httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From DW <xfs...@hotmail.com>
Subject [users@httpd] Re: SSL configuration not working
Date Sat, 18 Jun 2011 01:08:57 GMT

See if this article has anything useful to make it work:

<http://beeznest.wordpress.com/2008/04/25/how-to-configure-https-on-apache-2/>

hth



Jeff Shearer wrote:
>  I am having some trouble getting an SSL connection to work properly.  It has been a
while since I have done this.   If I disable SSL I can get to the http site just fine.  As
a trouble shooting step I left the http site up and enabled the SSL site.  Again I can get
to the http site but not the https site.  I am getting no helpful messages in my logs.  I
have my log level set to debug.
> 
> I am running apache 2.2.14
> 
> I am using nearly the same configuration I had previously used for a SSL protected web
server, but there are some difference.  For one thing, when I received the .crt I was instructed
to load an intermediary .crt file.  I followed the instructions on the GeoTrust site and now
have this SSL configuration:
> 
>   SSLEngine on
> 
>   SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> 
>   SSLCertificateFile "/files/thisdomain.conf/thisdomain.crt"
> 
>   SSLCertificateKeyFile "/files/thisdomain.conf/thisdomain.key"
> 
>   SSLCACertificateFile "/files/thisdomain.conf/intermediate.crt"
> 
>   SSLOptions +StdEnvVars +ExportCertData
> 
> 
> here is the ls output from /files/thisdomain.conf
> 
> -rw-r--r--  1 root       wheel  1989 Jun 16 23:55 apache.thisdomain.conf
> 
> -rw-r--r--  1 root       wheel  1756 Jun 16 22:46 thisdomain.crt
> 
> -rw-r--r--  1 root       wheel  1675 Jun 16 23:30 thisdomain.key
> 
> -rw-r--r--  1 root       wheel  1675 Jun 16 22:44 thisdomainkey.pem
> 
> -rw-r--r--  1 root       wheel  1391 Jun 16 23:41 intermediate.crt
> 
> 
> Another thing I wonder about is that when I created the .crt, I forgot to indicate that
I was using Apache SSL.  When I received the notice that the .crt was ready, the message indicated
I was using some off brand, MS IIS.  I spoke with my reseller's help desk and they indicated
this was not a problem.  Maybe they are wrong?
> 
> When I created my key, it was a .pem file.  Because my previously working site had a
.key file, I copied the .pem to .key.  My research indicates there is a difference beyond
file extension.  Could this be the problem?
> 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message