LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Apache 2.2.9 and SSL Config (https://www.linuxquestions.org/questions/linux-server-73/apache-2-2-9-and-ssl-config-679457/)

Harvfive 10-27-2008 09:39 PM
Apache 2.2.9 and SSL Config
 
Hey all,

I have a web server configured to run on localhost:80 as Im using a WUI to manage some services on a SLES 10 install. I was looking into enabling SSL for this (just for my own educational purposes). I've created and signed my own certs, and I've directed the path to my certs, and enabled SSL through httpd.conf by including the httpd-ssl.conf file. I've read many manuals but they seem to be missing very important information about whether or not you need to configure it as a virtualhost through httpd-ssl, or just to modify the original configuration file. In any case, when restarting apache I get this error, to which Ive found no answer. And I did enable ssl support when configuring my apache install. I believe it may have something to do with mod_ssl.c not being called before these are run. As well, to kill two birds with one stone, do I need to specify the directive for the ssl connection or will it just use the one in httpd.conf?

In either case, here is what I have added to the original httpd-ssl.conf file.

[Sun Oct 12 13:00:16 2008] [warn] module php5_module is already loaded, skippingSyntax error on line 56 of /usr/local/apache/conf/extra/httpd-ssl.conf:
Invalid command 'SSLPassPhraseDialog', perhaps misspelled or defined by a module not included in the server configuration



# General setup for the virtual host
Listen 80
Listen 443
<VirtualHost localhost:443>
SSLEngine on
ServerName http://localhost
SSLCertificateFile "/usr/local/apache/server.crt"
SSLCertificateKeyFile "/usr/local/apache/server.key"
</VirtualHost>

If anyone can offer suggestions I would be greatly appreciative. Keep in mind I'm a n00b, and this is my first run-in with configuring SSL. :S

Here is my whole HTTPD.conf file:

ServerRoot "/usr/local/apache"


Listen 80


# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
LoadModule php5_module modules/libphp5.so


<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>

User daemon
Group daemon

</IfModule>
</IfModule>

ServerAdmin kmakiewi@gmail.com

ServerName 192.168.164.129:80

DocumentRoot "/usr/local/apache/htdocs"

<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>

<Directory "/usr/local/apache/htdocs">

Options Indexes FollowSymLinks


AllowOverride None

Order allow,deny
Allow from all

</Directory>


<IfModule dir_module>
DirectoryIndex index.html index.php

AddType text/html php
</IfModule>

<FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>


ErrorLog "logs/error_log"


LogLevel warn

<IfModule log_config_module>

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common

<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>

CustomLog "logs/access_log" common


</IfModule>

<IfModule alias_module>

ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"

</IfModule>

<IfModule cgid_module>
#
# ScriptSock: On threaded servers, designate the path to the UNIX
# socket used to communicate with the CGI daemon of mod_cgid.
#
#Scriptsock logs/cgisock
</IfModule>


<Directory "/usr/local/apache/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>


DefaultType text/plain

<IfModule mime_module>

# Use for PHP 5.x:
LoadModule php5_module modules/libphp5.so

TypesConfig conf/mime.types



AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz

</IfModule>

#This is for Authentication (user)

<Directory "/usr/local/apache/htdocs/">
AuthType Basic
AuthName "Abandon Hope, all Ye who enter"
AuthUserFile /usr/local/apache/passwd/passwords
Require user trooper
</Directory>

# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

ptemmerman 10-29-2008 06:59 AM
Hi.

I'm not an Apache expert, but these are my thoughts:

Based on the config files that you provided, I don't see that you actually load the ssl module. I expected to see something like:

Load ssl_module /usr/local/apache2/modules/mod_ssl.so

As far as I know, it is not necessary to have a virtual host, in order to accept SSL connections.

Also, the php_module error is because you load it twice:
LoadModule php5_module modules/libphp5.so


All times are GMT -5. The time now is 03:49 PM.