LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
LinkBack Search this Thread
Old 01-09-2003, 09:14 PM   #1
spook
LQ Newbie
 
Registered: Jun 2002
Location: UK
Distribution: slackware, freebsd, solaris,sunOS, IRIX
Posts: 18

Rep: Reputation: 0
apache+ssl configuration


Hi,

I have been running apache etc on my webserver for a while now and I have decided that https is the way to go: the webmail and mailing list managment warez that I run could benefit from it. The standard slackware httpd.conf contains a call to mod_ssl.conf and that file contains a bunch of settings including a virtual server that uses port 443 etc. What I can't seem to do is get https to actually start. I have an inkling (which may be utterly wrong) that it has something to do with having to make the <ifdefine SSL>come true. I tried to do "apachectl startssl" after "apacheconfig" suggested it but this option clearly doesn't exist in my version of apache (1.3.26 or whatever current/old is). If anyone could throw any light on this topic that would be great: even a working config file would be great.
Thanks
spook
.
 
Old 01-09-2003, 10:29 PM   #2
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
try commenting out the If statements
 
Old 01-14-2003, 04:25 PM   #3
spook
LQ Newbie
 
Registered: Jun 2002
Location: UK
Distribution: slackware, freebsd, solaris,sunOS, IRIX
Posts: 18

Original Poster
Rep: Reputation: 0
Thanks for taking the time to reply: I have been away and therefore have only just taken up the problem again.
I am slightly unclear as to what you mean. Should I remove the "if"'s from the <IfDefine>'s or did you mean seperate "if"'s that may be in the config file? This seems like a pretty retarded way for a config to be set up: presumably there ought to be a way to specify SSL so that the condition necessary for these <ifdefines> would come to pass.
cheers
spook
.
 
Old 01-14-2003, 04:41 PM   #4
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
#<IfDefine>



#</IfDefine>



Yes it should be another way, I was too lazy to find it and did mine like this
 
Old 01-14-2003, 05:15 PM   #5
spook
LQ Newbie
 
Registered: Jun 2002
Location: UK
Distribution: slackware, freebsd, solaris,sunOS, IRIX
Posts: 18

Original Poster
Rep: Reputation: 0
Thank you for your swift reply, although I have still not got everything working yet, it is clear that I am geting closer as I am getting error messages in /var/adm/apache/ssl_engine_log

[10/Jan/2003 02:36:26 32732] [info] Server: Apache/1.3.26, Interface: mod_ssl/2.8.10, Library: OpenSSL/0.9.6e
[10/Jan/2003 02:36:28 32733] [info] Init: 2nd startup round (already detached)
[10/Jan/2003 02:36:28 32733] [info] Init: Reinitializing OpenSSL library
[10/Jan/2003 02:36:28 32733] [info] Init: Seeding PRNG with 136 bytes of entropy
[10/Jan/2003 02:36:28 32733] [info] Init: Configuring temporary RSA private keys (512/1024 bits)
[10/Jan/2003 02:36:28 32733] [info] Init: Configuring temporary DH parameters (512/1024 bits)
[10/Jan/2003 02:36:28 32733] [info] Init: Initializing (virtual) servers for SSL
[10/Jan/2003 02:38:58 32733] [info] Init: 1st restart round (already detached)
[10/Jan/2003 02:38:58 32733] [info] Init: Reinitializing OpenSSL library
[10/Jan/2003 02:38:58 32733] [info] Init: Seeding PRNG with 1160 bytes of entropy
[10/Jan/2003 02:38:58 32733] [info] Init: Configuring temporary RSA private keys (512/1024 bits)
[10/Jan/2003 02:38:58 32733] [info] Init: Configuring temporary DH parameters (512/1024 bits)
[10/Jan/2003 02:38:58 32733] [info] Init: Initializing (virtual) servers for SSL
[10/Jan/2003 02:38:58 32733] [info] Init: Configuring server hysteria.spc.org:443 for SSL protocol
[10/Jan/2003 02:38:58 32733] [error] Init: (hysteria.spc.org:443) Ops, no RSA or DSA server certificate found?!
[10/Jan/2003 02:38:58 32733] [error] Init: (hysteria.spc.org:443) You have to perform a *full* server restart when you added or removed a certificate and/or key file


Have you any idea how I could fix these errors? I generated a key but I have never been asked for the passwd when starting apache etc. I think I used apacheconfig to do this but now this doesn't run (wierdness!)
I appreciate the mundane nature of these questions and am gratefull for the repsonses.
cheers
spook
.
 
Old 01-14-2003, 07:13 PM   #6
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
these are the only keys I'm using


SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache 1.3.33 (debian built) and Apache SSL does not respond to the proper ports lqorg_user Linux - Networking 0 11-06-2005 04:11 PM
apache and apache-ssl questions merana Debian 4 03-10-2005 10:10 AM
debian sarge apache-ssl configuration notolerance Debian 0 01-10-2005 10:44 AM
chrooting apache v2 (php, ssl, perl support) ; perl configuration markus1982 Linux - Security 3 01-26-2003 06:15 PM
SSL Configuration on an Apache VirtualHost sancho5 *BSD 6 07-29-2002 08:09 AM


All times are GMT -5. The time now is 08:03 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration