LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 03-04-2004, 09:53 AM   #1
Gates1026
Member
 
Registered: Sep 2003
Location: Iowa
Distribution: Slackware 9.1
Posts: 155

Rep: Reputation: 30
Trouble getting https going in Slack 9.1


I just got a web server up and running with my work Slackware 9.1 machine and am having some problems getting https working with it. When I used Fedora, it pretty much worked "out of the box", so I haven't had much experience setting it up. I am guessing that I am getting a "connection refused" error when trying to connect to https://<myip> b/c I dont have a self signed certificate set up on my machine. Can anyone point me to some slackware documentation or explain it so that I can get this up and running? Thanks for all the help in advance
 
Old 03-04-2004, 10:18 AM   #2
flyfishin
Member
 
Registered: Aug 2003
Location: KC, MO
Distribution: CentOS, RHEL, SuSE, Fedora
Posts: 243

Rep: Reputation: 30
Is the server even running? You can get that message if the service isn't running. To start, open up a terminal and log in as root and then go to the /etc/rc.d directory. You should have an rc.httpd script there. Is it executable? ls -l rc.httpd will tell you. If there are no x's then it isn't. To make it executable type chmod +x rc.httpd. This will make it executable and will ensure that your web server starts the next time you reboot your box. You can then start/stop/restart the service. To do this you issue this command in a terminal as root:

/etc/rc.d/rc.httpd commandname

where commandname is either start stop or restart. Issue a restart and see if it tells you if the service started. If is successfully started you should see this output

/usr/sbin/apachectl start: httpd started

Then go to http://localhost in a browser.
 
Old 03-04-2004, 10:36 AM   #3
Gates1026
Member
 
Registered: Sep 2003
Location: Iowa
Distribution: Slackware 9.1
Posts: 155

Original Poster
Rep: Reputation: 30
The server is running as I can connect to http://localhost or http://<ipaddress>. I know that is all fine and working, the service starts at bootup. When I try the https command on localhost or with the ipaddress, I get a "the connection was refused when trying to connect to localhost".
 
Old 03-04-2004, 10:54 AM   #4
flyfishin
Member
 
Registered: Aug 2003
Location: KC, MO
Distribution: CentOS, RHEL, SuSE, Fedora
Posts: 243

Rep: Reputation: 30
Oops. Didn't catch the s in the https. A quick google search on apache ssl slackware came up with an article on this site. Within that article is this link:

http://www.linuxquestions.org/questi...hlight=OpenSSL
 
Old 03-04-2004, 11:29 AM   #5
Gates1026
Member
 
Registered: Sep 2003
Location: Iowa
Distribution: Slackware 9.1
Posts: 155

Original Poster
Rep: Reputation: 30
I followed the instructions and created the private and public key files and certificate. I am still getting the connection was refused error. Anyone have any ideas what it could be?
 
Old 03-04-2004, 11:44 AM   #6
flyfishin
Member
 
Registered: Aug 2003
Location: KC, MO
Distribution: CentOS, RHEL, SuSE, Fedora
Posts: 243

Rep: Reputation: 30
What do your apache logs say?

Do you have apache listening on port 443?

Last edited by flyfishin; 03-04-2004 at 11:47 AM.
 
Old 03-04-2004, 12:02 PM   #7
Gates1026
Member
 
Registered: Sep 2003
Location: Iowa
Distribution: Slackware 9.1
Posts: 155

Original Poster
Rep: Reputation: 30
It isnt listening on that port (I didnt even think to look). Nmap shows nothing on 443. I think it should be though, http is running and here is out of my mod_ssl.conf file:

##
## SSL Support
##
## When we also provide SSL we have to listen to the
## standard HTTP port (see above) and to the HTTPS port
##
<IfDefine SSL>
Listen 80
Listen 443
</IfDefine>

Where would I have to enable it?
 
Old 03-04-2004, 12:10 PM   #8
flyfishin
Member
 
Registered: Aug 2003
Location: KC, MO
Distribution: CentOS, RHEL, SuSE, Fedora
Posts: 243

Rep: Reputation: 30
/etc/apache/httpd.conf

On my box it is the very last set of lines. Look for the section "mod_ssl configuration setings". Uncomment the Include /etc/apache/mod_ssl.conf line. That should do it.

I didn't think about the logs either until I spent 20 minutes on an apache issue this morning and a coworker asked "Did you check the logs?". Doh.
 
Old 03-04-2004, 12:20 PM   #9
Gates1026
Member
 
Registered: Sep 2003
Location: Iowa
Distribution: Slackware 9.1
Posts: 155

Original Poster
Rep: Reputation: 30
I have that line uncommented:

# PACKAGES REQUIRED: apache (N series) and openssl (N series)
#
Include /etc/apache/mod_ssl.conf

I havent seen anything else in the logs that would be a reason for it not to be listening on port 443
 
Old 03-04-2004, 12:36 PM   #10
Justin_Time
Member
 
Registered: Feb 2004
Posts: 53

Rep: Reputation: 15
Are you sure you created your key's allright and placed them in the correct directory's? )/etc/apache/ssl.xxx)
Code:
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 60 -in server.csr -signkey server.key -out server.crt
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
chmod 400 server.key
Have you got in you mod_ssl.conf a line like <VirutalHost yourip:443>
Have you started your apache with ssl ?
Code:
/usr/sbin/apachectl startssl
What does /var/log/apache/ssl_*
What does /var/log/apache/error_log
What does /var/log/apache/access_log say?
 
Old 03-04-2004, 10:14 PM   #11
flyfishin
Member
 
Registered: Aug 2003
Location: KC, MO
Distribution: CentOS, RHEL, SuSE, Fedora
Posts: 243

Rep: Reputation: 30
Well, I setup one of my new boxes according to the directions given so far and got the same 'Connection refused' error as you. I did some more digging and found out that the default /etc/rc.d/rc.httpd script uses /usr/sbin/apachectl start. To get the server to come up in SSL mode you use /usr/sbin/apachectl-mod_ssl. So this is how you get ssl mode going:

apachectl-mod_ssl startssl

So to summarize:

1. Generate a server.key, server.csr, and server.crt file. Copy those into the ssl.key, ssl.csr, and ssl.crt subdirectories respectively in /etc/apache/ .
2. Uncomment the Include line in /etc/apache/httpd.conf that includes the mod_ssl.conf file
3. Change the line in /etc/rc.d/rc.httpd from
/usr/sbin/apachectl start

to

/usr/sbin/apachectl-mod_ssl startssl

Those steps worked perfectly on my machine.

Last edited by flyfishin; 03-05-2004 at 08:13 AM.
 
Old 03-05-2004, 01:42 PM   #12
Gates1026
Member
 
Registered: Sep 2003
Location: Iowa
Distribution: Slackware 9.1
Posts: 155

Original Poster
Rep: Reputation: 30
Thanks so much for all your help You are the man. It works perfectly now.
 
Old 03-05-2004, 10:34 PM   #13
flyfishin
Member
 
Registered: Aug 2003
Location: KC, MO
Distribution: CentOS, RHEL, SuSE, Fedora
Posts: 243

Rep: Reputation: 30
Great. Glad I could be helpful.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
trouble with apache 1.3 & https & debian deuce868 Linux - Networking 0 11-20-2004 09:11 PM
Trouble installing slack ShifterX Linux - Newbie 1 02-09-2004 10:31 PM
Slack is Slacking...(im having some trouble) Brother Michael Linux - Newbie 3 12-20-2003 12:20 AM
Trouble with Slack 9.0 friendoofop Slackware 1 09-19-2003 06:37 PM
trouble installing slack jmr71769 Slackware 3 07-09-2003 04:39 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 07:27 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration