Hi,
I have problem with apache and ssl for which I cannot find a solution for some time now:
I have slackware 10.2 and I installed apache2 with ssl. The apache webserver seems to be working fine but the connection over ssl however is giving me some headeaches.
Since I have the badluck that my provider "telenet belgium" blocks the privilleged ports under 1024 for server-purposes, I had to correct the Listen ports to
Listen 7123 in httpd.conf
Listen 7443 in ssl.conf
When I connect via http to my website. (
http://lieven.isa-geek.net:7123) it works fine. But when connecting through https (
https://lieven.isa-geek.net:7443) I get a message: "action interrupted while connecting to lieven.isa-geek.net" in mozilla 1.7 and "cannot find server - the page cannot be displayed" in ms internet explorer 6
I got "lieven.isa-geek.net" from dyndns.org and I'm using ddclient to keep my ip up to date with the name.
I checked "netstat -tpan | grep 7443" and got following result:
tcp 0 0 0.0.0.0:7443 0.0.0.0:* LISTEN 1630/httpd
=> so to me, it looks like it should work.
This is from my ssl.conf file:
<IfDefine SSL>
Listen 7443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLMutex file:/usr/local/apache2/logs/ssl_mutex
<VirtualHost _default_:7443>
DocumentRoot "/home/http"
ServerName lieven.isa-geek.net
ServerAdmin
lievendp@pandora.be
ErrorLog /usr/local/apache2/logs/error_log
TransferLog /usr/local/apache2/logs/access_log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /usr/local/apache2/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
</IfDefine>
I already tried to make servername:
lieven.isa-geek.net:7443
192.168.2.5
192.168.2.5:7443
the certificates were made with:
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 1825 -in server.csr -signkey server.key -out server.crt
For the Common Name (CN) I always used the same as what I put in ServerName in the ssl.conf file.
Thanks if you can give me any advice on this.