Register a domain and help support LQ
Go Back > Forums > Linux Forums > Linux - Software
User Name
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.


  Search this Thread
Old 07-23-2009, 04:07 AM   #1
LQ Newbie
Registered: Jul 2009
Location: Mumbai, India
Distribution: CentOS 5.5, RHEL5
Posts: 7

Rep: Reputation: 0
Please help with configuring SSL in Apache2

Hello Moderator

I am a bit confused as to which file I need to incorporate the SSLProtocol and SSLCipherSuite directives into.

Searching for the httpd.conf file in /usr/local returns me with this listing.

All are under /usr/local/

The contents of

ServerRoot "/usr/local/apache2"
Listen 80
#LoadModule auth_basic_module modules/
LoadModule auth_digest_module modules/
#LoadModule authn_file_module modules/
LoadModule authn_alias_module modules/
LoadModule authn_anon_module modules/
LoadModule authn_dbm_module modules/
#LoadModule authn_default_module modules/
#LoadModule authz_host_module modules/
#LoadModule authz_user_module modules/
LoadModule authz_owner_module modules/
#LoadModule authz_groupfile_module modules/
LoadModule authz_dbm_module modules/
#LoadModule authz_default_module modules/
#LoadModule ldap_module modules/
#LoadModule authnz_ldap_module modules/
#LoadModule include_module modules/
#LoadModule log_config_module modules/
LoadModule logio_module modules/
#LoadModule env_module modules/
LoadModule ext_filter_module modules/
LoadModule mime_magic_module modules/
LoadModule expires_module modules/
LoadModule deflate_module modules/
LoadModule headers_module modules/
LoadModule usertrack_module modules/
#LoadModule setenvif_module modules/
#LoadModule mime_module modules/
LoadModule dav_module modules/
#LoadModule status_module modules/
#LoadModule autoindex_module modules/
LoadModule info_module modules/
LoadModule dav_fs_module modules/
LoadModule vhost_alias_module modules/
#LoadModule negotiation_module modules/
#LoadModule dir_module modules/
#LoadModule actions_module modules/
LoadModule speling_module modules/
#LoadModule userdir_module modules/
#LoadModule alias_module modules/
LoadModule rewrite_module modules/
LoadModule proxy_module modules/
LoadModule proxy_balancer_module modules/
LoadModule proxy_ftp_module modules/
LoadModule proxy_http_module modules/
LoadModule proxy_connect_module modules/
LoadModule cache_module modules/
LoadModule suexec_module modules/
LoadModule disk_cache_module modules/
LoadModule file_cache_module modules/
LoadModule mem_cache_module modules/
#LoadModule cgi_module modules/
LoadModule version_module modules/

<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>

User daemon
Group daemon


DocumentRoot "/var/www/html"

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all

<Directory "/var/www/html">
    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all

AcceptPathInfo On
KeepAlive On
KeepAlive 300

<IfModule dir_module>
    DirectoryIndex index.html index.html.var index.shtml index.cfm index.php index.htm

<FilesMatch "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All

ErrorLog "logs/error_log"
LogLevel warn

<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    CustomLog "logs/access_log" common

<IfModule alias_module>
    ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/"


<IfModule cgid_module>

<Directory "/usr/local/apache2/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all

DefaultType text/plain

<IfModule mime_module>
    TypesConfig conf/mime.types
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

I would be glad if you can guide me as to which files need to be altered.

Thanks in advance for reading this.



Last edited by unSpawn; 07-23-2009 at 06:21 AM. Reason: //Use CODE listings please.
Old 07-23-2009, 06:02 AM   #2
Registered: Jun 2003
Posts: 481

Rep: Reputation: 48
Since MD5 SSL has been broken, it's best to disable it, and if you have any certs based on MD5, have them reissued.
Old 07-23-2009, 06:26 AM   #3
Registered: May 2001
Posts: 28,826
Blog Entries: 55

Rep: Reputation: 3341Reputation: 3341Reputation: 3341Reputation: 3341Reputation: 3341Reputation: 3341Reputation: 3341Reputation: 3341Reputation: 3341Reputation: 3341Reputation: 3341
Please don't refer to me as "Moderator". As for your editing your /usr/local/apache2/conf/httpd.conf: please have a look at because the HOWTO lists the steps you require.
Old 07-25-2009, 01:23 AM   #4
LQ Newbie
Registered: Jul 2009
Location: Mumbai, India
Distribution: CentOS 5.5, RHEL5
Posts: 7

Original Poster
Rep: Reputation: 0
Originally Posted by nowonmai View Post
Since MD5 SSL has been broken, it's best to disable it, and if you have any certs based on MD5, have them reissued.
What would I need to do so as to rebuild the mentioned SSL or would it be advisable to disable it.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Fail Configuring Subversion through apache2 ssl darghon Linux - Software 0 07-11-2009 01:54 AM
Apache2 + ssl netpumber Debian 3 06-30-2009 11:46 AM
Apache2 + ssl blunt Slackware 4 10-31-2006 07:23 AM
Configuring SSL on Apache2 jstrahm SUSE / openSUSE 1 04-06-2006 08:37 AM
apache2 - ssl : connection via ssl interrupted ldp Linux - Software 0 10-02-2005 09:07 AM

All times are GMT -5. The time now is 03:30 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration