LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-23-2010, 12:39 PM   #1
newbinlinux
LQ Newbie
 
Registered: Feb 2010
Location: Philippines
Distribution: RHEL5
Posts: 6

Rep: Reputation: 0
Need help in running my website using secure connection (HTTPS)


Hello:

I have the following details on my system:
- CentOS
- RHEL 5
- WebWare for Python

We have an exisiting website written in Python and was developed by other entities and now being maintained by us. We want to run the website using secure connection (HTTPS), I tried reading this article and successfully executed every instructions but still failed to run the website using HTTPS.

http://www.flatmtn.com/article/setti...e-certificates

The way we run the website is using port 8080, e.g. http://<ip_address>:8080/

I am sure I am missing something here, first, I am still looking on where does the port 8080 comes from since I've checked the httpd.config and it wasn't there.

Any thoughts?


Thanks in advance.
 
Old 02-23-2010, 01:57 PM   #2
jwl17330536
Member
 
Registered: Feb 2010
Location: Raleigh, NC
Posts: 83

Rep: Reputation: 22
Quote:
Originally Posted by newbinlinux View Post

I have the following details on my system:
- CentOS
- RHEL 5
Is it CentOS or RHEL5? Normally there isn't a difference in the CentOS [5] and RHEL 5, but knowing which you have is a very important thing for YOU to know.
 
Old 02-23-2010, 02:00 PM   #3
jwl17330536
Member
 
Registered: Feb 2010
Location: Raleigh, NC
Posts: 83

Rep: Reputation: 22
While performing steps from the link:

1. What steps have you performed?
2. Of the steps performed what errors (if any) were received?

And I really didn't understand your exact question...

Is it you need help getting the site running? Or is it you want to know where/why it is using port 8080?
 
Old 02-23-2010, 06:07 PM   #4
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,412

Rep: Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397
Depends what you mean by 'failed to run website'. Need specific example with exact cmds/msgs.
Note also that the un-encrypted http is normally on port 80, https(!) is on 443.
These are the defaults unless you edit the httpd.conf/ssl.conf settings and adjust your firewall appropriately.

You can test https from the cmd line:

openssl s_client -connect server1.example.com:443
 
Old 02-23-2010, 06:58 PM   #5
newbinlinux
LQ Newbie
 
Registered: Feb 2010
Location: Philippines
Distribution: RHEL5
Posts: 6

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by jwl17330536 View Post
While performing steps from the link:

1. What steps have you performed?
2. Of the steps performed what errors (if any) were received?

And I really didn't understand your exact question...

Is it you need help getting the site running? Or is it you want to know where/why it is using port 8080?
Sorry for the confusion but my main question would be:

How would I run our website using HTTPS?

I did the exact commands given on that article without any errors encountered but found out that I was lacking the ssl.key and ssl.crt and so I install mod_ssl using:

sudo yum install mod_ssl


Quote:
Originally Posted by jwl17330536 View Post
Is it CentOS or RHEL5? Normally there isn't a difference in the CentOS [5] and RHEL 5, but knowing which you have is a very important thing for YOU to know.
I am new to Linux but I see during start up these details...

Booting CentOS 2.6.18-128.e15
...
CentOS release 5.3(Final)
Kernel 2.6.18-128.e15 on an i686

So I am guessing its is CentOS.



I just mentioned about looking on where the port 8080 was specified because it might lead me to something just a wild presumption though because I have read that HTTPS is on 443 and HTTP normally runs on port 80 by default as mentioned also by chrism01. The only way that I know they can define to which port to run a website is through the Virtual Host of httpd config but it was NOT there.


Thank you guys for your time and help.
 
Old 02-23-2010, 07:10 PM   #6
newbinlinux
LQ Newbie
 
Registered: Feb 2010
Location: Philippines
Distribution: RHEL5
Posts: 6

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by chrism01 View Post
Depends what you mean by 'failed to run website'. Need specific example with exact cmds/msgs.
Note also that the un-encrypted http is normally on port 80, https(!) is on 443.
These are the defaults unless you edit the httpd.conf/ssl.conf settings and adjust your firewall appropriately.

You can test https from the cmd line:

openssl s_client -connect server1.example.com:443

I tried running the command:

openssl s_client - connect <ip_address>:443


and gave some certificate information that says something:


CONNECTED(00000003)
---
Certificate chain 0 s:/C=--/ST=SomeState/L=SomeCity/0....
....
---
Server certificate
-----BEGIN CERTIFICATE------
(Then some encrypted information here)
-----END CERTIFICATE-----
subject=/C=--/ST....
...
---
No client certificate CA names sent
---
SSL handshake has read 1606 bytes and written 316 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol: TLSv1
Cipher : DHE-RSA-AES256-SHA
....
Timout: 300 (sec)
Verify return code: 18 (self signed certificate)
----
 
Old 02-23-2010, 07:16 PM   #7
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,412

Rep: Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397
Can you show us your httpd.conf & ssl.conf files?
Test shows you've got https running on 443; that's a good/std start.

Last edited by chrism01; 02-23-2010 at 07:17 PM.
 
Old 02-23-2010, 08:34 PM   #8
jefro
Moderator
 
Registered: Mar 2008
Posts: 17,101

Rep: Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552
I am sure this is just a typo but better re-check that. "http://<ip_address>:8080/" Should be https://iport
 
Old 02-24-2010, 06:08 AM   #9
newbinlinux
LQ Newbie
 
Registered: Feb 2010
Location: Philippines
Distribution: RHEL5
Posts: 6

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by chrism01 View Post
Can you show us your httpd.conf & ssl.conf files?
Test shows you've got https running on 443; that's a good/std start.
Chris - Please see attached files for my httpd.conf and ssl.conf files. The file location on our system are the ones in bold below.

I tried to "find / -name httpd.conf", its giving me 3 results:
/usr/local/apache2/conf/httpd.conf
/usr/local/apache2/conf/original/httpd.conf
/etc/httpd/conf/httpd.conf

And I tried to "find / -name ssl.conf", it gives this result:
/etc/httpd/conf.d/ssl.conf



Quote:
Originally Posted by jefro View Post
I am sure this is just a typo but better re-check that. "http://<ip_address>:8080/" Should be https://iport
I already tried accessing the website using "https://<ip_address>:8080" before I posted any help here, I am just getting this:

Internet Explorer cannot display the webpage


Thanks!
Attached Files
File Type: txt httpd.conf.txt (33.7 KB, 4 views)
File Type: txt ssl.conf.txt (9.5 KB, 4 views)
 
Old 02-24-2010, 05:28 PM   #10
jefro
Moderator
 
Registered: Mar 2008
Posts: 17,101

Rep: Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552
Try it locally?
 
Old 02-24-2010, 06:10 PM   #11
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,412

Rep: Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397
Like I said in post #7; your test shows you've got https running on port 443 (the std port). There's no point trying to connect to port 8080 for https.
 
Old 02-24-2010, 11:41 PM   #12
newbinlinux
LQ Newbie
 
Registered: Feb 2010
Location: Philippines
Distribution: RHEL5
Posts: 6

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by chrism01 View Post
Like I said in post #7; your test shows you've got https running on port 443 (the std port). There's no point trying to connect to port 8080 for https.
Chris - But how do I port our website to run using HTTPS then? what configuration should I edit to achieve this?

since I tried running https://<ip_address> and it doesn't display anything except for "The browser" cannot display the webpage
 
Old 02-24-2010, 11:57 PM   #13
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,412

Rep: Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397Reputation: 2397
Apache is your webserver; it serves your websites.
Apache is listening on port 80 (http) and serving websites in a non-encrypted format. See httpd.conf
Apache is ALSO listening on port 443 (https) and serving websites in an encrypted format. See ssl.conf.

Please please understand the above. Its the standard/default setup for Apache.
Forget about port 8080....

Please read Chap 21 http://www.linuxtopia.org/online_boo...ion/index.html
See also http://httpd.apache.org/docs/2.2/
 
Old 02-25-2010, 12:15 AM   #14
newbinlinux
LQ Newbie
 
Registered: Feb 2010
Location: Philippines
Distribution: RHEL5
Posts: 6

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by chrism01 View Post
Apache is your webserver; it serves your websites.
Apache is listening on port 80 (http) and serving websites in a non-encrypted format. See httpd.conf
Apache is ALSO listening on port 443 (https) and serving websites in an encrypted format. See ssl.conf.

Please please understand the above. Its the standard/default setup for Apache.
Forget about port 8080....

Please read Chap 21 http://www.linuxtopia.org/online_boo...ion/index.html
See also http://httpd.apache.org/docs/2.2/
Okay Chris, thanks for your time. I'll figure this out. And thanks for the online books, seems a good reference to read.

Thanks!
 
Old 02-25-2010, 01:51 AM   #15
PankajRasuni
LQ Newbie
 
Registered: Nov 2009
Posts: 18

Rep: Reputation: 0
Also make an entry in ur ssl.conf file regarding cacert file & key
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Problems Browsing Secure Sites (HTTPS) jlrq74 Linux - Wireless Networking 2 09-30-2008 10:05 AM
SSL Certificate and PKI question, secure HTTPS connection, mail encription Rostfrei Linux - Security 2 07-28-2008 03:20 AM
Setting up secure access to https helpme0904 Linux - Newbie 2 07-13-2005 05:08 PM
http and https, setuping up a secure site helpme0904 Linux - Newbie 1 06-04-2005 10:34 PM
Web browser loses a secure (https) connection. How/where do I start investigating? hello321_1999 Linux - Networking 1 12-15-2004 12:47 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration