RE: Question about mod_ssl & mod_jk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



All,

 I´m told that having the directives in httpd.conf

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

means that my apache is configured with mod_ssl (and they´re uncommented).

Now the question risen up is how do I do to have my https working? As I mentioned below, already have all certificates and their directives configured.

Thanks for your attention.

Ingrid 



-----Original Message-----
From: Tan, Liao [CMB-IT] 
Sent: Wednesday, June 18, 2008 12:07 PM
To: users@xxxxxxxxxxxxxxxx
Subject: RE:  Question about mod_ssl & mod_jk


Hah, unfortunately, my background about Apache, Tomcat stuffs is not enough to let me figure the joke out.

I searched over all logs I could find, and didnt found any mod_ssl:(. So I guess I need to do something to enable, install it. 

Saw in the 1st link that I need to download the source in modssl.org, and other installation procedures as well. But the in my case is that I already have Apache installed, and need only to add/enable/install the mod_ssl module. Ok, now another question to be pointed out:
"Make sure any module for your Apache server is compiled with the     
        compiler-flag -DEAPI, or your Webserver might crash or can not be    
        started.                                                             
Almost all modules I know adds the -DEAPI flag by themself except mod_jserv
and mod_jk"

But my apache installed is mod_jk (my configuration >> Apache/2.0.46 (Unix) mod_jk/1.2.4). Should I supppose from this that in my case I dont have the DEAPI??? Not sure on what to do now. How will I check if it has DEAPI? 

I keep doing searches over the net, but in case any of you has some hint and speed up a little bit on my side, it´ll be helpful.

Im kind of disorientated with all this thing of https. This´s the 1st time i get into it. So, ask for your detailed support.

Thank you.
Ingrid 



-----Original Message-----
From: André Warnier [mailto:aw@xxxxxxxxxx]
Sent: Wednesday, June 18, 2008 11:14 AM
To: users@xxxxxxxxxxxxxxxx
Subject: Re:  Question about mod_ssl & mod_jk


Hi again.

Sorry Ingrid,
my first response was a little joke.  I saw your earlier post to the 
Tomcat list, and could not resists asking you again.
We have to keep up our guru image, you know.
;-)

Anyway, I cannot help you a lot, but maybe some :
To find out whether your Apache server has SSL loaded, the easiest would 
be to find it's main logfile, and in it find the line it prints when it 
starts up. This should be a line similar to the following :

Apache/2.2.3 (Debian) DAV/2 mod_jk/1.2.18 PHP/4.4.4-8+etch4 
mod_ssl/2.2.3 OpenSSL/0.9.8c mod_perl/2.0.2 Perl/v5.8.8 configured -- 
resuming normal operations

If you notice, mod_ssl is mentioned therem and also OpenSSL.  If your 
Apache does not load mod_ssl, that part will not be there.

Having the mod_ssl module loaded is a start, but just a start.
There may be many additional steps to perform.

If you search Google for "apache ssl howto", you will find already a 
full page of "how to's".  Which one is most useful to you depends on the 
operating system, Apache version etc..
I see you are under HPUX (version unknown), and not with the very latest 
versions of Apache, mod_jk etc.. to say the least.
There may exist a more recent package from HP (software depot), which 
already includes SSL.  That would be a good start.

Under your HPUX, the Apache is probably installed under /opt/hpws/apache 
or /opt/hpws_apache.  The logfiles may be under there too somewhere.

André


Tan, Liao wrote:
> Actually, the module directives I extracted from another apache which has already https working, and as I´m not familiar with version particularities, I didn´t know if I can put them to mine, which is in fact 2.0
> 
> So, at this point, I think my version will probably have different configuration to enable SSL, in order to have my current http to https. But pls give me some directions on how to start, at least to check if I have the mod_ssl enabled and if not, how to do it.
> 
> thank you.
> 
> Ingrid Liao
> Citi Markets & Banking | CMB Technology
> Brazil Technology Solutions Center | Business Intelligence, Database & Support Services
> Tel. +55-11-3741-6274 
> Fax. +55-11-3741-6285
> Email: liao.tan@xxxxxxxx
> 
> 
> 
> -----Original Message-----
> From: André Warnier [mailto:aw@xxxxxxxxxx]
> Sent: Wednesday, June 18, 2008 10:39 AM
> To: users@xxxxxxxxxxxxxxxx
> Subject: Re:  Question about mod_ssl & mod_jk
> 
> 
> Hi.
> 
> Your configuration snippets below look like Apache 1.x, but you mention 
> that you are using 2.x.  How come ?
> 
> André
> 
> 
> Tan, Liao wrote:
>>  Hello, experts:
>>   My apache installed is has only the mod_jk.sl in the "libexec/" directory.
>>  I want to know what I need to do in order to to configure my current http to https? I know this is a very general question, but to start, I guess I need to include the directives in httpd.conf:
>>
>> 1)<IfDefine SSL> 
>>   LoadModule ssl_module libexec/mod_ssl.so
>>   </IfDefine>
>>  
>> 2)<IfDefine SSL>
>>   AddModule mod_ssl.c
>>   </IfDefine>
>>
>> Is this enough in order to enable the mod_ssl?
>>
>> Already have all certificates configured in the paths. But still unsure on if simply adding those 2 directives will be enough, and will put the file (mod_ssl.so) there in the path, or if I have to get this file from somewhere (if so, how?)
>>
>> Here are the environment configuration:
>> Web server: Apache/2.0.46 (Unix) mod_jk/1.2.4
>> Server: -HP-UX  
>> Tomcat: 4.0
>>  
>> Thanks
>>
>> Ingrid 
>>
>>
>>
>>  
>>
>>
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> 
> 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux