You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Dave Henderson <dh...@digital-pipe.com> on 2006/06/27 14:41:05 UTC
[users@httpd] ssl error message
Gang,
I have been working on this issue over the past few days. I am trying to
get SSL working with Apache 2.0 (Debian 3.0). I have read through
documentation on how to create Root CA's, ssl certificates and keys,
etc. I made a root ca and created a certificate and key for my site.
I inserted the these lines into the following files (as well as the http.conf file):
the mods-available/ssl.conf file (also
tried putting them in my http.conf file):
(mods-available/ssl.conf)
SSLProtocol -all +SSLv2
(virtual host file)
SSLCertificateFile /location2file/filename.crt
SSLCertificateKeyFile /location2file/filename.key
I edited the ports.conf file and added the line "Listen 443", adjusted
my firewall to forward port 443 traffic to the correct ip, edited the
sites-available/sitefile to include two NameVirtualHost directives:
NameVirtualHost 192.168.0.12:80
NameVirtualHost 192.168.0.13:443
then I created two <virtualhost> sections, one for port 80 traffic, one
for port 443 traffic. Because I am trying to get all files placed in a
sub dir of the root of the website (/ssl), I appended "/ssl" to the end
of the documentroot directive for the 443 entry. If I visit the url in
http, it displays just fine:
http://www.foo.com/ssl/protected.html
if I try to log into the site using https, I get prompted to accept a
certificate (which isn't the one I created - seems to be the default
one). If I do accept I get the following error in the browser:
501 Not Implemented
The requested method is not implemented by this server.
My questions are these:
1) How do I get the "/ssl" directory to use ssl to protect anything
stored in that directory?
2) How do I get apache to use my certificate that I cretaed?
Thanks for any help given.
Dave
Here is some other related information:
I have tried starting apache with "apache2ctl startssl".
I have run "apache2ctl configtest" and got a "syntax ok" response.
Here is a copy of my virtual host definition:
<VirtualHost 192.168.0.13:443>
ServerAdmin webmas...@sitename.com
DocumentRoot /var/www/sitename.com/demo/ssl
ServerName demo.sitename.com/ssl
SSLCertificateFile /etc/apache2/ssl/certs/sitename.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/keys/sitename.com.key
SSLCipherSuite SSLv2:+HIGH:+MEDIUM
SSLVerifyClient require
SSLVerifyDepth 1
# SSL specifications
# <Location /ssl>
# SSLCipherSuite SSLv2:+HIGH:+MEDIUM
# SSLVerifyClient require
# SSLVerifyDepth 1
# </Location>
# This should be changed to whatever you set DocumentRoot to.
<Directory /var/www/sitename.com/demo/ssl>
Options Indexes Includes
AllowOverride Options
Order allow,deny
Allow from all
# This directive allows us to have apache2's default start page
# in /apache2-default/, but still have / go to the right place
#RedirectMatch ^/$ /apache2-default/
</Directory>
ErrorLog /var/log/apache2/sitename.com/demo/error.log
CustomLog /var/log/apache2/sitename.com/demo/access.log common
CustomLog /var/log/apache2/sitename.com/demo/referer.log referer
CustomLog /var/log/apache2/sitename.com/demo/agent.log agent
# Possible values: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
ServerSignature On
</VirtualHost>