You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Andrew Clarke <ac...@civica.com.au> on 2005/10/04 02:26:03 UTC
[users@httpd] adding SSL - is a distinct virtual host mandatory?
SuSE 9.3 hosting Apache 2.0.53 (the build from SuSE installs) and Firefox
1.0.6 for a self-contained server and workstation on a laptop.
I'm working on getting https working for the first time, and keep reading
hints that it's usual to make another virtual host to carry the SSL. Is
this required, or just "a good idea"? If it's a good idea, why?
On a closely related topic, I eventually reached the point of creating a
self-certified CA and have made my server keys, but the first response I
get from an https://localhost access is an alert box from the browser:
"the connection to myserver has terminated unexpectedly.
Some data may have been transferred".
I do not even get an alert asking if I want to accept a self-certified
certificate, so the problem has to be very early in the sequence.
Of course I'm going to assume that there's a few SSL config parameters I
need to set, but I was hoping that the default .conf supplied by
SuSE/Apache would only need the certificates plugging in and it would just
work. Are there any SSL config parameters I MUST set before it will work?
The documentation lacks a clear tutorial (that I've been able to find) so
I'd really appreciate it if someone could enumerate the essential
parameters. I'll find out what they all mean from there.
Thanks in advance,
A Clarke.
--
Corporate signatures suck.
This email is from Civica Pty Limited and it, together with any
attachments, is confidential to the intended recipient(s) and the
contents may be legally privileged or contain proprietary and
private information. It is intended solely for the person to whom
it is addressed. If you are not an intended recipient, you may not
review, copy or distribute this email. If received in error,
please
notify the sender and delete the message from your system
immediately. Any views or opinions expressed in this email and any
files transmitted with it are those of the author only and may not
necessarily reflect the views of Civica and do not create any
legally binding rights or obligations whatsoever. Unless otherwise
pre-agreed by exchange of hard copy documents signed by duly
authorised representatives, contracts may not be concluded on
behalf of Civica by email. Please note that neither Civica nor the
sender accepts any responsibility for any viruses and it is your
responsibility to scan the email and the attachments (if any). All
email received and sent by Civica may be monitored to protect the
business interests of Civica.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] adding SSL - is a distinct virtual host mandatory?
Posted by Andrew Clarke <ac...@civica.com.au>.
On Tue, 04 Oct 2005 10:36, Paul Annesley wrote:
> I believe the error you are getting is often caused by trying to serve
> plain HTTP on port 443, instead of HTTPS which the browser is
> expecting..
That's a reasonable suggestion. I have not set any parameters which tell it
what port serves which protocol. It appears that the default config does
not set that... Any clues?
--
Corporate Signatures Suck
This email is from Civica Pty Limited and it, together with any
attachments, is confidential to the intended recipient(s) and the
contents may be legally privileged or contain proprietary and
private information. It is intended solely for the person to whom
it is addressed. If you are not an intended recipient, you may not
review, copy or distribute this email. If received in error,
please
notify the sender and delete the message from your system
immediately. Any views or opinions expressed in this email and any
files transmitted with it are those of the author only and may not
necessarily reflect the views of Civica and do not create any
legally binding rights or obligations whatsoever. Unless otherwise
pre-agreed by exchange of hard copy documents signed by duly
authorised representatives, contracts may not be concluded on
behalf of Civica by email. Please note that neither Civica nor the
sender accepts any responsibility for any viruses and it is your
responsibility to scan the email and the attachments (if any). All
email received and sent by Civica may be monitored to protect the
business interests of Civica.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] adding SSL - is a distinct virtual host mandatory?
Posted by Paul Annesley <pa...@gmail.com>.
I believe the error you are getting is often caused by trying to serve
plain HTTP on port 443, instead of HTTPS which the browser is
expecting..
Regards,
Paul
On 10/4/05, Andrew Clarke <ac...@civica.com.au> wrote:
>
>
> On a closely related topic, I eventually reached the point of creating a
> self-certified CA and have made my server keys, but the first response I
> get from an https://localhost access is an alert box from the browser:
>
> "the connection to myserver has terminated unexpectedly.
> Some data may have been transferred".
>
> I do not even get an alert asking if I want to accept a self-certified
> certificate, so the problem has to be very early in the sequence.
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] adding SSL - is a distinct virtual host mandatory?
Posted by Robert Zagarello <bz...@yahoo.com>.
No it is not required to have a separate virtual host,
at least not for Apache itself. I am running V2.054
http and https on FreeBSD V5.3 with no problem.
BZAG
=============================
--- Andrew Clarke <ac...@civica.com.au> wrote:
>
> SuSE 9.3 hosting Apache 2.0.53 (the build from SuSE
> installs) and Firefox
> 1.0.6 for a self-contained server and workstation on
> a laptop.
>
> I'm working on getting https working for the first
> time, and keep reading
> hints that it's usual to make another virtual host
> to carry the SSL. Is
> this required, or just "a good idea"? If it's a good
> idea, why?
>
> On a closely related topic, I eventually reached the
> point of creating a
> self-certified CA and have made my server keys, but
> the first response I
> get from an https://localhost access is an alert box
> from the browser:
>
> "the connection to myserver has terminated
> unexpectedly.
> Some data may have been transferred".
>
> I do not even get an alert asking if I want to
> accept a self-certified
> certificate, so the problem has to be very early in
> the sequence.
>
> Of course I'm going to assume that there's a few SSL
> config parameters I
> need to set, but I was hoping that the default .conf
> supplied by
> SuSE/Apache would only need the certificates
> plugging in and it would just
> work. Are there any SSL config parameters I MUST set
> before it will work?
> The documentation lacks a clear tutorial (that I've
> been able to find) so
> I'd really appreciate it if someone could enumerate
> the essential
> parameters. I'll find out what they all mean from
> there.
>
> Thanks in advance,
> A Clarke.
>
> --
> Corporate signatures suck.
>
>
> This email is from Civica Pty Limited and it,
> together with any
> attachments, is confidential to the intended
> recipient(s) and the
> contents may be legally privileged or contain
> proprietary and
> private information. It is intended solely for the
> person to whom
> it is addressed. If you are not an intended
> recipient, you may not
> review, copy or distribute this email. If received
> in error,
> please
> notify the sender and delete the message from your
> system
> immediately. Any views or opinions expressed in this
> email and any
> files transmitted with it are those of the author
> only and may not
> necessarily reflect the views of Civica and do not
> create any
> legally binding rights or obligations whatsoever.
> Unless otherwise
> pre-agreed by exchange of hard copy documents signed
> by duly
> authorised representatives, contracts may not be
> concluded on
> behalf of Civica by email. Please note that neither
> Civica nor the
> sender accepts any responsibility for any viruses
> and it is your
> responsibility to scan the email and the attachments
> (if any). All
> email received and sent by Civica may be monitored
> to protect the
> business interests of Civica.
>
>
>
---------------------------------------------------------------------
> The official User-To-User support forum of the
> Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
> " from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail:
> users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org