Tim: >> If you browse to http://bree.org.uk/ and https://bree.org.uk/ >> do you get the same results? > Patrick O'Callaghan: > Internally, yes. I forgot to mention: You should switch off any HTTPS-only browser plug-ins (if you have any), while doing this kind of test. It's only going to add more nuisances to the testing. >> If I try web browsing your site, I get the same "books" page to >> either address. There is a HTTPS connection, but it complains it's >> not secure. There's no obvious indication about who issued the >> certificate. > > There is no certificate. There was. I could see basic details about it. When I tried just now, trying to load the HTTP site immediately bounces me to the HTTPS site, which doesn't load. Remember when playing with Apache, you can set up your own configs in /etc/httpd/conf.d *and* there are some pre-supplied example files. I get similar HTTPS basic cert info from the supplied conf.d/ssl.conf file on my server. One suggested approach is that you make a yourwebsite.conf file to go in there, and put all your site config options (HTTP, HTTPS, file access) into it. For the convenience sake of one personal file for you, and keeping an unmangled basic httpd.conf file. Which was the way you went, according to your other comments. If you only have one site, you may as well do everything in the main /etc/httpd/conf/httpd.conf file, if you want. It may be less confusing if you don't have to check for conflicting options across different files. Remember HTTPS is configured separately from HTTP. You may want to move all/most of the pre-supplied conf.d/ files out of the way (or check each one first, to see whether it's best left there, or shifted out of the way). > > The reason I suspect an Apache problem is as follows: when I configured > the VirtualHost, it was via an included file: > > # pwd > /etc/httpd/conf.d > [root@Bree conf.d]# cat bree.conf > <VirtualHost *:80> > ServerName bree.org.uk > ServerAdmin pocallaghan@xxxxxxxxx > DocumentRoot /var/www/bree.org.uk/html > ErrorLog /var/www/bree.org.uk/error.log > CustomLog /var/www/bree.org.uk/log/access.log combined > </VirtualHost> > # tail -2 ../conf/httpd.conf > # Load config files in the "/etc/httpd/conf.d" directory, if any. > IncludeOptional conf.d/*.conf About the only thing different from that, in mine, is I have UseCanonicalName On as well. The idea is that any internal site redirects, such as when the server does a directory listing for a folder instead of serving a HTML file in it, the browser will come back with a page using your server name if it didn't already (such as browsing by IP address). I think it may also change browsing by the ServerAlias over to using the ServerName. Did you look in the access and error logs for clues? Bear in mind that's the HTTP site details, the HTTPS site config is separate. You may still have the example conf.d/ssl.conf file interfering with your tests. > Now when I start Apache I get: > # apachectl restart > Job for httpd.service failed because the control process exited with error code. > See "systemctl status httpd.service" and "journalctl -xeu httpd.service" for details. > > The only warning in the journal is: > Failed to start httpd.service - The Apache HTTP Server. Nothing else interspersed in an odd place? I still use /var/log/messages. It's more straight-forward to me, and I can see interactions between other things as well as what I'm trying to debug. > IOW Apache simply fails to start when I try to use the VirtualHost > directive, but provides no useful information. Furthermore: > # httpd -t -D DUMP_HOSTS > Syntax OK > # > > So Apache itself says there is no syntax error in the file(s). No *detected* error... :-/ You could have something that's not technically a syntax error, but isn't making your site work in the expected way (for you). > So why do I say that I can browse to port 80? Because when I *don't* > include that bree.conf file, everything starts up and runs. Therefore > the problem logically is in that file, but despite careful scanning of > the Apache docs I can't see what it is. Note that the various files > referenced in bree.conf all exist and are world-readable: > > # ls -l /var/www/bree.org.uk/html > total 4 > -rwxr-xr-x. 1 apache apache 159 Apr 16 22:24 index.html > [root@Bree conf.d]# ls -l /var/www/bree.org.uk/error.log > -rw-r--r--. 1 root root 0 Apr 21 22:28 /var/www/bree.org.uk/error.log > [root@Bree conf.d]# ls -l /var/www/bree.org.uk/log/access.log > ls: cannot access '/var/www/bree.org.uk/log/access.log': No such file or directory > [root@Bree conf.d]# ls -l /var/www/bree.org.uk/log > total 0 Hmm, if there's 0 byte files, or no files, that would either indicate no activity, or log rotation has occurred. In my configuration, logs are not in those paths, there's subdirectories inside these per site. Logs: /var/log/httpd/ Sites: /var/www/ *I* wouldn't want my logs inside the web serving tree. Are all your filepaths correct? -- NB: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the list. The following system info data is generated fresh for each post: uname -rsvp Linux 6.2.8-100.fc36.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Mar 22 19:14:19 UTC 2023 x86_64 _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
