepAlive 300

<IfModule dir_module>
    DirectoryIndex index.html index.html.var index.shtml index.cfm index.php index.htm
</IfModule>

<FilesMatch "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</FilesMatch>

ErrorLog "logs/error_log"
LogLevel warn

<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>
    CustomLog "logs/access_log" common
</IfModule>

<IfModule alias_module>
    ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/"

</IfModule>

<IfModule cgid_module>
</IfModule>

<Directory "/usr/local/apache2/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>

DefaultType text/plain

<IfModule mime_module>
    TypesConfig conf/mime.types
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
</IfModule>

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
________________________________________________________________________

I would be glad if you can guide me as to which files need to be altered.

Thanks in advance for reading this.

Regards,

Xavier.

Last edited by unSpawn; 07-23-2009 at 07:21 AM. Reason: //Use CODE listings please.
 
Old 07-23-2009, 07:02 AM   #2
nowonmai
Member
 
Registered: Jun 2003
Posts: 481

Rep: Reputation: 48
Since MD5 SSL has been broken, it's best to disable it, and if you have any certs based on MD5, have them reissued.
 
Old 07-23-2009, 07:26 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,765
Blog Entries: 54

Rep: Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976Reputation: 2976
Please don't refer to me as "Moderator". As for your editing your /usr/local/apache2/conf/httpd.conf: please have a look at http://httpd.apache.org/docs/2.0/ssl/ssl_howto.html because the HOWTO lists the steps you require.
 
Old 07-25-2009, 02:23 AM   #4
alxasamy
LQ Newbie
 
Registered: Jul 2009
Location: Mumbai, India
Distribution: CentOS 5.5, RHEL5
Posts: 7

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by nowonmai View Post
Since MD5 SSL has been broken, it's best to disable it, and if you have any certs based on MD5, have them reissued.
What would I need to do so as to rebuild the mentioned SSL or would it be advisable to disable it.

Thanks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Fail Configuring Subversion through apache2 ssl darghon Linux - Software 0 07-11-2009 02:54 AM
Apache2 + ssl netpumber Debian 3 06-30-2009 12:46 PM
Apache2 + ssl blunt Slackware 4 10-31-2006 08:23 AM
Configuring SSL on Apache2 jstrahm Suse/Novell 1 04-06-2006 09:37 AM
apache2 - ssl : connection via ssl interrupted ldp Linux - Software 0 10-02-2005 10:07 AM


All times are GMT -5. The time now is 04:06 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration