Need help in running my website using secure connection (HTTPS)
Hello:
I have the following details on my system: - CentOS - RHEL 5 - WebWare for Python We have an exisiting website written in Python and was developed by other entities and now being maintained by us. We want to run the website using secure connection (HTTPS), I tried reading this article and successfully executed every instructions but still failed to run the website using HTTPS. http://www.flatmtn.com/article/setti...e-certificates The way we run the website is using port 8080, e.g. http://<ip_address>:8080/ I am sure I am missing something here, first, I am still looking on where does the port 8080 comes from since I've checked the httpd.config and it wasn't there. Any thoughts? Thanks in advance. |
Quote:
|
While performing steps from the link:
1. What steps have you performed? 2. Of the steps performed what errors (if any) were received? And I really didn't understand your exact question... Is it you need help getting the site running? Or is it you want to know where/why it is using port 8080? |
Depends what you mean by 'failed to run website'. Need specific example with exact cmds/msgs.
Note also that the un-encrypted http is normally on port 80, https(!) is on 443. These are the defaults unless you edit the httpd.conf/ssl.conf settings and adjust your firewall appropriately. You can test https from the cmd line: openssl s_client -connect server1.example.com:443 |
Quote:
How would I run our website using HTTPS? I did the exact commands given on that article without any errors encountered but found out that I was lacking the ssl.key and ssl.crt and so I install mod_ssl using: sudo yum install mod_ssl Quote:
Booting CentOS 2.6.18-128.e15 ... CentOS release 5.3(Final) Kernel 2.6.18-128.e15 on an i686 So I am guessing its is CentOS. I just mentioned about looking on where the port 8080 was specified because it might lead me to something just a wild presumption though because I have read that HTTPS is on 443 and HTTP normally runs on port 80 by default as mentioned also by chrism01. The only way that I know they can define to which port to run a website is through the Virtual Host of httpd config but it was NOT there. Thank you guys for your time and help. |
Quote:
I tried running the command: openssl s_client - connect <ip_address>:443 and gave some certificate information that says something: CONNECTED(00000003) --- Certificate chain 0 s:/C=--/ST=SomeState/L=SomeCity/0.... .... --- Server certificate -----BEGIN CERTIFICATE------ (Then some encrypted information here) -----END CERTIFICATE----- subject=/C=--/ST.... ... --- No client certificate CA names sent --- SSL handshake has read 1606 bytes and written 316 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Compression: NONE Expansion: NONE SSL-Session: Protocol: TLSv1 Cipher : DHE-RSA-AES256-SHA .... Timout: 300 (sec) Verify return code: 18 (self signed certificate) ---- |
Can you show us your httpd.conf & ssl.conf files?
Test shows you've got https running on 443; that's a good/std start. |
I am sure this is just a typo but better re-check that. "http://<ip_address>:8080/" Should be https://ip:port
|
2 Attachment(s)
Quote:
I tried to "find / -name httpd.conf", its giving me 3 results: /usr/local/apache2/conf/httpd.conf /usr/local/apache2/conf/original/httpd.conf /etc/httpd/conf/httpd.conf And I tried to "find / -name ssl.conf", it gives this result: /etc/httpd/conf.d/ssl.conf Quote:
Internet Explorer cannot display the webpage Thanks! |
Try it locally?
|
Like I said in post #7; your test shows you've got https running on port 443 (the std port). There's no point trying to connect to port 8080 for https.
|
Quote:
since I tried running https://<ip_address> and it doesn't display anything except for "The browser" cannot display the webpage |
Apache is your webserver; it serves your websites.
Apache is listening on port 80 (http) and serving websites in a non-encrypted format. See httpd.conf Apache is ALSO listening on port 443 (https) and serving websites in an encrypted format. See ssl.conf. Please please understand the above. Its the standard/default setup for Apache. Forget about port 8080.... Please read Chap 21 http://www.linuxtopia.org/online_boo...ion/index.html See also http://httpd.apache.org/docs/2.2/ |
Quote:
Thanks! |
Also make an entry in ur ssl.conf file regarding cacert file & key
|
All times are GMT -5. The time now is 11:11 AM. |