LinuxQuestions.org - aapche ssl certificate not working

Page 2 of 2

Show 50 post(s) from this thread on one page

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - aapche ssl certificate not working (https://www.linuxquestions.org/questions/linux-server-73/aapche-ssl-certificate-not-working-925308/)

bathory

02-10-2012 04:30 PM

Quote:

so on my localhost config document i would have to put those entries in it (since the /etc/apache2/sites-available/default is the config file for the local host) you want me to put those rewrite entries somewhere in it. and this can be used to redirect the default 80 port service to port 443 and make it go to the https location. the example you have given was a little vague so i want to know how to do it in my case as an example (and i can go on referencing from the example hopefully by then i would have mastered this module) here are my specs

What exactly you didn't understand?
You should put the rewrite stuff inside the VirtualHost container in /etc/apache2/sites-available/default. So any http request to the default vhost will be redirected to https to the default ssl-vhost. E.g. in /etc/apache2/sites-available/default you need to add

Code:

<VirtualHost *:80>

ServerName www.domain.com

DocumentRoot /var/www/html

<--Other default vhost stuff-->

RewriteEngine on

RewriteCond %{HTTPS} off

RewriteRule  ^(.*)$  https://%{HTTP_HOST}%{REQUEST_URI}

</VirtualHost>

Since you have a /etc/apache2/sites-available/default-ssl file you can have in it:

Code:

<VirtualHost *:443>

ServerName www.domain.com

DocumentRoot /var/www/html/

<--Other default ssl-vhost stuff-->

</VirtualHost>

As I've already told you, /etc/apache2/httpd.conf is not used in debian. Of course it's included in /etc/apache2/apache2.conf, so anything in it is read by apache. It's up to you to use it or not.

Regards

baronobeefdip

02-12-2012 07:30 PM

what is the equivalent of these files from Debian in Fedora 14
/etc/apache2/sites-available/default
/etc/apache2/sites-available/default-ssl

bathory

02-13-2012 12:44 AM

Hi,

In fedora like in all the rhel based distros, you define the http vhosts in /etc/httpd/httpd.conf and the ssl vhost(s) in /etc/httpd/conf.d/ssl.conf

Regards

baronobeefdip

02-13-2012 02:09 PM

Quote:

Originally Posted by bathory (Post 4600981)

Hi,

In fedora like in all the rhel based distros, you define the http vhosts in /etc/httpd/httpd.conf and the ssl vhost(s) in /etc/httpd/conf.d/ssl.conf

Regards

i am able to see the ssl.conf file and it looks like the default-ssl file from debian but i am not seeing the declaration in the httpd.conf file for the local virtualhost so that i am able to put the rewrite module inside it, where is the local virtualhost declarations located, i see a <virtualHost *:80> but they are all commented it out with the # symbol, will i be able to put in the rewrite modules in this virtualhost declaration when i take the comment symbols out?

bathory

02-13-2012 02:31 PM

Quote:

will i be able to put in the rewrite modules in this virtualhost declaration when i take the comment symbols out?

Note that the "LoadModule rewrite_module .." directives go to the general apache config part.
Regarding the rewrite rules you can put them too into that general httpd.conf part, better inside the <Directory /var/www/html>...</Directory part, or uncomment the VirtualHost stanza and put them in there.

Regards

baronobeefdip

02-13-2012 10:11 PM

Quote:

Originally Posted by bathory (Post 4601459)

jus looked in the /etc/httpd/conf/httpd.conf file and found the declarations <Directory "/var/www/html"> </Directory>, i placed the rewrite module tags in it and the web browser told me there was a redirection error
"Firefox has detected that the server is redirecting theis request for the address in a way it will never complete"
what does this mean? did i have to put it in a different part of the file or is there something that needs some minor adjustments?

i did however find the statement inside that directory declaration in the httpd.conf file.

Code:

Allow override none

and i changed it to

Code:

Allow override all

and nothing changed, i am still getting that message firefox was showing me earlier

bathory

02-14-2012 12:28 AM

Hi,

Quote:

"Firefox has detected that the server is redirecting theis request for the address in a way it will never complete"
what does this mean? did i have to put it in a different part of the file or is there something that needs some minor adjustments?

It means that somehow the rewrite is looping. You have to copy/paste the exact 3 lines bellow inside the <Directory "/var/www/html">...</Directory> part,

Code:

RewriteEngine on

RewriteCond %{HTTPS} off

RewriteRule  ^(.*)$  https://%{HTTP_HOST}%{REQUEST_URI}

You can also test the following variation:

Code:

RewriteEngine on

RewriteCond %{SERVER_PORT} 80

RewriteRule  ^(.*)$ https://%{SERVER_NAME}/$1

If it isn't working too, could you please post httpd.conf?

Quote:

did however find the statement inside that directory declaration in the httpd.conf file.
Allow override none

and i changed it to
Code:

Allow override all

and nothing changed, i am still getting that message firefox was showing me earlier

This has nothing to do with your case. It's needed only if you want to use .htaccess files

Regards

baronobeefdip

02-17-2012 08:06 PM

Okay all of the redirects work in Fedora, Debian and Ubuntu.So now everything is golden but I keep getting the red lock symbol (i'm using chrome) usually when i get to a site with an ssl certificate the lock is green (Like twitter you can see it right now) the only problem with my certificates is that the chrome is saying that the identity of the website has not been verified, this is what i have been doing, i have been putting in these commands

Code:

openssl req -new -newkey rsa:2048 -nodes -keyout localhost.key -out localhost.csr

Then i filled out all of the Information then ran this command

Code:

openssl x509 -req -days 365 -in localhost.csr -signkey localhost.key -out localhost.crt

then i would put these certificate files inside of the /etc/apache2/sites-available/defaut-ssl file, the lock symbol is red instead of green, what command did i miss

bathory

02-18-2012 03:20 AM

Hi,

Quote:

but I keep getting the red lock symbol (i'm using chrome) usually when i get to a site with an ssl certificate the lock is green (Like twitter you can see it right now) the only problem with my certificates is that the chrome is saying that the identity of the website has not been verified,

This is normal when you use self-signed certificates. All browsers give a warning when the certificate is not issued by a trusted CA (Certificate Authority).

Regards

baronobeefdip

02-18-2012 12:15 PM

So I'm guessing that nobody can verify the identity of the site but the CA?

bathory

02-18-2012 01:13 PM

Hi,

Every browser comes with a list of well knows CAs. If your server's certificate is not issued by one of them, then it will show user a warning about a certificate from a non trusted CA. It's up to the user to accept it or not.
If you want to go in business using ssl, you should buy a certificate from a trusted CA

Regards

doug9694

01-05-2015 09:33 PM

Firefox has detected that the server is redirecting

I recently upgraded to firefox 34 from 17. I never received this message be fore. Gmail worked for awhile now I get the message continuously. What gives? I tried the on line help that says go to Tools > Options > Advanced > Network > Cached Web Content: "Clear Now",
Another says Tools/Options/Privacy - Click "Remove Individual Cookies"
Problem is that 34 does not have a "Options" in the "tools" menu. At least not in the 34
that I have. Where is the some thing in 34? Or has someone come up with a better fix?
Send reply to doug9694@hotmail. If you send it to what I use here, gmail, I will never see
it because my gmail is the site I am getting the problem message on.

All times are GMT -5. The time now is 12:13 AM.

Page 2 of 2

Show 50 post(s) from this thread on one page