RE: [users@httpd] apache and ssl

[Dave Henderson <dhenderson@xxxxxxxxxxxxxxxx>]

John,
  
      I have updated my virtual host directive to reflect the following changes:
  
  <VirtualHost 192.168.0.13:443>
          ServerAdmin webmaster@xxxxxxxxxxxx
          ServerName demo.sitename.com
          DocumentRoot /var/www/sitename.com/demo/ssl
  
          #   SSL specifications
          SSLEngine On
          SSLCertificateFile /etc/apache2/ssl/certs/sitename.com.crt
          SSLCertificateKeyFile /etc/apache2/ssl/keys/sitename.com.key
          SSLCACertificateFile /etc/apache2/ssl/root/sitename.com.crt
          SSLCipherSuite SSLv2:+HIGH:+MEDIUM
 
         SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
  
  #       SSLVerifyClient require
  #       SSLVerifyDepth 1
  #CustomLog /var/log/apache2/ssl \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\"$
  #       <Location /ssl>
  #                SSLCipherSuite  SSLv2:+HIGH:+MEDIUM                
  #               SSLVerifyClient require
  #               SSLVerifyDepth 1
  #       </Location>
  
          #   This should be  changed to
 whatever you set DocumentRoot  to.         
          <Directory /var/www/sitename.com/demo/ssl>
                  Options Indexes Includes
                  AllowOverride Options
                  Order allow,deny
                  Allow from all
                   # This directive allows us to have apache2's default start page
                   # in /apache2-default/, but still have / go to the right place
 
                 #RedirectMatch ^/$ /apache2-default/
          </Directory>
          ErrorLog /var/log/apache2/sitename.com/demo/error.log
          CustomLog /var/log/apache2/sitename.com/demo/access.log common
          CustomLog /var/log/apache2/sitename.com/demo/referer.log referer
          CustomLog /var/log/apache2/sitename.com/demo/agent.log agent
  
          # Possible values: debug, info, notice, warn, error, crit, alert, emerg.
          LogLevel warn
  
          ServerSignature On
  </VirtualHost>
  
  
  I am still getting the default certificate that
 comes with the Debian  distro (to which I can't even find on the drive).  Even though I  specifically specify to use the certificates that I created, it still  doesn't.  Could there be a problem with the certificates I made  that would be giving me this error, or does it seem more likely to be  an issue with apache config?
  
  Thanks,
  Dave
  
  

"Ellison , John P" <jp@xxxxxxxxxx> wrote:

________________________________________
>From: Dave Henderson [mailto:dhenderson@xxxxxxxxxxxxxxxx]
>Sent: Wednesday, June 28, 2006 3:24 PM
>To: users@xxxxxxxxxxxxxxxx
>Subject: RE: [users@httpd] apache and ssl
>
>I commented out those two lines, restarted apache, but failed to make any >progress.  I can get to the page without using ssl just fine.  Is there a >way to make it so that it can only load that page with ssl?  Any >suggestions on everything else?
>
>Thanks,
>
>Dave

Well, the only other thing I can think of off the top of my head is that maybe your browser doesn't support the encryption methods offered by the server (unlikely).

In the broad sense, one way to get a page to only load in SSL is to remove that page from the access space of the non-SSL virtual host. Then, add access rights in the SSL virtual host via a Directory directive as it seems like you've done.

In any case, look at the logs like Joshua was saying. That's the first step.

JP


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx