Files:
-rw-r--r-- 1 root 859 Apr 3 11:45 /etc/apache2/ssl/crt/vhost1.crt-rw-r--r-- 1 root 916 Apr 3 11:45 /etc/apache2/ssl/key/vhost1.keySo AFAIK I've got a certificate I've generated myself. Nobody vouches for me but it shoud enable encryption and make my TCP/IP packets hard to read.
Contents of /etc/apache2/ports.conf:
NameVirtualHost *:80
Listen 80<IfModule mod_gnutls.c>
<IfModule mod_ssl.c>
Listen 443
</IfModule>
Listen 443
</IfModule>
Files:
-rw-r--r-- 1 andy 1439 Apr 3 14:48 /etc/apache2/sites-available/default
-rw-r--r-- 1 andy 7485 Jun 16 2011 /etc/apache2/sites-available/default-ssl
-rw-r--r-- 1 root 7469 Feb 7 2012 /etc/apache2/sites-available/default-ssl.original
-rw-r--r-- 1 root 950 Feb 7 2012 /etc/apache2/sites-available/default.original
I see here that /etc/apache2/sites-available has one symbolic link to /etc/apache2/sites-available/default, and no symbolic links to any of the other entries in the sites-available directory. Also all the other entries in /etc/apache2/sites-available are symbolic links to configuration files such as
lrwxrwxrwx 1 root 21 May 6 2012 /etc/apache2/sites-enabled/opal.conf -> /www/opal/apache.confThese links have been working fine for years as links into the site control directory and not into 'sites-available'. But perhaps that is wrong.
Maybe what I need is a symbolic link from sites-enabled to ../sites-available/default-ssl ? Nope, tested, did not solve the problem....
When I give this command (as root) -
/etc/init.d/apache2 restartI see only this output:
apache2: Could not reliably determine the server's fully qualified domain name, using 192.168.1.112 for ServerName
... waiting apache2: Could not reliably determine the server's fully qualified domain name, using 192.168.1.112 for ServerName
[ OK ]
But nmap still says that nothing is listening to port 443.
Thank you Oren.
On 04/03/2014 04:04 PM, Oren wrote:
.Hi Andy.
Process basically include getting/creating a certificate, define it on your site and reload apache.
here is a centos manual which is not exactly the same on ubuntu but pretty much explains the order of things
http://wiki.centos.org/HowTos/Https
on ubuntu you will have to open the 443 port
<IfModule mod_ssl.c>
Listen 443
</IfModule>
once the https is ready, you can do a redirect to the https site from http. (with mod_rewrite)
do you have logs or any information on what is not working?
Oren
On 04/03/2014 11:39 AM, Andy Canfield wrote:
I have been using apache for maybe ten years now, and maintain two
servers in addition to the apache on my notebook computer for testing.
All using Ubuntu Linux *.04 LTS. It now appears that I ought to convert
from http to https.
But the documentation is insane. A piece here, a piece there, have to do
X (but first? and afterwards?). Assuming everything is else is OK, this
is way you edit this line in VirtualHost file (there is no
"/etc/apache2/.../VirtualHost" file!)
I figure that I need to do it in two steps:
[1] Get the https version up and running, and
[2] Make the http version automatically switch to https.
But I can't get https working at all, for anything. There's a "Listen
443" in /etc/apache2/ports.conf but 'nmap localhost' says 443 is a
closed port.
Has anybody else ever converted a hosted site from http to https? What
did you have to do to get the secure one working?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|