You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Matt Raible <ma...@raibledesigns.com> on 2002/09/27 02:45:43 UTC
Apache 2.0.40, SSL and Linux
Platform: Red Hat 7.3
I'm trying to setup SSL for Apache on Linux and I can't seem to get it
working properly. The following line in httpd.conf gives me the
impression that the mod_ssl is already installed:
<IfModule mod_ssl.c>
Include conf/ssl.conf
</IfModule>
Do I have to add LoadModule ...?? If so, how do I get/create
mod_ssl.so?
Thanks,
Matt
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Apache 2.0.40, SSL and Linux
Posted by Kent Perrier <kp...@ev1.net>.
On Thu, Sep 26, 2002 at 06:45:43PM -0600, Matt Raible wrote:
> Platform: Red Hat 7.3
>
> I'm trying to setup SSL for Apache on Linux and I can't seem to get it
> working properly. The following line in httpd.conf gives me the
> impression that the mod_ssl is already installed:
>
> <IfModule mod_ssl.c>
> Include conf/ssl.conf
> </IfModule>
>
> Do I have to add LoadModule ...?? If so, how do I get/create
> mod_ssl.so?
Read the documentation on compiling apache 2?
Since this is a apache specific question perhaps you should ask any followups
that you may have to that mailing list?
Really, read the docs, they make it easy.
Kent
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by Matt Raible <ma...@raibledesigns.com>.
Thanks - I ended up finding the correct mod_jk.so from:
http://jakarta.apache.org/builds/jakarta-tomcat-connectors/jk/release/v1
.2.0/
> -----Original Message-----
> From: David Busby [mailto:busby@pnts.com]
> Sent: Friday, September 27, 2002 10:24 AM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>
>
> Matt,
> You can use this utility called `locate` to find files
> on your computer,
> also you can use `ls` but `locate` is faster cause you build
> an index,
> example:
>
> % locate -u
> ; That will build the index
> % locate mod_jk
> ; That will show you all the files with 'mod_jk' in their
> name % ls --help ; Help for ls (like dir), I think -r is recursive
>
> /B
>
> Matt Raible wrote:
> > I tried just using the mod_jk.so from the binary
> distribution, but no
> > luck:
> >
> > httpd: module "mod_jk.c" is not compatible with this
> version of Apache
> > (found 20020628, need 20020903).
> >
> > Is it possible to simply replace mod_jk.c? If so, where is it
> > located?
> >
> > Thanks,
> >
> > Matt
> >
> >
> >>-----Original Message-----
> >>From: Matt Raible [mailto:matt@raibledesigns.com]
> >>Sent: Thursday, September 26, 2002 11:00 PM
> >>To: users@httpd.apache.org
> >>Subject: RE: [users@httpd] Apache 2.0.40, SSL and Linux
> >>
> >>
> >>Finally got it working - here's the short story:
> >>
> >>Used http://httpd.apache.org/docs-2.0/install.html as a reference.
> >>
> >>$ lynx http://www.apache.org/dist/httpd/httpd-2.0.42.tar.gz
> >>$ gzip -d httpd-2.0.42.tar.gz
> >>$ tar xvf httpd-2.0.42.tar
> >>$ ./configure --enable-mods-shared=all --enable-ssl=shared
> >>$ make
> >>$ make install
> >>
> >>Generated keys at conf/ssl.key/server.key and
> conf/ssl.crt/server.crt.
> >>
> >>I think I should probably change the "configure" task to use
> >>"--enabled-mods-shared=more" vs. "all" - any advice?
> >>
> >>I hope to document this sometime in the next few days - I'll
> >>update this list with a link. I'm primarily a Windows user,
> >>so hopefully it can alleviate some questions on this list I
> >>can give back for all the great help you've given me.
> >>
> >>Thanks and good night!
> >>
> >>Matt
> >>
> >>
> >>
> >>>-----Original Message-----
> >>>From: J. Greenlees [mailto:jaqui@shaw.ca]
> >>>Sent: Thursday, September 26, 2002 10:08 PM
> >>>To: users@httpd.apache.org
> >>>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
> >>>
> >>>
> >>>Matt Raible wrote:
> >>>
> >>>
> >>>>Nope, I downloaded the 2.0.40 binary distribution and ran
> >>>>./install-bindist.sh and that was it. I tried doing
> >>>
> >>>--enable-module -
> >>>
> >>>>but must have not gotten the syntax right. Is this possible
> >>>
> >>>to do with
> >>>
> >>>>the binar distro? If not, I have the source - I just want
> >>>
> >>>to get this
> >>>
> >>>>done! ;0)
> >>>>
> >>>
> >>>no, from the way it looks in the docs you'll have to compile the
> >>>sources.
> >>>
> >>>
> >>>
> >>
> >>------------------------------------------------------------
> ---------
> >>
> >>>The official User-To-User support forum of the Apache HTTP Server
> >>>Project. See <URL:http://httpd.apache.org/userslist.html> for more
> >>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>For additional commands, e-mail: users-help@httpd.apache.org
> >>>
> >>
> >>
> >>
> >>------------------------------------------------------------
> ---------
> >>The official User-To-User support forum of the Apache HTTP
> >>Server Project.
> >>See <URL:http://httpd.apache.org/userslist.html> for more info.
> >>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>For additional commands, e-mail: users-help@httpd.apache.org
> >>
> >
> >
> >
> >
> >
> ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP
> Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by David Busby <bu...@pnts.com>.
Matt,
You can use this utility called `locate` to find files on your computer,
also you can use `ls` but `locate` is faster cause you build an index,
example:
% locate -u
; That will build the index
% locate mod_jk
; That will show you all the files with 'mod_jk' in their name
% ls --help
; Help for ls (like dir), I think -r is recursive
/B
Matt Raible wrote:
> I tried just using the mod_jk.so from the binary distribution, but no
> luck:
>
> httpd: module "mod_jk.c" is not compatible with this version of Apache
> (found 20020628, need 20020903).
>
> Is it possible to simply replace mod_jk.c? If so, where is it located?
>
> Thanks,
>
> Matt
>
>
>>-----Original Message-----
>>From: Matt Raible [mailto:matt@raibledesigns.com]
>>Sent: Thursday, September 26, 2002 11:00 PM
>>To: users@httpd.apache.org
>>Subject: RE: [users@httpd] Apache 2.0.40, SSL and Linux
>>
>>
>>Finally got it working - here's the short story:
>>
>>Used http://httpd.apache.org/docs-2.0/install.html as a reference.
>>
>>$ lynx http://www.apache.org/dist/httpd/httpd-2.0.42.tar.gz
>>$ gzip -d httpd-2.0.42.tar.gz
>>$ tar xvf httpd-2.0.42.tar
>>$ ./configure --enable-mods-shared=all --enable-ssl=shared
>>$ make
>>$ make install
>>
>>Generated keys at conf/ssl.key/server.key and conf/ssl.crt/server.crt.
>>
>>I think I should probably change the "configure" task to use
>>"--enabled-mods-shared=more" vs. "all" - any advice?
>>
>>I hope to document this sometime in the next few days - I'll
>>update this list with a link. I'm primarily a Windows user,
>>so hopefully it can alleviate some questions on this list I
>>can give back for all the great help you've given me.
>>
>>Thanks and good night!
>>
>>Matt
>>
>>
>>
>>>-----Original Message-----
>>>From: J. Greenlees [mailto:jaqui@shaw.ca]
>>>Sent: Thursday, September 26, 2002 10:08 PM
>>>To: users@httpd.apache.org
>>>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>>>
>>>
>>>Matt Raible wrote:
>>>
>>>
>>>>Nope, I downloaded the 2.0.40 binary distribution and ran
>>>>./install-bindist.sh and that was it. I tried doing
>>>
>>>--enable-module -
>>>
>>>>but must have not gotten the syntax right. Is this possible
>>>
>>>to do with
>>>
>>>>the binar distro? If not, I have the source - I just want
>>>
>>>to get this
>>>
>>>>done! ;0)
>>>>
>>>
>>>no, from the way it looks in the docs you'll have to compile
>>>the sources.
>>>
>>>
>>>
>>
>>---------------------------------------------------------------------
>>
>>>The official User-To-User support forum of the Apache HTTP
>>>Server Project. See
>>><URL:http://httpd.apache.org/userslist.html> for more info.
>>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>
>>
>>
>>---------------------------------------------------------------------
>>The official User-To-User support forum of the Apache HTTP
>>Server Project.
>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>For additional commands, e-mail: users-help@httpd.apache.org
>>
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by Matt Raible <ma...@raibledesigns.com>.
I tried just using the mod_jk.so from the binary distribution, but no
luck:
httpd: module "mod_jk.c" is not compatible with this version of Apache
(found 20020628, need 20020903).
Is it possible to simply replace mod_jk.c? If so, where is it located?
Thanks,
Matt
> -----Original Message-----
> From: Matt Raible [mailto:matt@raibledesigns.com]
> Sent: Thursday, September 26, 2002 11:00 PM
> To: users@httpd.apache.org
> Subject: RE: [users@httpd] Apache 2.0.40, SSL and Linux
>
>
> Finally got it working - here's the short story:
>
> Used http://httpd.apache.org/docs-2.0/install.html as a reference.
>
> $ lynx http://www.apache.org/dist/httpd/httpd-2.0.42.tar.gz
> $ gzip -d httpd-2.0.42.tar.gz
> $ tar xvf httpd-2.0.42.tar
> $ ./configure --enable-mods-shared=all --enable-ssl=shared
> $ make
> $ make install
>
> Generated keys at conf/ssl.key/server.key and conf/ssl.crt/server.crt.
>
> I think I should probably change the "configure" task to use
> "--enabled-mods-shared=more" vs. "all" - any advice?
>
> I hope to document this sometime in the next few days - I'll
> update this list with a link. I'm primarily a Windows user,
> so hopefully it can alleviate some questions on this list I
> can give back for all the great help you've given me.
>
> Thanks and good night!
>
> Matt
>
>
> > -----Original Message-----
> > From: J. Greenlees [mailto:jaqui@shaw.ca]
> > Sent: Thursday, September 26, 2002 10:08 PM
> > To: users@httpd.apache.org
> > Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
> >
> >
> > Matt Raible wrote:
> >
> > >Nope, I downloaded the 2.0.40 binary distribution and ran
> > >./install-bindist.sh and that was it. I tried doing
> > --enable-module -
> > >but must have not gotten the syntax right. Is this possible
> > to do with
> > >the binar distro? If not, I have the source - I just want
> > to get this
> > >done! ;0)
> > >
> > no, from the way it looks in the docs you'll have to compile
> > the sources.
> >
> >
> >
> ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP
> > Server Project. See
> > <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by Matt Raible <ma...@raibledesigns.com>.
Finally got it working - here's the short story:
Used http://httpd.apache.org/docs-2.0/install.html as a reference.
$ lynx http://www.apache.org/dist/httpd/httpd-2.0.42.tar.gz
$ gzip -d httpd-2.0.42.tar.gz
$ tar xvf httpd-2.0.42.tar
$ ./configure --enable-mods-shared=all --enable-ssl=shared
$ make
$ make install
Generated keys at conf/ssl.key/server.key and conf/ssl.crt/server.crt.
I think I should probably change the "configure" task to use
"--enabled-mods-shared=more" vs. "all" - any advice?
I hope to document this sometime in the next few days - I'll update this
list with a link. I'm primarily a Windows user, so hopefully it can
alleviate some questions on this list I can give back for all the great
help you've given me.
Thanks and good night!
Matt
> -----Original Message-----
> From: J. Greenlees [mailto:jaqui@shaw.ca]
> Sent: Thursday, September 26, 2002 10:08 PM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>
>
> Matt Raible wrote:
>
> >Nope, I downloaded the 2.0.40 binary distribution and ran
> >./install-bindist.sh and that was it. I tried doing
> --enable-module -
> >but must have not gotten the syntax right. Is this possible
> to do with
> >the binar distro? If not, I have the source - I just want
> to get this
> >done! ;0)
> >
> no, from the way it looks in the docs you'll have to compile
> the sources.
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project. See
> <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by "J. Greenlees" <ja...@shaw.ca>.
Matt Raible wrote:
>Nope, I downloaded the 2.0.40 binary distribution and ran
>./install-bindist.sh and that was it. I tried doing --enable-module -
>but must have not gotten the syntax right. Is this possible to do with
>the binar distro? If not, I have the source - I just want to get this
>done! ;0)
>
no, from the way it looks in the docs you'll have to compile the sources.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by Matt Raible <ma...@raibledesigns.com>.
Nope, I downloaded the 2.0.40 binary distribution and ran
./install-bindist.sh and that was it. I tried doing --enable-module -
but must have not gotten the syntax right. Is this possible to do with
the binary distro? If not, I have the source - I just want to get this
done! ;0)
> -----Original Message-----
> From: J. Greenlees [mailto:jaqui@shaw.ca]
> Sent: Thursday, September 26, 2002 9:45 PM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>
>
> okay then, the only thing left, did you enable ssl when
> compiling? it is an extention module that specifically needs
> to be compiled in.
>
>
> Matt Raible wrote:
>
> >There is not a mod_ssl.so in my modules directory - my original
> >question was do I need this file - or does <IfModule mod_ssl.c>
> >eliminate the need for it? If it does - I must me missing
> mod_ssl.c??
> >
> >Here are all the LoadModule directives currently in my httpd.conf
> >
> >LoadModule access_module modules/mod_access.so
> >LoadModule auth_module modules/mod_auth.so
> >LoadModule auth_anon_module modules/mod_auth_anon.so LoadModule
> >auth_dbm_module modules/mod_auth_dbm.so LoadModule
> auth_digest_module
> >modules/mod_auth_digest.so LoadModule include_module
> >modules/mod_include.so LoadModule log_config_module
> >modules/mod_log_config.so LoadModule env_module modules/mod_env.so
> >LoadModule expires_module modules/mod_expires.so
> >LoadModule headers_module modules/mod_headers.so
> >LoadModule setenvif_module modules/mod_setenvif.so
> >LoadModule mime_module modules/mod_mime.so
> >LoadModule dav_module modules/mod_dav.so
> >LoadModule status_module modules/mod_status.so
> >LoadModule autoindex_module modules/mod_autoindex.so
> >LoadModule asis_module modules/mod_asis.so
> >LoadModule info_module modules/mod_info.so
> >LoadModule cgi_module modules/mod_cgi.so
> >LoadModule dav_fs_module modules/mod_dav_fs.so
> >LoadModule vhost_alias_module modules/mod_vhost_alias.so
> >LoadModule negotiation_module modules/mod_negotiation.so
> >LoadModule dir_module modules/mod_dir.so
> >LoadModule imap_module modules/mod_imap.so
> >LoadModule actions_module modules/mod_actions.so
> >LoadModule speling_module modules/mod_speling.so
> >LoadModule userdir_module modules/mod_userdir.so
> >LoadModule alias_module modules/mod_alias.so
> >LoadModule rewrite_module modules/mod_rewrite.so
> >
> >>-----Original Message-----
> >>From: J. Greenlees [mailto:jaqui@shaw.ca]
> >>Sent: Thursday, September 26, 2002 9:12 PM
> >>To: users@httpd.apache.org
> >>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
> >>
> >>
> >>oh, and is there a loadmodule mod_ssl.so /.c in that section
> >>of the conf?
> >>||
> >>[top] <http://httpd.apache.org/docs-2.0/mod/mod_so.html#page-header>
> >>
> >>
> >> LoadModule Directive
> >>
> >>Description:
> >><http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Desc
> >>ription>
> >>Links in the object file or library, and adds to the list of
> >>active modules
> >>Syntax:
> >><http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Syntax>
> >>LoadModule /module filename/
> >>Context:
> >><http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Context>
> >>server config
> >>Status:
> >><http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Stat
> >>us> Extension
> >>Module:
> >><http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Modu
> >>le> mod_so
> >>
> >>The LoadModule directive links in the object file or library
> >>/filename/
> >>and adds the module structure named /module/ to the list of active
> >>modules. /Module/ is the name of the external variable of
> >>type |module|
> >>in the file, and is listed as the Module Identifier
> >><http://httpd.apache.org/docs-2.0/mod/module-dict.html#ModuleI
> >>dentifier>
> >>in the module documentation. Example:
> >>
> >>| LoadModule status_module modules/mod_status.so |
> >>
> >>loads the named module from the modules subdirectory of the
> >>ServerRoot.
> >>
> >>
> >>
> >>
> >>J. Greenlees wrote:
> >>
> >>>just checking the docs for apache 2 mod_ssl, did you tell
> the server
> >>>where the server key is?
> >>>
> >>>http://httpd.apache.org/docs-2.0/mod/mod_ssl.html
> >>>
> >>>
> >>>
> >>>
> >>>Matt Raible wrote:
> >>>
> >>>>I added a certificate with the commands below and started
> >>>>
> >>my server
> >>
> >>>>with "/usr/local/apachectl -D SSL -k start" but it still
> >>>>
> >>appears as
> >>
> >>>>if this
> >>>>directive:
> >>>>
> >>>><IfModule mod_ssl.c>
> >>>> Include conf/ssl.conf
> >>>></IfModule>
> >>>>
> >>>>is not working :(
> >>>>
> >>>>[root@drevil ssl]# openssl req -new -out my-server.csr Using
> >>>>configuration from /usr/share/ssl/openssl.cnf
> >>>>
> >>Generating a 1024
> >>
> >>>>bit RSA private key ................++++++
> ..................++++++
> >>>>writing new private key to 'privkey.pem'
> >>>>Enter PEM pass phrase:
> >>>>Verifying password - Enter PEM pass phrase:
> >>>>-----
> >>>>You are about to be asked to enter information that will
> >>>>
> >>be incorporated
> >>
> >>>>into your certificate request.
> >>>>What you are about to enter is what is called a
> >>>>
> >>Distinguished Name or a
> >>
> >>>>DN.
> >>>>There are quite a few fields but you can leave some blank
> For some
> >>>>fields there will be a default value, If you enter '.', the field
> >>>>will be left blank.
> >>>>-----
> >>>>Country Name (2 letter code) [GB]:US
> >>>>State or Province Name (full name) [Berkshire]:
> >>>>Locality Name (eg, city) [Newbury]:
> >>>>Organization Name (eg, company) [My Company Ltd]: Organizational
> >>>>Unit Name (eg, section) []: Common Name (eg, your name or your
> >>>>server's hostname) []:drevil Email Address []:
> >>>>
> >>>>Please enter the following 'extra' attributes
> >>>>to be sent with your certificate request
> >>>>A challenge password []:
> >>>>An optional company name []:
> >>>>[root@drevil ssl]# openssl rsa -in privkey.pem -out my-server.key
> >>>>read RSA key Enter PEM pass phrase:
> >>>>writing RSA key
> >>>>[root@drevil ssl]# openssl x509 -in my-server.csr -out
> >>>>
> >>my-server.cert
> >>
> >>>>-req -signkey my-server.key -days 365
> >>>>Signature ok
> >>>>subject=/C=US/ST=Berkshire/L=Newbury/O=My Company Ltd/CN=drevil
> >>>>Getting Private key [root@drevil ssl]# openssl x509 -in
> >>>>my-server.cert -out my-server.der.crt -outform DER
> >>>>
> >>>>
> >>>>
> >>>>>-----Original Message-----
> >>>>>From: J. Greenlees [mailto:jaqui@shaw.ca] Sent: Thursday,
> >>>>>
> >>September
> >>
> >>>>>26, 2002 8:19 PM
> >>>>>To: users@httpd.apache.org
> >>>>>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
> >>>>>
> >>>>>
> >>>>>hmmm, when starting the server do you get an error
> message at all?
> >>>>>do you have a certificate ( even unsigned ) for the
> secure server?
> >>>>>
> >>>>>I have problems getting Rh to install on my system so using
> >>>>>mandrake, don't have this problem on my systems. ( at
> >>>>>
> >>least when I
> >>
> >>>>>start secure server and have certificate )
> >>>>>
> >>>>>trying to remember the command but there is an apache
> command that
> >>>>>will list loaded modules...ccheck the docs on mod_ssl it
> may help
> >>>>>diagnose exactly where the problem is.
> >>>>>
> >>>>>Matt Raible wrote:
> >>>>>
> >>>>>>So you're saying that mod_ssl.* (I'm guessing it'c
> >>>>>>
> >>>>>mod_ssl.c) is loaded
> >>>>>
> >>>>>>by default with the IfModule code below? Is their
> >>>>>>
> >>anyway to ensure
> >>
> >>>>>>this?
> >>>>>>
> >>>>>>In ssl.conf, I have the following line under <VirtualHost
> >>>>>>_default_:443>
> >>>>>>
> >>>>>>ErrorLog logs/ssl.log
> >>>>>>
> >>>>>>But this does not get generated - I'm starting apache with
> >>>>>>/usr/local/apache2/bin/apachectl startssl
> >>>>>>
> >>>>>>Here's what I get when I try to test it with openssl:
> >>>>>>
> >>>>>># openssl s_client -connect localhost:443
> >>>>>>connect: Connection refused
> >>>>>>connect:errno=29
> >>>>>>#
> >>>>>>
> >>>>>>Thanks,
> >>>>>>
> >>>>>>Matt
> >>>>>>
> >>>>>>>-----Original Message-----
> >>>>>>>From: J. Greenlees [mailto:jaqui@shaw.ca]
> >>>>>>>Sent: Thursday, September 26, 2002 7:19 PM
> >>>>>>>To: users@httpd.apache.org
> >>>>>>>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
> >>>>>>>
> >>>>>>>
> >>>>>>>Matt Raible wrote:
> >>>>>>>
> >>>>>>>>Platform: Red Hat 7.3
> >>>>>>>>
> >>>>>>>>I'm trying to setup SSL for Apache on Linux and I can't seem
> >>>>>>>>
> >>>>>>>to get it
> >>>>>>>
> >>>>>>>>working properly. The following line in httpd.conf
> >>>>>>>>
> >>gives me the
> >>
> >>>>>>>>impression that the mod_ssl is already installed:
> >>>>>>>>
> >>>>>>>><IfModule mod_ssl.c>
> >>>>>>>> Include conf/ssl.conf
> >>>>>>>></IfModule>
> >>>>>>>>
> >>>>>>>>Do I have to add LoadModule ...?? If so, how do I get/create
> >>>>>>>>mod_ssl.so?
> >>>>>>>>
> >>>>>>>>Thanks,
> >>>>>>>>
> >>>>>>>>Matt
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>-----------------------------------------------------------
> >>>>>>>>
> >>>>>----------
> >>>>>
> >>>>>>>>The official User-To-User support forum of the Apache
> >>>>>>>>
> >>HTTP Server
> >>
> >>>>>>>>Project. See <URL:http://httpd.apache.org/userslist.html> for
> >>>>>>>>more info. To unsubscribe, e-mail:
> >>>>>>>>users-unsubscribe@httpd.apache.org
> >>>>>>>>" from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>>>>>>For additional commands, e-mail: users-help@httpd.apache.org
> >>>>>>>>
> >>>>>>>>
> >>>>>>>Matt,
> >>>>>>>usually with linux disro's you don't have to alter the conf for
> >>>>>>>enabling cgi or ssl, or even php.
> >>>>>>>
> >>>>>>>you do have to make / get a certificate for the ssl though.
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>------------------------------------------------------------
> >>>>>>>
> >>>>>---------
> >>>>>
> >>>>>>>The official User-To-User support forum of the Apache
> >>>>>>>
> >>HTTP Server
> >>
> >>>>>>>Project. See <URL:http://httpd.apache.org/userslist.html>
> >>>>>>>for more info. To unsubscribe, e-mail:
> >>>>>>>users-unsubscribe@httpd.apache.org
> >>>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>>>>>For additional commands, e-mail: users-help@httpd.apache.org
> >>>>>>>
> >>>>>>
> >>>>>>
> >>-------------------------------------------------------------------
> >>
> >>>>>>--
> >>>>>>The official User-To-User support forum of the Apache
> >>>>>>
> >>HTTP Server
> >>
> >>>>>>Project. See
> >>>>>>
> >><URL:http://httpd.apache.org/userslist.html> for more
> >>
> >>>>>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>>>>For additional commands, e-mail: users-help@httpd.apache.org
> >>>>>>
> >>>>>>
> >>>>>
> >>>>>
> >>>>>
> >>--------------------------------------------------------------------
> >>
> >>>>>-
> >>>>>The official User-To-User support forum of the Apache HTTP Server
> >>>>>Project. See <URL:http://httpd.apache.org/userslist.html>
> >>>>>
> >>for more
> >>
> >>>>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>>>For additional commands, e-mail: users-help@httpd.apache.org
> >>>>>
> >>>>
> >>>>
> >>>>
> >>------------------------------------------------------------
> ---------
> >>
> >>>>The official User-To-User support forum of the Apache HTTP Server
> >>>>Project. See <URL:http://httpd.apache.org/userslist.html>
> for more
> >>>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>>For additional commands, e-mail: users-help@httpd.apache.org
> >>>>
> >>>>
> >>>
> >>>
> >>>
> >>>
> >>------------------------------------------------------------
> ---------
> >>
> >>>The official User-To-User support forum of the Apache HTTP Server
> >>>Project. See <URL:http://httpd.apache.org/userslist.html> for more
> >>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>For additional commands, e-mail: users-help@httpd.apache.org
> >>>
> >>>
> >>
> >>
> >
> >
> >
> >---------------------------------------------------------------------
> >The official User-To-User support forum of the Apache HTTP Server
> >Project. See <URL:http://httpd.apache.org/userslist.html> for more
> >info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> >For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project. See
> <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by "J. Greenlees" <ja...@shaw.ca>.
okay then, the only thing left, did you enable ssl when compiling?
it is an extention module that specifically needs to be compiled in.
Matt Raible wrote:
>There is not a mod_ssl.so in my modules directory - my original question
>was do I need this file - or does <IfModule mod_ssl.c> eliminate the
>need for it? If it does - I must me missing mod_ssl.c??
>
>Here are all the LoadModule directives currently in my httpd.conf
>
>LoadModule access_module modules/mod_access.so
>LoadModule auth_module modules/mod_auth.so
>LoadModule auth_anon_module modules/mod_auth_anon.so
>LoadModule auth_dbm_module modules/mod_auth_dbm.so
>LoadModule auth_digest_module modules/mod_auth_digest.so
>LoadModule include_module modules/mod_include.so
>LoadModule log_config_module modules/mod_log_config.so
>LoadModule env_module modules/mod_env.so
>LoadModule expires_module modules/mod_expires.so
>LoadModule headers_module modules/mod_headers.so
>LoadModule setenvif_module modules/mod_setenvif.so
>LoadModule mime_module modules/mod_mime.so
>LoadModule dav_module modules/mod_dav.so
>LoadModule status_module modules/mod_status.so
>LoadModule autoindex_module modules/mod_autoindex.so
>LoadModule asis_module modules/mod_asis.so
>LoadModule info_module modules/mod_info.so
>LoadModule cgi_module modules/mod_cgi.so
>LoadModule dav_fs_module modules/mod_dav_fs.so
>LoadModule vhost_alias_module modules/mod_vhost_alias.so
>LoadModule negotiation_module modules/mod_negotiation.so
>LoadModule dir_module modules/mod_dir.so
>LoadModule imap_module modules/mod_imap.so
>LoadModule actions_module modules/mod_actions.so
>LoadModule speling_module modules/mod_speling.so
>LoadModule userdir_module modules/mod_userdir.so
>LoadModule alias_module modules/mod_alias.so
>LoadModule rewrite_module modules/mod_rewrite.so
>
>>-----Original Message-----
>>From: J. Greenlees [mailto:jaqui@shaw.ca]
>>Sent: Thursday, September 26, 2002 9:12 PM
>>To: users@httpd.apache.org
>>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>>
>>
>>oh, and is there a loadmodule mod_ssl.so /.c in that section
>>of the conf?
>>||
>>[top] <http://httpd.apache.org/docs-2.0/mod/mod_so.html#page-header>
>>
>>
>> LoadModule Directive
>>
>>Description:
>><http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Desc
>>ription>
>>Links in the object file or library, and adds to the list of
>>active modules
>>Syntax:
>><http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Syntax>
>>LoadModule /module filename/
>>Context:
>><http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Context>
>>server config
>>Status:
>><http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Stat
>>us> Extension
>>Module:
>><http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Modu
>>le> mod_so
>>
>>The LoadModule directive links in the object file or library
>>/filename/
>>and adds the module structure named /module/ to the list of active
>>modules. /Module/ is the name of the external variable of
>>type |module|
>>in the file, and is listed as the Module Identifier
>><http://httpd.apache.org/docs-2.0/mod/module-dict.html#ModuleI
>>dentifier>
>>in the module documentation. Example:
>>
>>| LoadModule status_module modules/mod_status.so |
>>
>>loads the named module from the modules subdirectory of the
>>ServerRoot.
>>
>>
>>
>>
>>J. Greenlees wrote:
>>
>>>just checking the docs for apache 2 mod_ssl, did you tell the server
>>>where the server key is?
>>>
>>>http://httpd.apache.org/docs-2.0/mod/mod_ssl.html
>>>
>>>
>>>
>>>
>>>Matt Raible wrote:
>>>
>>>>I added a certificate with the commands below and started
>>>>
>>my server
>>
>>>>with "/usr/local/apachectl -D SSL -k start" but it still
>>>>
>>appears as
>>
>>>>if this
>>>>directive:
>>>>
>>>><IfModule mod_ssl.c>
>>>> Include conf/ssl.conf
>>>></IfModule>
>>>>
>>>>is not working :(
>>>>
>>>>[root@drevil ssl]# openssl req -new -out my-server.csr
>>>>Using configuration from /usr/share/ssl/openssl.cnf
>>>>
>>Generating a 1024
>>
>>>>bit RSA private key ................++++++
>>>>..................++++++
>>>>writing new private key to 'privkey.pem'
>>>>Enter PEM pass phrase:
>>>>Verifying password - Enter PEM pass phrase:
>>>>-----
>>>>You are about to be asked to enter information that will
>>>>
>>be incorporated
>>
>>>>into your certificate request.
>>>>What you are about to enter is what is called a
>>>>
>>Distinguished Name or a
>>
>>>>DN.
>>>>There are quite a few fields but you can leave some blank
>>>>For some fields there will be a default value,
>>>>If you enter '.', the field will be left blank.
>>>>-----
>>>>Country Name (2 letter code) [GB]:US
>>>>State or Province Name (full name) [Berkshire]:
>>>>Locality Name (eg, city) [Newbury]:
>>>>Organization Name (eg, company) [My Company Ltd]:
>>>>Organizational Unit Name (eg, section) []:
>>>>Common Name (eg, your name or your server's hostname) []:drevil
>>>>Email Address []:
>>>>
>>>>Please enter the following 'extra' attributes
>>>>to be sent with your certificate request
>>>>A challenge password []:
>>>>An optional company name []:
>>>>[root@drevil ssl]# openssl rsa -in privkey.pem -out my-server.key
>>>>read RSA key Enter PEM pass phrase:
>>>>writing RSA key
>>>>[root@drevil ssl]# openssl x509 -in my-server.csr -out
>>>>
>>my-server.cert
>>
>>>>-req -signkey my-server.key -days 365
>>>>Signature ok
>>>>subject=/C=US/ST=Berkshire/L=Newbury/O=My Company Ltd/CN=drevil
>>>>Getting Private key
>>>>[root@drevil ssl]# openssl x509 -in my-server.cert -out
>>>>my-server.der.crt -outform DER
>>>>
>>>>
>>>>
>>>>>-----Original Message-----
>>>>>From: J. Greenlees [mailto:jaqui@shaw.ca] Sent: Thursday,
>>>>>
>>September
>>
>>>>>26, 2002 8:19 PM
>>>>>To: users@httpd.apache.org
>>>>>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>>>>>
>>>>>
>>>>>hmmm, when starting the server do you get an error message at all?
>>>>>do you have a certificate ( even unsigned ) for the secure server?
>>>>>
>>>>>I have problems getting Rh to install on my system so using
>>>>>mandrake, don't have this problem on my systems. ( at
>>>>>
>>least when I
>>
>>>>>start secure server and have certificate )
>>>>>
>>>>>trying to remember the command but there is an apache command that
>>>>>will list loaded modules...ccheck the docs on mod_ssl it may help
>>>>>diagnose exactly where the problem is.
>>>>>
>>>>>Matt Raible wrote:
>>>>>
>>>>>>So you're saying that mod_ssl.* (I'm guessing it'c
>>>>>>
>>>>>mod_ssl.c) is loaded
>>>>>
>>>>>>by default with the IfModule code below? Is their
>>>>>>
>>anyway to ensure
>>
>>>>>>this?
>>>>>>
>>>>>>In ssl.conf, I have the following line under <VirtualHost
>>>>>>_default_:443>
>>>>>>
>>>>>>ErrorLog logs/ssl.log
>>>>>>
>>>>>>But this does not get generated - I'm starting apache with
>>>>>>/usr/local/apache2/bin/apachectl startssl
>>>>>>
>>>>>>Here's what I get when I try to test it with openssl:
>>>>>>
>>>>>># openssl s_client -connect localhost:443
>>>>>>connect: Connection refused
>>>>>>connect:errno=29
>>>>>>#
>>>>>>
>>>>>>Thanks,
>>>>>>
>>>>>>Matt
>>>>>>
>>>>>>>-----Original Message-----
>>>>>>>From: J. Greenlees [mailto:jaqui@shaw.ca]
>>>>>>>Sent: Thursday, September 26, 2002 7:19 PM
>>>>>>>To: users@httpd.apache.org
>>>>>>>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>>>>>>>
>>>>>>>
>>>>>>>Matt Raible wrote:
>>>>>>>
>>>>>>>>Platform: Red Hat 7.3
>>>>>>>>
>>>>>>>>I'm trying to setup SSL for Apache on Linux and I can't seem
>>>>>>>>
>>>>>>>to get it
>>>>>>>
>>>>>>>>working properly. The following line in httpd.conf
>>>>>>>>
>>gives me the
>>
>>>>>>>>impression that the mod_ssl is already installed:
>>>>>>>>
>>>>>>>><IfModule mod_ssl.c>
>>>>>>>> Include conf/ssl.conf
>>>>>>>></IfModule>
>>>>>>>>
>>>>>>>>Do I have to add LoadModule ...?? If so, how do I get/create
>>>>>>>>mod_ssl.so?
>>>>>>>>
>>>>>>>>Thanks,
>>>>>>>>
>>>>>>>>Matt
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>-----------------------------------------------------------
>>>>>>>>
>>>>>----------
>>>>>
>>>>>>>>The official User-To-User support forum of the Apache
>>>>>>>>
>>HTTP Server
>>
>>>>>>>>Project. See <URL:http://httpd.apache.org/userslist.html> for
>>>>>>>>more info. To unsubscribe, e-mail:
>>>>>>>>users-unsubscribe@httpd.apache.org
>>>>>>>>" from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>>>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>>>>>>
>>>>>>>>
>>>>>>>Matt,
>>>>>>>usually with linux disro's you don't have to alter the conf for
>>>>>>>enabling cgi or ssl, or even php.
>>>>>>>
>>>>>>>you do have to make / get a certificate for the ssl though.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>------------------------------------------------------------
>>>>>>>
>>>>>---------
>>>>>
>>>>>>>The official User-To-User support forum of the Apache
>>>>>>>
>>HTTP Server
>>
>>>>>>>Project. See <URL:http://httpd.apache.org/userslist.html>
>>>>>>>for more info. To unsubscribe, e-mail:
>>>>>>>users-unsubscribe@httpd.apache.org
>>>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>>>>>
>>>>>>
>>>>>>
>>-------------------------------------------------------------------
>>
>>>>>>--
>>>>>>The official User-To-User support forum of the Apache
>>>>>>
>>HTTP Server
>>
>>>>>>Project. See
>>>>>>
>><URL:http://httpd.apache.org/userslist.html> for more
>>
>>>>>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>
>>--------------------------------------------------------------------
>>
>>>>>-
>>>>>The official User-To-User support forum of the Apache HTTP Server
>>>>>Project. See <URL:http://httpd.apache.org/userslist.html>
>>>>>
>>for more
>>
>>>>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>>>
>>>>
>>>>
>>>>
>>---------------------------------------------------------------------
>>
>>>>The official User-To-User support forum of the Apache HTTP Server
>>>>Project.
>>>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>>
>>>
>>>
>>>
>>>
>>---------------------------------------------------------------------
>>
>>>The official User-To-User support forum of the Apache HTTP Server
>>>Project.
>>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>
>>
>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by Matt Raible <ma...@raibledesigns.com>.
There is not a mod_ssl.so in my modules directory - my original question
was do I need this file - or does <IfModule mod_ssl.c> eliminate the
need for it? If it does - I must me missing mod_ssl.c??
Here are all the LoadModule directives currently in my httpd.conf
LoadModule access_module modules/mod_access.so
LoadModule auth_module modules/mod_auth.so
LoadModule auth_anon_module modules/mod_auth_anon.so
LoadModule auth_dbm_module modules/mod_auth_dbm.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule imap_module modules/mod_imap.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
> -----Original Message-----
> From: J. Greenlees [mailto:jaqui@shaw.ca]
> Sent: Thursday, September 26, 2002 9:12 PM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>
>
> oh, and is there a loadmodule mod_ssl.so /.c in that section
> of the conf?
> ||
> [top] <http://httpd.apache.org/docs-2.0/mod/mod_so.html#page-header>
>
>
> LoadModule Directive
>
> Description:
> <http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Desc
> ription>
> Links in the object file or library, and adds to the list of
> active modules
> Syntax:
> <http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Syntax>
> LoadModule /module filename/
> Context:
> <http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Context>
> server config
> Status:
> <http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Stat
> us> Extension
> Module:
> <http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Modu
> le> mod_so
>
> The LoadModule directive links in the object file or library
> /filename/
> and adds the module structure named /module/ to the list of active
> modules. /Module/ is the name of the external variable of
> type |module|
> in the file, and is listed as the Module Identifier
> <http://httpd.apache.org/docs-2.0/mod/module-dict.html#ModuleI
> dentifier>
> in the module documentation. Example:
>
> | LoadModule status_module modules/mod_status.so |
>
> loads the named module from the modules subdirectory of the
> ServerRoot.
>
>
>
>
> J. Greenlees wrote:
>
> > just checking the docs for apache 2 mod_ssl, did you tell the server
> > where the server key is?
> >
> > http://httpd.apache.org/docs-2.0/mod/mod_ssl.html
> >
> >
> >
> >
> > Matt Raible wrote:
> >
> >> I added a certificate with the commands below and started
> my server
> >> with "/usr/local/apachectl -D SSL -k start" but it still
> appears as
> >> if this
> >> directive:
> >>
> >> <IfModule mod_ssl.c>
> >> Include conf/ssl.conf
> >> </IfModule>
> >>
> >> is not working :(
> >>
> >> [root@drevil ssl]# openssl req -new -out my-server.csr
> >> Using configuration from /usr/share/ssl/openssl.cnf
> Generating a 1024
> >> bit RSA private key ................++++++
> >> ..................++++++
> >> writing new private key to 'privkey.pem'
> >> Enter PEM pass phrase:
> >> Verifying password - Enter PEM pass phrase:
> >> -----
> >> You are about to be asked to enter information that will
> be incorporated
> >> into your certificate request.
> >> What you are about to enter is what is called a
> Distinguished Name or a
> >> DN.
> >> There are quite a few fields but you can leave some blank
> >> For some fields there will be a default value,
> >> If you enter '.', the field will be left blank.
> >> -----
> >> Country Name (2 letter code) [GB]:US
> >> State or Province Name (full name) [Berkshire]:
> >> Locality Name (eg, city) [Newbury]:
> >> Organization Name (eg, company) [My Company Ltd]:
> >> Organizational Unit Name (eg, section) []:
> >> Common Name (eg, your name or your server's hostname) []:drevil
> >> Email Address []:
> >>
> >> Please enter the following 'extra' attributes
> >> to be sent with your certificate request
> >> A challenge password []:
> >> An optional company name []:
> >> [root@drevil ssl]# openssl rsa -in privkey.pem -out my-server.key
> >> read RSA key Enter PEM pass phrase:
> >> writing RSA key
> >> [root@drevil ssl]# openssl x509 -in my-server.csr -out
> my-server.cert
> >> -req -signkey my-server.key -days 365
> >> Signature ok
> >> subject=/C=US/ST=Berkshire/L=Newbury/O=My Company Ltd/CN=drevil
> >> Getting Private key
> >> [root@drevil ssl]# openssl x509 -in my-server.cert -out
> >> my-server.der.crt -outform DER
> >>
> >>
> >>
> >>> -----Original Message-----
> >>> From: J. Greenlees [mailto:jaqui@shaw.ca] Sent: Thursday,
> September
> >>> 26, 2002 8:19 PM
> >>> To: users@httpd.apache.org
> >>> Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
> >>>
> >>>
> >>> hmmm, when starting the server do you get an error message at all?
> >>> do you have a certificate ( even unsigned ) for the secure server?
> >>>
> >>> I have problems getting Rh to install on my system so using
> >>> mandrake, don't have this problem on my systems. ( at
> least when I
> >>> start secure server and have certificate )
> >>>
> >>> trying to remember the command but there is an apache command that
> >>> will list loaded modules...ccheck the docs on mod_ssl it may help
> >>> diagnose exactly where the problem is.
> >>>
> >>> Matt Raible wrote:
> >>>
> >>>> So you're saying that mod_ssl.* (I'm guessing it'c
> >>>
> >>> mod_ssl.c) is loaded
> >>>
> >>>> by default with the IfModule code below? Is their
> anyway to ensure
> >>>> this?
> >>>>
> >>>> In ssl.conf, I have the following line under <VirtualHost
> >>>> _default_:443>
> >>>>
> >>>> ErrorLog logs/ssl.log
> >>>>
> >>>> But this does not get generated - I'm starting apache with
> >>>> /usr/local/apache2/bin/apachectl startssl
> >>>>
> >>>> Here's what I get when I try to test it with openssl:
> >>>>
> >>>> # openssl s_client -connect localhost:443
> >>>> connect: Connection refused
> >>>> connect:errno=29
> >>>> #
> >>>>
> >>>> Thanks,
> >>>>
> >>>> Matt
> >>>>
> >>>>> -----Original Message-----
> >>>>> From: J. Greenlees [mailto:jaqui@shaw.ca]
> >>>>> Sent: Thursday, September 26, 2002 7:19 PM
> >>>>> To: users@httpd.apache.org
> >>>>> Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
> >>>>>
> >>>>>
> >>>>> Matt Raible wrote:
> >>>>>
> >>>>>> Platform: Red Hat 7.3
> >>>>>>
> >>>>>> I'm trying to setup SSL for Apache on Linux and I can't seem
> >>>>>>
> >>>>> to get it
> >>>>>
> >>>>>> working properly. The following line in httpd.conf
> gives me the
> >>>>>> impression that the mod_ssl is already installed:
> >>>>>>
> >>>>>> <IfModule mod_ssl.c>
> >>>>>> Include conf/ssl.conf
> >>>>>> </IfModule>
> >>>>>>
> >>>>>> Do I have to add LoadModule ...?? If so, how do I get/create
> >>>>>> mod_ssl.so?
> >>>>>>
> >>>>>> Thanks,
> >>>>>>
> >>>>>> Matt
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> -----------------------------------------------------------
> >>>>>>
> >>> ----------
> >>>
> >>>>>> The official User-To-User support forum of the Apache
> HTTP Server
> >>>>>> Project. See <URL:http://httpd.apache.org/userslist.html> for
> >>>>>> more info. To unsubscribe, e-mail:
> >>>>>> users-unsubscribe@httpd.apache.org
> >>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>>>> For additional commands, e-mail: users-help@httpd.apache.org
> >>>>>>
> >>>>>>
> >>>>> Matt,
> >>>>> usually with linux disro's you don't have to alter the conf for
> >>>>> enabling cgi or ssl, or even php.
> >>>>>
> >>>>> you do have to make / get a certificate for the ssl though.
> >>>>>
> >>>>>
> >>>>>
> >>>>> ------------------------------------------------------------
> >>>>>
> >>> ---------
> >>>
> >>>>> The official User-To-User support forum of the Apache
> HTTP Server
> >>>>> Project. See <URL:http://httpd.apache.org/userslist.html>
> >>>>> for more info. To unsubscribe, e-mail:
> >>>>> users-unsubscribe@httpd.apache.org
> >>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>>> For additional commands, e-mail: users-help@httpd.apache.org
> >>>>>
> >>>>
> >>>>
> >>>>
> -------------------------------------------------------------------
> >>>> --
> >>>> The official User-To-User support forum of the Apache
> HTTP Server
> >>>> Project. See
> <URL:http://httpd.apache.org/userslist.html> for more
> >>>> info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>> For additional commands, e-mail: users-help@httpd.apache.org
> >>>>
> >>>>
> >>>
> >>>
> >>>
> >>>
> --------------------------------------------------------------------
> >>> -
> >>> The official User-To-User support forum of the Apache HTTP Server
> >>> Project. See <URL:http://httpd.apache.org/userslist.html>
> for more
> >>> info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>> For additional commands, e-mail: users-help@httpd.apache.org
> >>>
> >>
> >>
> >>
> >>
> ---------------------------------------------------------------------
> >> The official User-To-User support forum of the Apache HTTP Server
> >> Project.
> >> See <URL:http://httpd.apache.org/userslist.html> for more info.
> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >> For additional commands, e-mail: users-help@httpd.apache.org
> >>
> >>
> >
> >
> >
> >
> >
> ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
> > Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by "J. Greenlees" <ja...@shaw.ca>.
oh, and is there a loadmodule mod_ssl.so /.c in that section of the conf?
||
[top] <http://httpd.apache.org/docs-2.0/mod/mod_so.html#page-header>
LoadModule Directive
Description:
<http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Description>
Links in the object file or library, and adds to the list of active modules
Syntax:
<http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Syntax>
LoadModule /module filename/
Context:
<http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Context>
server config
Status:
<http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Status> Extension
Module:
<http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Module> mod_so
The LoadModule directive links in the object file or library /filename/
and adds the module structure named /module/ to the list of active
modules. /Module/ is the name of the external variable of type |module|
in the file, and is listed as the Module Identifier
<http://httpd.apache.org/docs-2.0/mod/module-dict.html#ModuleIdentifier>
in the module documentation. Example:
| LoadModule status_module modules/mod_status.so |
loads the named module from the modules subdirectory of the ServerRoot.
J. Greenlees wrote:
> just checking the docs for apache 2 mod_ssl, did you tell the server
> where the server key is?
>
> http://httpd.apache.org/docs-2.0/mod/mod_ssl.html
>
>
>
>
> Matt Raible wrote:
>
>> I added a certificate with the commands below and started my server with
>> "/usr/local/apachectl -D SSL -k start" but it still appears as if this
>> directive:
>>
>> <IfModule mod_ssl.c>
>> Include conf/ssl.conf
>> </IfModule>
>>
>> is not working :(
>>
>> [root@drevil ssl]# openssl req -new -out my-server.csr
>> Using configuration from /usr/share/ssl/openssl.cnf
>> Generating a 1024 bit RSA private key
>> ................++++++
>> ..................++++++
>> writing new private key to 'privkey.pem'
>> Enter PEM pass phrase:
>> Verifying password - Enter PEM pass phrase:
>> -----
>> You are about to be asked to enter information that will be incorporated
>> into your certificate request.
>> What you are about to enter is what is called a Distinguished Name or a
>> DN.
>> There are quite a few fields but you can leave some blank
>> For some fields there will be a default value,
>> If you enter '.', the field will be left blank.
>> -----
>> Country Name (2 letter code) [GB]:US
>> State or Province Name (full name) [Berkshire]:
>> Locality Name (eg, city) [Newbury]:
>> Organization Name (eg, company) [My Company Ltd]:
>> Organizational Unit Name (eg, section) []:
>> Common Name (eg, your name or your server's hostname) []:drevil
>> Email Address []:
>>
>> Please enter the following 'extra' attributes
>> to be sent with your certificate request
>> A challenge password []:
>> An optional company name []:
>> [root@drevil ssl]# openssl rsa -in privkey.pem -out my-server.key
>> read RSA key
>> Enter PEM pass phrase:
>> writing RSA key
>> [root@drevil ssl]# openssl x509 -in my-server.csr -out my-server.cert
>> -req -signkey my-server.key -days 365
>> Signature ok
>> subject=/C=US/ST=Berkshire/L=Newbury/O=My Company Ltd/CN=drevil
>> Getting Private key
>> [root@drevil ssl]# openssl x509 -in my-server.cert -out
>> my-server.der.crt -outform DER
>>
>>
>>
>>> -----Original Message-----
>>> From: J. Greenlees [mailto:jaqui@shaw.ca] Sent: Thursday, September
>>> 26, 2002 8:19 PM
>>> To: users@httpd.apache.org
>>> Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>>>
>>>
>>> hmmm, when starting the server do you get an error message at all?
>>> do you have a certificate ( even unsigned ) for the secure server?
>>>
>>> I have problems getting Rh to install on my system so using
>>> mandrake, don't have this problem on my systems. ( at least when I
>>> start secure server and have certificate )
>>>
>>> trying to remember the command but there is an apache command that
>>> will list loaded modules...ccheck the docs on mod_ssl it may help
>>> diagnose exactly where the problem is.
>>>
>>> Matt Raible wrote:
>>>
>>>> So you're saying that mod_ssl.* (I'm guessing it'c
>>>
>>> mod_ssl.c) is loaded
>>>
>>>> by default with the IfModule code below? Is their anyway to ensure
>>>> this?
>>>>
>>>> In ssl.conf, I have the following line under <VirtualHost
>>>> _default_:443>
>>>>
>>>> ErrorLog logs/ssl.log
>>>>
>>>> But this does not get generated - I'm starting apache with
>>>> /usr/local/apache2/bin/apachectl startssl
>>>>
>>>> Here's what I get when I try to test it with openssl:
>>>>
>>>> # openssl s_client -connect localhost:443
>>>> connect: Connection refused
>>>> connect:errno=29
>>>> #
>>>>
>>>> Thanks,
>>>>
>>>> Matt
>>>>
>>>>> -----Original Message-----
>>>>> From: J. Greenlees [mailto:jaqui@shaw.ca]
>>>>> Sent: Thursday, September 26, 2002 7:19 PM
>>>>> To: users@httpd.apache.org
>>>>> Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>>>>>
>>>>>
>>>>> Matt Raible wrote:
>>>>>
>>>>>> Platform: Red Hat 7.3
>>>>>>
>>>>>> I'm trying to setup SSL for Apache on Linux and I can't seem
>>>>>>
>>>>> to get it
>>>>>
>>>>>> working properly. The following line in httpd.conf gives me the
>>>>>> impression that the mod_ssl is already installed:
>>>>>>
>>>>>> <IfModule mod_ssl.c>
>>>>>> Include conf/ssl.conf
>>>>>> </IfModule>
>>>>>>
>>>>>> Do I have to add LoadModule ...?? If so, how do I get/create
>>>>>> mod_ssl.so?
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>> Matt
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> -----------------------------------------------------------
>>>>>>
>>> ----------
>>>
>>>>>> The official User-To-User support forum of the Apache HTTP Server
>>>>>> Project. See <URL:http://httpd.apache.org/userslist.html> for
>>>>>> more info. To unsubscribe, e-mail:
>>>>>> users-unsubscribe@httpd.apache.org
>>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>>>
>>>>>>
>>>>> Matt,
>>>>> usually with linux disro's you don't have to alter the conf
>>>>> for enabling cgi or ssl, or even php.
>>>>>
>>>>> you do have to make / get a certificate for the ssl though.
>>>>>
>>>>>
>>>>>
>>>>> ------------------------------------------------------------
>>>>>
>>> ---------
>>>
>>>>> The official User-To-User support forum of the Apache HTTP
>>>>> Server Project. See <URL:http://httpd.apache.org/userslist.html>
>>>>> for more info. To unsubscribe, e-mail:
>>>>> users-unsubscribe@httpd.apache.org
>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project. See <URL:http://httpd.apache.org/userslist.html> for more
>>>> info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>>
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project. See <URL:http://httpd.apache.org/userslist.html> for more
>>> info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
RE: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by Matt Raible <ma...@raibledesigns.com>.
Yep, in ssl.conf I have:
SSLCertificateFile conf/ssl/my-server.cert
SSLCertificateKeyFile conf/ssl/my-server.key
And my conf/ssl/ directory is:
[root@drevil ssl]# ls
my-server.cert my-server.csr my-server.der.crt my-server.key
privkey.pem
> -----Original Message-----
> From: J. Greenlees [mailto:jaqui@shaw.ca]
> Sent: Thursday, September 26, 2002 9:01 PM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>
>
> just checking the docs for apache 2 mod_ssl, did you tell the server
> where the server key is?
>
> http://httpd.apache.org/docs-2.0/mod/mod_ssl.html
>
>
>
>
> Matt Raible wrote:
>
> >I added a certificate with the commands below and started my server
> >with "/usr/local/apachectl -D SSL -k start" but it still
> appears as if
> >this
> >directive:
> >
> ><IfModule mod_ssl.c>
> > Include conf/ssl.conf
> ></IfModule>
> >
> >is not working :(
> >
> >[root@drevil ssl]# openssl req -new -out my-server.csr
> >Using configuration from /usr/share/ssl/openssl.cnf
> >Generating a 1024 bit RSA private key
> >................++++++
> >..................++++++
> >writing new private key to 'privkey.pem'
> >Enter PEM pass phrase:
> >Verifying password - Enter PEM pass phrase:
> >-----
> >You are about to be asked to enter information that will be
> >incorporated into your certificate request. What you are
> about to enter
> >is what is called a Distinguished Name or a DN.
> >There are quite a few fields but you can leave some blank
> >For some fields there will be a default value,
> >If you enter '.', the field will be left blank.
> >-----
> >Country Name (2 letter code) [GB]:US
> >State or Province Name (full name) [Berkshire]:
> >Locality Name (eg, city) [Newbury]:
> >Organization Name (eg, company) [My Company Ltd]:
> >Organizational Unit Name (eg, section) []:
> >Common Name (eg, your name or your server's hostname) []:drevil
> >Email Address []:
> >
> >Please enter the following 'extra' attributes
> >to be sent with your certificate request
> >A challenge password []:
> >An optional company name []:
> >[root@drevil ssl]# openssl rsa -in privkey.pem -out
> my-server.key read
> >RSA key Enter PEM pass phrase:
> >writing RSA key
> >[root@drevil ssl]# openssl x509 -in my-server.csr -out my-server.cert
> >-req -signkey my-server.key -days 365
> >Signature ok
> >subject=/C=US/ST=Berkshire/L=Newbury/O=My Company Ltd/CN=drevil
> >Getting Private key
> >[root@drevil ssl]# openssl x509 -in my-server.cert -out
> >my-server.der.crt -outform DER
> >
> >
> >
> >>-----Original Message-----
> >>From: J. Greenlees [mailto:jaqui@shaw.ca]
> >>Sent: Thursday, September 26, 2002 8:19 PM
> >>To: users@httpd.apache.org
> >>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
> >>
> >>
> >>hmmm, when starting the server do you get an error message at
> >>all? do you have a certificate ( even unsigned ) for the
> >>secure server?
> >>
> >>I have problems getting Rh to install on my system so using
> mandrake,
> >>don't have this problem on my systems. ( at least when I
> start secure
> >>server and have certificate )
> >>
> >>trying to remember the command but there is an apache command
> >>that will
> >>list loaded modules...ccheck the docs on mod_ssl it may
> help diagnose
> >>exactly where the problem is.
> >>
> >>Matt Raible wrote:
> >>
> >>>So you're saying that mod_ssl.* (I'm guessing it'c
> >>>
> >>mod_ssl.c) is loaded
> >>
> >>>by default with the IfModule code below? Is their anyway to ensure
> >>>this?
> >>>
> >>>In ssl.conf, I have the following line under <VirtualHost
> >>>_default_:443>
> >>>
> >>>ErrorLog logs/ssl.log
> >>>
> >>>But this does not get generated - I'm starting apache with
> >>>/usr/local/apache2/bin/apachectl startssl
> >>>
> >>>Here's what I get when I try to test it with openssl:
> >>>
> >>># openssl s_client -connect localhost:443
> >>>connect: Connection refused
> >>>connect:errno=29
> >>>#
> >>>
> >>>Thanks,
> >>>
> >>>Matt
> >>>
> >>>>-----Original Message-----
> >>>>From: J. Greenlees [mailto:jaqui@shaw.ca]
> >>>>Sent: Thursday, September 26, 2002 7:19 PM
> >>>>To: users@httpd.apache.org
> >>>>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
> >>>>
> >>>>
> >>>>Matt Raible wrote:
> >>>>
> >>>>>Platform: Red Hat 7.3
> >>>>>
> >>>>>I'm trying to setup SSL for Apache on Linux and I can't seem
> >>>>>
> >>>>to get it
> >>>>
> >>>>>working properly. The following line in httpd.conf gives me the
> >>>>>impression that the mod_ssl is already installed:
> >>>>>
> >>>>><IfModule mod_ssl.c>
> >>>>> Include conf/ssl.conf
> >>>>></IfModule>
> >>>>>
> >>>>>Do I have to add LoadModule ...?? If so, how do I get/create
> >>>>>mod_ssl.so?
> >>>>>
> >>>>>Thanks,
> >>>>>
> >>>>>Matt
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>-----------------------------------------------------------
> >>>>>
> >>----------
> >>
> >>>>>The official User-To-User support forum of the Apache
> HTTP Server
> >>>>>Project. See
> <URL:http://httpd.apache.org/userslist.html> for more
> >>>>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>>>For additional commands, e-mail: users-help@httpd.apache.org
> >>>>>
> >>>>>
> >>>>Matt,
> >>>>usually with linux disro's you don't have to alter the conf for
> >>>>enabling cgi or ssl, or even php.
> >>>>
> >>>>you do have to make / get a certificate for the ssl though.
> >>>>
> >>>>
> >>>>
> >>>>------------------------------------------------------------
> >>>>
> >>---------
> >>
> >>>>The official User-To-User support forum of the Apache HTTP Server
> >>>>Project. See <URL:http://httpd.apache.org/userslist.html>
> for more
> >>>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>>For additional commands, e-mail: users-help@httpd.apache.org
> >>>>
> >>>
> >>>
> >>>-----------------------------------------------------------
> ----------
> >>>The official User-To-User support forum of the Apache HTTP Server
> >>>Project. See <URL:http://httpd.apache.org/userslist.html> for more
> >>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>For additional commands, e-mail: users-help@httpd.apache.org
> >>>
> >>>
> >>
> >>
> >>
> >>------------------------------------------------------------
> ---------
> >>The official User-To-User support forum of the Apache HTTP
> >>Server Project. See
> >><URL:http://httpd.apache.org/userslist.html> for more info.
> >>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>For additional commands, e-mail: users-help@httpd.apache.org
> >>
> >
> >
> >
> >---------------------------------------------------------------------
> >The official User-To-User support forum of the Apache HTTP
> Server Project.
> >See <URL:http://httpd.apache.org/userslist.html> for more info.
> >To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> >For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by "J. Greenlees" <ja...@shaw.ca>.
just checking the docs for apache 2 mod_ssl, did you tell the server
where the server key is?
http://httpd.apache.org/docs-2.0/mod/mod_ssl.html
Matt Raible wrote:
>I added a certificate with the commands below and started my server with
>"/usr/local/apachectl -D SSL -k start" but it still appears as if this
>directive:
>
><IfModule mod_ssl.c>
> Include conf/ssl.conf
></IfModule>
>
>is not working :(
>
>[root@drevil ssl]# openssl req -new -out my-server.csr
>Using configuration from /usr/share/ssl/openssl.cnf
>Generating a 1024 bit RSA private key
>................++++++
>..................++++++
>writing new private key to 'privkey.pem'
>Enter PEM pass phrase:
>Verifying password - Enter PEM pass phrase:
>-----
>You are about to be asked to enter information that will be incorporated
>into your certificate request.
>What you are about to enter is what is called a Distinguished Name or a
>DN.
>There are quite a few fields but you can leave some blank
>For some fields there will be a default value,
>If you enter '.', the field will be left blank.
>-----
>Country Name (2 letter code) [GB]:US
>State or Province Name (full name) [Berkshire]:
>Locality Name (eg, city) [Newbury]:
>Organization Name (eg, company) [My Company Ltd]:
>Organizational Unit Name (eg, section) []:
>Common Name (eg, your name or your server's hostname) []:drevil
>Email Address []:
>
>Please enter the following 'extra' attributes
>to be sent with your certificate request
>A challenge password []:
>An optional company name []:
>[root@drevil ssl]# openssl rsa -in privkey.pem -out my-server.key
>read RSA key
>Enter PEM pass phrase:
>writing RSA key
>[root@drevil ssl]# openssl x509 -in my-server.csr -out my-server.cert
>-req -signkey my-server.key -days 365
>Signature ok
>subject=/C=US/ST=Berkshire/L=Newbury/O=My Company Ltd/CN=drevil
>Getting Private key
>[root@drevil ssl]# openssl x509 -in my-server.cert -out
>my-server.der.crt -outform DER
>
>
>
>>-----Original Message-----
>>From: J. Greenlees [mailto:jaqui@shaw.ca]
>>Sent: Thursday, September 26, 2002 8:19 PM
>>To: users@httpd.apache.org
>>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>>
>>
>>hmmm, when starting the server do you get an error message at
>>all? do you have a certificate ( even unsigned ) for the
>>secure server?
>>
>>I have problems getting Rh to install on my system so using mandrake,
>>don't have this problem on my systems. ( at least when I start secure
>>server and have certificate )
>>
>>trying to remember the command but there is an apache command
>>that will
>>list loaded modules...ccheck the docs on mod_ssl it may help diagnose
>>exactly where the problem is.
>>
>>Matt Raible wrote:
>>
>>>So you're saying that mod_ssl.* (I'm guessing it'c
>>>
>>mod_ssl.c) is loaded
>>
>>>by default with the IfModule code below? Is their anyway to ensure
>>>this?
>>>
>>>In ssl.conf, I have the following line under <VirtualHost
>>>_default_:443>
>>>
>>>ErrorLog logs/ssl.log
>>>
>>>But this does not get generated - I'm starting apache with
>>>/usr/local/apache2/bin/apachectl startssl
>>>
>>>Here's what I get when I try to test it with openssl:
>>>
>>># openssl s_client -connect localhost:443
>>>connect: Connection refused
>>>connect:errno=29
>>>#
>>>
>>>Thanks,
>>>
>>>Matt
>>>
>>>>-----Original Message-----
>>>>From: J. Greenlees [mailto:jaqui@shaw.ca]
>>>>Sent: Thursday, September 26, 2002 7:19 PM
>>>>To: users@httpd.apache.org
>>>>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>>>>
>>>>
>>>>Matt Raible wrote:
>>>>
>>>>>Platform: Red Hat 7.3
>>>>>
>>>>>I'm trying to setup SSL for Apache on Linux and I can't seem
>>>>>
>>>>to get it
>>>>
>>>>>working properly. The following line in httpd.conf gives me the
>>>>>impression that the mod_ssl is already installed:
>>>>>
>>>>><IfModule mod_ssl.c>
>>>>> Include conf/ssl.conf
>>>>></IfModule>
>>>>>
>>>>>Do I have to add LoadModule ...?? If so, how do I get/create
>>>>>mod_ssl.so?
>>>>>
>>>>>Thanks,
>>>>>
>>>>>Matt
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>-----------------------------------------------------------
>>>>>
>>----------
>>
>>>>>The official User-To-User support forum of the Apache HTTP Server
>>>>>Project. See <URL:http://httpd.apache.org/userslist.html> for more
>>>>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>>>
>>>>>
>>>>Matt,
>>>>usually with linux disro's you don't have to alter the conf
>>>>for enabling
>>>>cgi or ssl, or even php.
>>>>
>>>>you do have to make / get a certificate for the ssl though.
>>>>
>>>>
>>>>
>>>>------------------------------------------------------------
>>>>
>>---------
>>
>>>>The official User-To-User support forum of the Apache HTTP
>>>>Server Project. See
>>>><URL:http://httpd.apache.org/userslist.html> for more info.
>>>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>
>>>
>>>---------------------------------------------------------------------
>>>The official User-To-User support forum of the Apache HTTP Server
>>>Project. See <URL:http://httpd.apache.org/userslist.html> for more
>>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>
>>
>>
>>---------------------------------------------------------------------
>>The official User-To-User support forum of the Apache HTTP
>>Server Project. See
>><URL:http://httpd.apache.org/userslist.html> for more info.
>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>For additional commands, e-mail: users-help@httpd.apache.org
>>
>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by Matt Raible <ma...@raibledesigns.com>.
I added a certificate with the commands below and started my server with
"/usr/local/apachectl -D SSL -k start" but it still appears as if this
directive:
<IfModule mod_ssl.c>
Include conf/ssl.conf
</IfModule>
is not working :(
[root@drevil ssl]# openssl req -new -out my-server.csr
Using configuration from /usr/share/ssl/openssl.cnf
Generating a 1024 bit RSA private key
................++++++
..................++++++
writing new private key to 'privkey.pem'
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:
Locality Name (eg, city) [Newbury]:
Organization Name (eg, company) [My Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:drevil
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@drevil ssl]# openssl rsa -in privkey.pem -out my-server.key
read RSA key
Enter PEM pass phrase:
writing RSA key
[root@drevil ssl]# openssl x509 -in my-server.csr -out my-server.cert
-req -signkey my-server.key -days 365
Signature ok
subject=/C=US/ST=Berkshire/L=Newbury/O=My Company Ltd/CN=drevil
Getting Private key
[root@drevil ssl]# openssl x509 -in my-server.cert -out
my-server.der.crt -outform DER
> -----Original Message-----
> From: J. Greenlees [mailto:jaqui@shaw.ca]
> Sent: Thursday, September 26, 2002 8:19 PM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>
>
> hmmm, when starting the server do you get an error message at
> all? do you have a certificate ( even unsigned ) for the
> secure server?
>
> I have problems getting Rh to install on my system so using mandrake,
> don't have this problem on my systems. ( at least when I start secure
> server and have certificate )
>
> trying to remember the command but there is an apache command
> that will
> list loaded modules...ccheck the docs on mod_ssl it may help diagnose
> exactly where the problem is.
>
> Matt Raible wrote:
>
> >So you're saying that mod_ssl.* (I'm guessing it'c
> mod_ssl.c) is loaded
> >by default with the IfModule code below? Is their anyway to ensure
> >this?
> >
> >In ssl.conf, I have the following line under <VirtualHost
> >_default_:443>
> >
> >ErrorLog logs/ssl.log
> >
> >But this does not get generated - I'm starting apache with
> >/usr/local/apache2/bin/apachectl startssl
> >
> >Here's what I get when I try to test it with openssl:
> >
> ># openssl s_client -connect localhost:443
> >connect: Connection refused
> >connect:errno=29
> >#
> >
> >Thanks,
> >
> >Matt
> >
> >>-----Original Message-----
> >>From: J. Greenlees [mailto:jaqui@shaw.ca]
> >>Sent: Thursday, September 26, 2002 7:19 PM
> >>To: users@httpd.apache.org
> >>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
> >>
> >>
> >>Matt Raible wrote:
> >>
> >>>Platform: Red Hat 7.3
> >>>
> >>>I'm trying to setup SSL for Apache on Linux and I can't seem
> >>>
> >>to get it
> >>
> >>>working properly. The following line in httpd.conf gives me the
> >>>impression that the mod_ssl is already installed:
> >>>
> >>><IfModule mod_ssl.c>
> >>> Include conf/ssl.conf
> >>></IfModule>
> >>>
> >>>Do I have to add LoadModule ...?? If so, how do I get/create
> >>>mod_ssl.so?
> >>>
> >>>Thanks,
> >>>
> >>>Matt
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>-----------------------------------------------------------
> ----------
> >>>The official User-To-User support forum of the Apache HTTP Server
> >>>Project. See <URL:http://httpd.apache.org/userslist.html> for more
> >>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>For additional commands, e-mail: users-help@httpd.apache.org
> >>>
> >>>
> >>Matt,
> >>usually with linux disro's you don't have to alter the conf
> >>for enabling
> >>cgi or ssl, or even php.
> >>
> >>you do have to make / get a certificate for the ssl though.
> >>
> >>
> >>
> >>------------------------------------------------------------
> ---------
> >>The official User-To-User support forum of the Apache HTTP
> >>Server Project. See
> >><URL:http://httpd.apache.org/userslist.html> for more info.
> >>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >> " from the digest: users-digest-unsubscribe@httpd.apache.org
> >>For additional commands, e-mail: users-help@httpd.apache.org
> >>
> >
> >
> >
> >---------------------------------------------------------------------
> >The official User-To-User support forum of the Apache HTTP Server
> >Project. See <URL:http://httpd.apache.org/userslist.html> for more
> >info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> >For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project. See
> <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by "J. Greenlees" <ja...@shaw.ca>.
hmmm, when starting the server do you get an error message at all?
do you have a certificate ( even unsigned ) for the secure server?
I have problems getting Rh to install on my system so using mandrake,
don't have this problem on my systems. ( at least when I start secure
server and have certificate )
trying to remember the command but there is an apache command that will
list loaded modules...ccheck the docs on mod_ssl it may help diagnose
exactly where the problem is.
Matt Raible wrote:
>So you're saying that mod_ssl.* (I'm guessing it'c mod_ssl.c) is loaded
>by default with the IfModule code below? Is their anyway to ensure
>this?
>
>In ssl.conf, I have the following line under <VirtualHost _default_:443>
>
>ErrorLog logs/ssl.log
>
>But this does not get generated - I'm starting apache with
>/usr/local/apache2/bin/apachectl startssl
>
>Here's what I get when I try to test it with openssl:
>
># openssl s_client -connect localhost:443
>connect: Connection refused
>connect:errno=29
>#
>
>Thanks,
>
>Matt
>
>>-----Original Message-----
>>From: J. Greenlees [mailto:jaqui@shaw.ca]
>>Sent: Thursday, September 26, 2002 7:19 PM
>>To: users@httpd.apache.org
>>Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>>
>>
>>Matt Raible wrote:
>>
>>>Platform: Red Hat 7.3
>>>
>>>I'm trying to setup SSL for Apache on Linux and I can't seem
>>>
>>to get it
>>
>>>working properly. The following line in httpd.conf gives me the
>>>impression that the mod_ssl is already installed:
>>>
>>><IfModule mod_ssl.c>
>>> Include conf/ssl.conf
>>></IfModule>
>>>
>>>Do I have to add LoadModule ...?? If so, how do I get/create
>>>mod_ssl.so?
>>>
>>>Thanks,
>>>
>>>Matt
>>>
>>>
>>>
>>>
>>>
>>>---------------------------------------------------------------------
>>>The official User-To-User support forum of the Apache HTTP Server
>>>Project. See <URL:http://httpd.apache.org/userslist.html> for more
>>>info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>Matt,
>>usually with linux disro's you don't have to alter the conf
>>for enabling
>>cgi or ssl, or even php.
>>
>>you do have to make / get a certificate for the ssl though.
>>
>>
>>
>>---------------------------------------------------------------------
>>The official User-To-User support forum of the Apache HTTP
>>Server Project. See
>><URL:http://httpd.apache.org/userslist.html> for more info.
>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>For additional commands, e-mail: users-help@httpd.apache.org
>>
>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by Matt Raible <ma...@raibledesigns.com>.
So you're saying that mod_ssl.* (I'm guessing it'c mod_ssl.c) is loaded
by default with the IfModule code below? Is their anyway to ensure
this?
In ssl.conf, I have the following line under <VirtualHost _default_:443>
ErrorLog logs/ssl.log
But this does not get generated - I'm starting apache with
/usr/local/apache2/bin/apachectl startssl
Here's what I get when I try to test it with openssl:
# openssl s_client -connect localhost:443
connect: Connection refused
connect:errno=29
#
Thanks,
Matt
> -----Original Message-----
> From: J. Greenlees [mailto:jaqui@shaw.ca]
> Sent: Thursday, September 26, 2002 7:19 PM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Apache 2.0.40, SSL and Linux
>
>
> Matt Raible wrote:
>
> >Platform: Red Hat 7.3
> >
> >I'm trying to setup SSL for Apache on Linux and I can't seem
> to get it
> >working properly. The following line in httpd.conf gives me the
> >impression that the mod_ssl is already installed:
> >
> ><IfModule mod_ssl.c>
> > Include conf/ssl.conf
> ></IfModule>
> >
> >Do I have to add LoadModule ...?? If so, how do I get/create
> >mod_ssl.so?
> >
> >Thanks,
> >
> >Matt
> >
> >
> >
> >
> >
> >---------------------------------------------------------------------
> >The official User-To-User support forum of the Apache HTTP Server
> >Project. See <URL:http://httpd.apache.org/userslist.html> for more
> >info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> >For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
> Matt,
> usually with linux disro's you don't have to alter the conf
> for enabling
> cgi or ssl, or even php.
>
> you do have to make / get a certificate for the ssl though.
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project. See
> <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by "J. Greenlees" <ja...@shaw.ca>.
Matt Raible wrote:
>Platform: Red Hat 7.3
>
>I'm trying to setup SSL for Apache on Linux and I can't seem to get it
>working properly. The following line in httpd.conf gives me the
>impression that the mod_ssl is already installed:
>
><IfModule mod_ssl.c>
> Include conf/ssl.conf
></IfModule>
>
>Do I have to add LoadModule ...?? If so, how do I get/create
>mod_ssl.so?
>
>Thanks,
>
>Matt
>
>
>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
Matt,
usually with linux disro's you don't have to alter the conf for enabling
cgi or ssl, or even php.
you do have to make / get a certificate for the ssl though.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by "J. Greenlees" <ja...@shaw.ca>.
yup, Matt got it running last night.
Jim Kipp wrote:
>I think apache -l will list the installed modules. if it is not listed,
>probably best to recompile it and include the ssl module in the config part
>
>-----Original Message-----
>From: Matt Raible [mailto:matt@raibledesigns.com]
>Sent: Thursday, September 26, 2002 9:07 PM
>To: users@httpd.apache.org
>Subject: [users@httpd] Apache 2.0.40, SSL and Linux
>
>
>Platform: Red Hat 7.3
>
>I'm trying to setup SSL for Apache on Linux and I can't seem to get it
>working properly. The following line in httpd.conf gives me the
>impression that the mod_ssl is already installed:
>
><IfModule mod_ssl.c>
> Include conf/ssl.conf
></IfModule>
>
>Do I have to add LoadModule ...?? If so, how do I get/create
>mod_ssl.so?
>
>Thanks,
>
>Matt
>
>
>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>---
>Incoming mail is certified Virus Free.
>Checked by AVG anti-virus system (http://www.grisoft.com).
>Version: 6.0.391 / Virus Database: 222 - Release Date: 9/19/2002
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Apache 2.0.40, SSL and Linux
Posted by Jim Kipp <jk...@comcast.net>.
I think apache -l will list the installed modules. if it is not listed,
probably best to recompile it and include the ssl module in the config part
-----Original Message-----
From: Matt Raible [mailto:matt@raibledesigns.com]
Sent: Thursday, September 26, 2002 9:07 PM
To: users@httpd.apache.org
Subject: [users@httpd] Apache 2.0.40, SSL and Linux
Platform: Red Hat 7.3
I'm trying to setup SSL for Apache on Linux and I can't seem to get it
working properly. The following line in httpd.conf gives me the
impression that the mod_ssl is already installed:
<IfModule mod_ssl.c>
Include conf/ssl.conf
</IfModule>
Do I have to add LoadModule ...?? If so, how do I get/create
mod_ssl.so?
Thanks,
Matt
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.391 / Virus Database: 222 - Release Date: 9/19/2002
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org