httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sam Carleton" <scarle...@miltonstreet.com>
Subject [users@httpd] apache + ssl: client denied by server configuration
Date Fri, 26 Jan 2007 17:04:12 GMT
I am trying to get SSL up and running on my new apache server.  The
server starts up just fine and serves up regular pages on port 80, but
when I direct it towards the SSL port, Firefox give me an error:

"bv.<domain>.com has sent an incorrect or unexpected message.
Error Code: -12263"

When I look at the apache error log, I get this:

client denied by server configuration: /usr/local/apache2/htdocs/

what is strange is that I am not using /usr/local/apache2/htdocs/
anywhere in the httpd.conf file. I have searched and searched the
config file for htdocs and it simply is not there.  Any thoughts?

Sam

P.S.  Here is my complete httpd.conf file:

ServerRoot /usr/local/apache2
PidFile /usr/local/apache2/logs/httpd.pid

Listen 80
ServerAdmin scarleton@<domain>.com
ServerSignature Off
User httpd
Group httpd
HostNameLookups Off
TimeOut 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 1000
ServerTokens ProductOnly

LoadModule php5_module        modules/libphp5.so

AddHandler application/x-httpd-php .php
AddHandler application/x-httpd-php .inc
AddHandler application/x-httpd-php .class
AddHandler application/x-httpd-php .module

DefaultType text/plain

<IfModule mime_module>
   TypesConfig conf/mime.types
   AddType application/x-compress .Z
   AddType application/x-gzip .gz .tgz
</IfModule>

DirectoryIndex index.html index.php

<FilesMatch "(^\.ht|~$|\.bak$|\.BAK$)">
   Order Allow,Deny
   Deny from all
</FilesMatch>

<DirectoryMatch /CVS/>
   Order Allow,Deny
   Deny from all
</DirectoryMatch>

<Directory />
   Order Deny,Allow
   Deny from all
   Options None
   AllowOverride None
</Directory>

<Directory /home/www/mainroot>
   Order Allow,Deny
   Allow from all
</Directory>

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
\"%{User-Agent}i\"" combined
CustomLog /var/log/httpd/access_log combined

LogLevel info
ErrorLog /var/log/httpd/error_log

<VirtualHost *:80>
       DocumentRoot /home/www/mainroot
</VirtualHost>

Listen 443

<IfModule mime.c>
       AddType application/x-x509-ca-cert      .crt
       AddType application/x-pkcs7-crl         .crl
</IfModule>

SSLPassPhraseDialog builtin
SSLSessionCache shm:/usr/local/apache2/logs/ssl_cache_shm
SSLSessionCacheTimeout 600
SSLMutex file:/usr/local/apache2/logs/ssl_mutex
SSLRandomSeed startup file:/dev/urandom 1024
SSLRandomSeed connect file:/dev/urandom 1024

<VirtualHost bv.miltonstreet.com:433>
       DocumentRoot "/home/www/subversion"
       ServerName bv.<domain>.com
       SSLEngine on
       #SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM
       #SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
       SSLCipherSuite HIGH:MEDIUM
       SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
       SSLCertificateKeyFile /usr/local/apache2/conf/ssl.crt/server.key
       SSLOptions +StrictRequire
       SSLProtocol -all +TLSv1 +SSLv3
       SetEnvIf User-Agent ".*MSIE.*" \
               nokeepalive ssl-unclean-shutdown \
               downgrade-1.0 force-response-1.0
</VirtualHost>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message