Hi, You have to edit /etc/sysconfig/apache2 and set: APACHE_SERVER_FLAGS="SSL" Otherwise, the "Listen 443"-Directive will not be evaluated. You may also have to run SuSEconfig after editing the file. Best Regards, Holger Am Samstag, 12. Juni 2004 18:17 schrieb Stefan Suurmeijer:
Hi list,
(long post, sorry) I've decided that with my move to 9.1, it's time to move to apache2 as well. But I can't seem to get the SSL connections working.
I use a setup with multiple name based virtual hosts on port 80 and a single SSL ip-based virtual host on port 443. Which worked without problem on apache 1.x, but now I can't get the SSL part working (the name based virtual hosts on port 80 work without problem)
I've tried everything I can think of. httpd2 -S nicely displays the name based virtual hosts without even a hint of the ssl one. It's as if it never even reads the SSL virtual host .conf file. Apache starts up without an error, but listens only to port 80.
Any hints will be appreciated...
TIA, Stefan
The setup is as follows:
listen.conf:
Listen my.ip.add.res:80
<IfDefine SSL>
<IfModule mod_ssl.c> Listen 443
</IfModule> </IfDefine> </IfDefine>
NameVirtualHost my.ip.add.res:80
and under /etc/apache2/vhosts.d I have three .conf files:
www.mydomain.tld.conf
<VirtualHost my.ip.add.res:80> ServerAdmin webmaster@mydomain.tld ServerName www.mydomain.tld DocumentRoot /some/where HostnameLookups Off UseCanonicalName Off ServerSignature On
Options None AllowOverride None Order allow,deny Allow from all </Directory> www.myvirtualdomain.tld.conf
<VirtualHost my.ip.add.res:80> ServerAdmin webmaster@myvirtualdomain.tld ServerName www.myvirtualdomain.tld DocumentRoot /some/where/else HostnameLookups Off UseCanonicalName Off ServerSignature On
Options None AllowOverride None Order allow,deny Allow from all </Directory> www.myssldomain.tld.conf:
<IfDefine SSL>
DocumentRoot "/some/where/secure" ServerName www.myssldomain.tld ServerAdmin webmaster@myssldomain.tld ErrorLog /var/log/apache2/error_log TransferLog /var/log/apache2/access_log Alias /horde "/home/www-ssl/horde" SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile /etc/apache2/ssl.crt/cert.pem SSLCertificateKeyFile /etc/apache2/ssl.key/server-key.pem SSLVerifyClient none
SSLOptions +StdEnvVars </Files> SSLOptions +StdEnvVars </Directory> #SSLSessionCache none #SSLSessionCache dbm:/var/lib/apache2/ssl_scache #SSLSessionCache shmht:/var/lib/apache2/ssl_scache(512000) SSLSessionCache shmcb:/var/lib/apache2/ssl_scache SSLSessionCacheTimeout 600 SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0
Options Includes FollowSymLinks AllowOverride None Order allow,deny Allow from all SSLRequireSSL </Directory> ScriptAlias /cgi-bin/ "/some/where/secure/cgi-bin/"
AllowOverride None order allow,deny allow from all SSLRequireSSL </Directory> </VirtualHost>