Susan, What do your apache logs show (httpd-ssl_request.log, httpd_access.log and httpd_error.log in /var/log or something similar)? Yes it sounds like your SSL is running on the server but the server is not authenticating against the certificates, meaning it does not have access to the certificates (perhaps) or the certs are corrupt, possible file permissions and ownership issues on the certs and their parent directories, etc. There are admins that come online a bit later today with more Apache event experience than I, specifically concerning the fact that your client(s) are requested for cert acceptance yet the server disconnects after response. (For example, the server may not send the certificate until it gets an acceptance response from the client.) The more info you can put up the faster you may get a resolution (perhaps the apache and ssl config files, if you can, for example). A long shot would be to check for the IfDefine SSL directives in the apache and ssl config files because this relates to how you also start SSL (I comment them out, for example, so that SSL starts without the deprecated SSL start command, etc.). BZAG ============= -----Original Message----- From: Susan Roesner RZ [mailto:sroe0999@xxxxxxxxxxxxxxxxxxxx] Sent: Thursday, September 22, 2005 7:51 AM To: users@xxxxxxxxxxxxxxxx Subject: Re: [users@httpd] apache2/SSL problems Hello, yes the problem occurs on different clients. It's the first time I tried to connect to this server through https. >State whether this problem occurs on more than one >client, and if this is the first time you've tried >using SSL from a client to this server before or not. > Sorry, I should have said that the we have our own CA and that my browser doesn't recognizes it as an official one as I haven't imported it into my browser. That's why I am asked to accept the certificate. So I think everything is fine with my certificate. I have set up another apache2/ssl and everything works fine there. I wanted to show that the ssl.conf is gone through. I know that the error message mentioned in my first mail could mean that the clients requests https and the server answers with http. But if it asks for the ssl certificate I cannot imagine that this is the problem. >If accessed for the first time, it's possible you have >to redo your server certificates (expirations?) or >delete the ones on your client if you've accessed it >from there before. > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|