You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Evan Platt <ev...@espphotography.com> on 2006/03/26 01:23:26 UTC

[users@httpd] Secure SSL Site: What am I doing wrong?

Running Apache 2.2.0 on a OS/X 10.4 system, compiled from source.

I have mod_ssl enabled.

In my httpd.conf, I have

Include conf/extra/httpd-ssl.conf

in my httpd-ssl.conf, I have

<IfDefine SSL>


<VirtualHost _default_:443>

#   General setup for the virtual host
SSLEngine on
SSLCertificateFile    /Library/Apache2/conf/server.crt
SSLCertificateKeyFile /Library/Apache2/conf/server.pem
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
DocumentRoot /Library/WebServer/Documents
ServerName www.espphotography.com
ServerAdmin webmaster@espphotography.com
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log

</VirtualHost>
#
</IfDefine>

However when I uncomment the include httpd-ssl.conf and start apache 
(httpd -DSSL or httpd -k start), it asks for my password, then 
nothing. NOthing written to the error log, no instances of httpd running.

Am I missing something painfully obvious? If there's a section of the 
manual I missed, please don't just say "RTFM" but give me a link to 
the appropriate section of the manual. Everything I've read points 
that this SHOULD work, but obviously doesn't.

Thanks.

Evan


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Secure SSL Site: What am I doing wrong?

Posted by Evan Platt <ev...@espphotography.com>.

At 08:49 PM 3/25/2006, you wrote:

>Ok, my bad, found 2 instances of a default_443. Put only one, but 
>now neither httpd -DSSL or -k start start apache. Nothing written to error_log.

I wish I could say what I did, but it's working now. :-D



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Secure SSL Site: What am I doing wrong?

Posted by Evan Platt <ev...@espphotography.com>.

At 08:44 PM 3/25/2006, you wrote:
>At 07:40 PM 3/25/2006, you wrote:
>>See if removing the password from the SSLCertificateKeyFile helps.
>>openssl rsa -in server.pem -out server.key
>
>Thanks for the suggestion.. Getting a little further.
>
>Now if I start httpd -DSSL, I get:
>[Sat Mar 25 20:44:26 2006] [warn] _default_ VirtualHost overlap on 
>port 443, the first has precedence
>
>If I start with -k start, I get no errors (and nothing to the log) 
>but apache isn't started.

Ok, my bad, found 2 instances of a default_443. Put only one, but now 
neither httpd -DSSL or -k start start apache. Nothing written to error_log.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Secure SSL Site: What am I doing wrong?

Posted by Evan Platt <ev...@espphotography.com>.

At 07:40 PM 3/25/2006, you wrote:
>See if removing the password from the SSLCertificateKeyFile helps.
>openssl rsa -in server.pem -out server.key

Thanks for the suggestion.. Getting a little further.

Now if I start httpd -DSSL, I get:
[Sat Mar 25 20:44:26 2006] [warn] _default_ VirtualHost overlap on 
port 443, the first has precedence

If I start with -k start, I get no errors (and nothing to the log) 
but apache isn't started.

Thanks.

Evan 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Secure SSL Site: What am I doing wrong?

Posted by Emmanuel E <em...@gmx.net>.

See if removing the password from the SSLCertificateKeyFile helps.
 openssl rsa -in server.pem -out server.key
----- Original Message ----- 
From: "Evan Platt" <ev...@espphotography.com>
To: <us...@httpd.apache.org>
Sent: Sunday, March 26, 2006 5:53 AM
Subject: [users@httpd] Secure SSL Site: What am I doing wrong?


> Running Apache 2.2.0 on a OS/X 10.4 system, compiled from source.
>
> I have mod_ssl enabled.
>
> In my httpd.conf, I have
>
> Include conf/extra/httpd-ssl.conf
>
> in my httpd-ssl.conf, I have
>
> <IfDefine SSL>
>
>
> <VirtualHost _default_:443>
>
> #   General setup for the virtual host
> SSLEngine on
> SSLCertificateFile    /Library/Apache2/conf/server.crt
> SSLCertificateKeyFile /Library/Apache2/conf/server.pem
> SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> DocumentRoot /Library/WebServer/Documents
> ServerName www.espphotography.com
> ServerAdmin webmaster@espphotography.com
> ErrorLog /var/log/httpd/error_log
> TransferLog /var/log/httpd/access_log
>
> </VirtualHost>
> #
> </IfDefine>
>
> However when I uncomment the include httpd-ssl.conf and start apache 
> (httpd -DSSL or httpd -k start), it asks for my password, then nothing. 
> NOthing written to the error log, no instances of httpd running.
>
> Am I missing something painfully obvious? If there's a section of the 
> manual I missed, please don't just say "RTFM" but give me a link to the 
> appropriate section of the manual. Everything I've read points that this 
> SHOULD work, but obviously doesn't.
>
> Thanks.
>
> Evan
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org