[users@httpd] Question about setting up secure service

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Dear All: sorry for the length of this -- I am an SSL newbie and need a bit of install advice.
 
We have a windows environment, and have installed Apache2.0.55 with SSL support plus openSSL. We have one dedicated IP address which is currently shared by two name-based virtual hosts. I want to set up a secure subdirectory of one of these domains, in which I can place my e-commerce web-store (and later, possibly some online services). My router is assigned to forward the incoming port 80 and port 443 to the box with IP 192.168.1.2 which has apache on it.
 
I bought a certificate from a CA and attempted to set up the SSL.conf to give me another virtual server -- but so far no joy. I can't seem to get port 443 virtual service https://www.psychtest.com to work alongside port 80 service http://www.psychtest.com
 
The instructions from the CA I dealt with were brief, and upon following them, the setup didn't work. A call to their customer support indicates that the CA lets me secure a specific subdomain, BUT they also want a unique dedicated internet ip address before letting me secure a "subdomain" with one of their certs.
 
Is there a different CA or some way I can to secure a subdirectory or subdomain without getting another dedicated IP address? Can anybody tell me what is the best way to set up for us?
 
below is my ssl.conf
------------------------------------------------
<IfDefine SSL>
 
Listen 443
 
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl
 
SSLPassPhraseDialog  builtin

SSLSessionCache         dbm:logs/ssl_scache
SSLSessionCacheTimeout  300
 
SSLMutex  file:logs/ssl_mutex
 
<VirtualHost 192.168.1.2:443>
#<VirtualHost *:443> (doesn't work)
#<VirtualHost _default_:443>

DocumentRoot "C:/Homepage/secure"
 
<Directory "C:/Homepage/secure">
    SSLRequireSSL
    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>
 
SSLEngine on
 
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
 
# 3 fiels sent to me from the CA
SSLCertificateFile C:/Homepage/Certs/www.psychtest.com.crt
SSLCertificateKeyFile C:/Homepage/Certs/MyCertifcate.key
SSLCertificateChainFile C:/Homepage/Certs/sf_issuing.crt
 
SSLVerifyDepth  5
 
<FilesMatch "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "C:\Program Files\Apache Group\Apache2\cgi-bin">
    SSLOptions +StdEnvVars
</Directory>
 
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
 
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
 
</VirtualHost>                                 
 
</IfDefine>
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux