[users@httpd] apache and ssl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Gang,

     I have been working on this issue over the past few days.  I am trying to
get SSL working with Apache 2.0 (Debian 3.0).  I have read through
documentation on how to create Root CA's, ssl certificates and keys,
etc.  I made a root ca and created a certificate and key for my site.
I inserted the these lines into the following files (as well as the http.conf file):

 the mods-available/ssl.conf file (also
tried putting them in my http.conf file):

(mods-available/ssl.conf)
SSLProtocol -all +SSLv2

(virtual host file)
SSLCertificateFile /location2file/filename.crt
SSLCertificateKeyFile /location2file/filename.key

I edited the ports.conf file and added the line "Listen 443", adjusted
my firewall to forward port 443 traffic to the correct ip, edited the
sites-available/sitefile to include two NameVirtualHost directives:

NameVirtualHost 192.168.0.12:80
NameVirtualHost 192.168.0.13:443

then I created two <virtualhost> sections, one for port 80 traffic, one
for port 443 traffic.  Because I am trying to get all files placed in a
sub dir of the root of the website (/ssl), I appended "/ssl" to the end
of the documentroot directive for the 443 entry.  If I visit the url in
http, it displays just fine:

http://www.foo.com/ssl/protected.html

if I try to log into the site using https, I get prompted to accept a
certificate (which isn't the one I created - seems to be the default
one).  If I do accept I get the following error in the browser:

501 Not Implemented
 The requested method is not implemented by this server.

My questions are these:

1) How do I get the "/ssl" directory to use ssl to protect anything
stored in that directory?

2) How do I get apache to use my certificate that I cretaed?

Thanks for any help given.
Dave



Here is some other related information:

I have tried starting apache with "apache2ctl startssl".
I have run "apache2ctl configtest" and got a "syntax ok" response.
Here is a copy of my virtual host definition:

<VirtualHost 192.168.0.13:443>
        ServerAdmin webmas...@xxxxxxxxxxxx

        DocumentRoot /var/www/sitename.com/demo/ssl
        ServerName demo.sitename.com/ssl

SSLCertificateFile /etc/apache2/ssl/certs/sitename.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/keys/sitename.com.key
                SSLCipherSuite SSLv2:+HIGH:+MEDIUM
                SSLVerifyClient require
                SSLVerifyDepth 1

        #   SSL specifications
#       <Location /ssl>
#               SSLCipherSuite SSLv2:+HIGH:+MEDIUM
#               SSLVerifyClient require
#               SSLVerifyDepth 1
#       </Location>

        #   This should be changed to whatever you set DocumentRoot to.
        <Directory /var/www/sitename.com/demo/ssl>
                Options Indexes Includes
                AllowOverride Options
                Order allow,deny
                Allow from all
                # This directive allows us to have apache2's default start page
                # in /apache2-default/, but still have / go to the right place
                #RedirectMatch ^/$ /apache2-default/
        </Directory>
        ErrorLog /var/log/apache2/sitename.com/demo/error.log
        CustomLog /var/log/apache2/sitename.com/demo/access.log common
        CustomLog /var/log/apache2/sitename.com/demo/referer.log referer
        CustomLog /var/log/apache2/sitename.com/demo/agent.log agent

        # Possible values: debug, info, notice, warn, error, crit, alert, emerg.
        LogLevel warn

        ServerSignature On
</VirtualHost>
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux