SSL and Apache!!!!!!

[RK Paleru <rk...@hotmail.com>]

Hi,

I am tired of trying to find a clear step by step documentation for SSL support for my Apache Web Server 2.0.43. Also I am not sure whether I need mod_ssl / openssl or something else......

I am also running tomcat as my servlet engine and is connected to apache.....using mod_jk.

Please let me know how to go about the SSL installation process......


I went to this site and did most of the stuff 
http://raibledesigns.com/tomcat/ssl-howto.html

but when it comes to running openssl -new...... it cribs saying there is no config file or environment variable not set....

Any help would be grately appreciated.....

regards

RK

Re: SSL and Apache!!!!!!

[Julio César Mejia Vergara <ju...@telnor.com>]

Here is how i installed Apache with mod_ssl on apache 2.0.39 on Solaris 
8, but you need to install first openssl on your sistem and ad it to 
your computer PATH.

#./configure –prefix=/usr/local/apache –enable-so –enable-info 
–enable-ssl –enable-modules-all
#make
#make install

Julio


RK Paleru wrote:

>Hi,
>
>I am tired of trying to find a clear step by step documentation for SSL support for my Apache Web Server 2.0.43. Also I am not sure whether I need mod_ssl / openssl or something else......
>
>I am also running tomcat as my servlet engine and is connected to apache.....using mod_jk.
>
>Please let me know how to go about the SSL installation process......
>
>
>I went to this site and did most of the stuff 
>http://raibledesigns.com/tomcat/ssl-howto.html
>
>but when it comes to running openssl -new...... it cribs saying there is no config file or environment variable not set....
>
>Any help would be grately appreciated.....
>
>regards
>
>RK
>  
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: SSL and Apache!!!!!!

["Mark W. Webb" <ma...@dolphtech.com>]

I have finally figured out how to get Apache(SSL) and Tomcat 4.1.24 
working.  For one, there is a bug in the JkCoyoteHandler.  I hope to put 
together a web page that shows how this can be done.  If you do not hear 
back from me in a day or two, let me know.



RK Paleru wrote:

>Hi,
>
>I am tired of trying to find a clear step by step documentation for SSL support for my Apache Web Server 2.0.43. Also I am not sure whether I need mod_ssl / openssl or something else......
>
>I am also running tomcat as my servlet engine and is connected to apache.....using mod_jk.
>
>Please let me know how to go about the SSL installation process......
>
>
>I went to this site and did most of the stuff 
>http://raibledesigns.com/tomcat/ssl-howto.html
>
>but when it comes to running openssl -new...... it cribs saying there is no config file or environment variable not set....
>
>Any help would be grately appreciated.....
>
>regards
>
>RK
>  
>



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

[OFF-TOPIC] Re: SSL and Apache!!!!!!

[John Turner <to...@johnturner.com>]

On Tue, 8 Apr 2003 09:27:50 -0400, RK Paleru <rp...@uncc.edu> wrote:

>
> Things Done by Me:
>
> 1. I thought I had two options of either installing SSL using (i) Apache- 
> SSL
> or (ii) mod_ssl with OpenSSL.

If you are using Apache 1.3.x, you need mod_ssl.  If you are using Apache 
2, mod_ssl has been included.  To see if you have mod_ssl enabled, do 
"/path/to/apache/bin/httpd -l"

> 2. I chose the second option of mod_ssl with Open SSL. (though am not 
> sure
> now if the version of mod_ssl is only for Apache 1.3.x when I actually 
> have
> 2.0.43)

See above.

> 3. I downloaded mod_ssl actually and OpenSSL and followd step by step of 
> the
> steps suggested in this
> site....http://raibledesigns.com/tomcat/ssl-howto.html

OK

> 4. When I ran "openssl req -new -out server.csr" I get the Keys Generated
> but get an error saying that some environment variable may not be set.

What environment variable?  OPENSSL_CONF?  If OPENSSL_CONF, did you read 
the errata at Matt Raible's site?

> 6. I am using Windows 2000 Professional Server
>

OK

> Things needing Clarification:
>
> 1. Any help in finding out which connector I am using for Apache - Tomcat
> talking (Jk or JK2) might be helpful (not a must to help).

Which did you install?  Which one does Apache load?  Which properties files 
are you using, workers.properties or jk2.properties?  Does your Apache 
config have "JkMount" in it or "JkUriSet" or nothing?

> 2. Is mod_ssl for Apache 1.3.X or for even 2.0.X. I see from mod_ssl 
> sites
> that mod_ssl is only for 1.3.x....... What is the latest way in dealing 
> with
> installing SSL for my Apache????

This is covered to some length on Matt's site.  Under section 2, "getting 
OpenSSL", it says "(You can get the 2.0.42 version at 
http://hunter.campbus.com/, older packages are also available at 
http://hunter.campbus.com). Download and unzip it to a new directory. "

I just checked there and the site owner offers a file called Apache_2.0.45- 
Openssl_0.9.7a-Win32.zip which seems to be exactly what you would need.

> 3. How to go about accomplishing the setting up and generate / publish 
> keys
> / certificates.

This would be openssl related, and covered in the openssl docs.  Also 
covered in section 3 of Matt's document: "Creating a test certificate".  
For example, to create a self-signed certificate that expires in one year 
and that your users can install in their browsers:

openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 
365

>
> regards
>
> RK
>

John



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: SSL and Apache!!!!!!

[John Turner <to...@johnturner.com>]

Some of us are tired of people demanding answers to off-topic questions.

I suggest that you need to think about what it is you want to accomplish, 
then state that goal clearly to those of us who may still be willing to 
help you.

Is your goal:

- to use Apache + a connector + Tomcat with SSL communication?

- to use Tomcat with SSL?

Which one you choose makes a difference.  If the first, then you do not set 
SSL up on Tomcat, you set it up on Apache, as the connectors do not "speak" 
SSL to Tomcat.  Documentation for Apache SSL is readily available if you 
choose to look for it.  Like the Apache docs at apache.org, or even 
http://www.modssl.org, depending on your Apache version.

If the second, what you need to do is be a little more forthcoming with 
information like error messages, etc.  Saying "I did most of the stuff" 
means nothing, and does nothing to encourage anyone to help you.  If, 
however, you choose to explain in clear terms which "most" you did and 
which "less" you didn't, and exactly what error messages you are getting, 
etc. maybe someone will help you.  Keep in mind that your problem may not 
be Tomcat related at all.

John

On Tue, 8 Apr 2003 00:24:05 -0400, RK Paleru <rk...@hotmail.com> wrote:

> Hi,
>
> I am tired of trying to find a clear step by step documentation for SSL 
> support for my Apache Web Server 2.0.43. Also I am not sure whether I 
> need mod_ssl / openssl or something else......
>
> I am also running tomcat as my servlet engine and is connected to 
> apache.....using mod_jk.
>
> Please let me know how to go about the SSL installation process......
>
>
> I went to this site and did most of the stuff 
> http://raibledesigns.com/tomcat/ssl-howto.html
>
> but when it comes to running openssl -new...... it cribs saying there is 
> no config file or environment variable not set....
>
> Any help would be grately appreciated.....
>
> regards
>
> RK
>



-- 
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org