Re: Problem setting up ssl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

In ports.conf have a 443 port listen configured? You enable mod_ssl with a2enmod mod_ssl?

On Sun, Aug 12, 2018 at 2:52 PM Mahmood Naderan <nt_mahmood@xxxxxxxxx.invalid> wrote:
Hi,

I am totally confused with the configuration of ssl via apache2. The server's page is reachable by an IP address. So, when I enter http://w.x.y.z I am able to see the web page and the content of /etc/apache2/sites-available/000-default.conf is


        DocumentRoot /var/www/html
        <Directory /var/www/html/>
             Options FollowSymLinks
             AllowOverride All
             Order allow,deny
             allow from all
        </Directory>



Now, what I do for the ssl is to first comment the above lines (because the virtualhost is on port 80). Then I paste the above lines in  /etc/apache2/sites-available/default-ssl.conf and the content is shown below. Please note that the certificates were obtained by the network admin and are valid because the main website has FQDN.


<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerAdmin webmaster@localhost
                DocumentRoot /var/www/html
                <Directory /var/www/html/>
                     Options FollowSymLinks
                     AllowOverride All
                     Order allow,deny
                     allow from all
                </Directory>
                LogLevel debug ssl:warn

                ErrorLog ${APACHE_LOG_DIR}/error.log
                CustomLog ${APACHE_LOG_DIR}/access.log combined

                SSLCertificateFile /home/mahmood/certi/certificate-standard_wildcard.SOMEWHERE.COM.crt
                SSLCertificateKeyFile /home/mahmood/certi/certificate-standard_wildcard. SOMEWHERE.COM.key
                SSLCertificateChainFile /home/mahmood/certi/intermediate.crt
                SSLEngine on

                <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>
        </VirtualHost>
</IfModule>





I also paste the following entries in /var/www/html/.htaccess


        RewriteEngine on        RewriteCond %{SERVER_PORT} 443        RewriteCond %{HTTP_HOST} ^(subdomain\.)?SOMEWHERE\.COM        RewriteRule ^(.*)$ https://subdomain.SOMEWHERE.COM/$1 [R,L]


The firewall status also looks fine


root@webshub:~# ufw status
Status: active
To                         Action      From
--                         ------      ----
Apache Full                ALLOW       Anywhere
OpenSSH                    ALLOW       Anywhere
20/tcp                     ALLOW       Anywhere
21/tcp                     ALLOW       Anywhere
990/tcp                    ALLOW       Anywhere
40000:50000/tcp            ALLOW       Anywhere
Apache Full (v6)           ALLOW       Anywhere (v6)
OpenSSH (v6)               ALLOW       Anywhere (v6)
20/tcp (v6)                ALLOW       Anywhere (v6)
21/tcp (v6)                ALLOW       Anywhere (v6)
990/tcp (v6)               ALLOW       Anywhere (v6)
40000:50000/tcp (v6)       ALLOW       Anywhere (v6)




After restarting apache2 service, still I see that http://w.x.y.z works but https://w.x.y.z is unreachable with the browser.


Any thought is welcomed.



Regards,
Mahmood

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



--
Elias Pereira
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux