Hi list,
(long post, sorry)
I've decided that with my move to 9.1, it's time to move to apache2 as
well. But I can't seem to get the SSL connections working.
I use a setup with multiple name based virtual hosts on port 80 and a
single SSL ip-based virtual host on port 443. Which worked without
problem on apache 1.x, but now I can't get the SSL part working (the
name based virtual hosts on port 80 work without problem)
I've tried everything I can think of. httpd2 -S nicely displays the name
based virtual hosts without even a hint of the ssl one. It's as if it
never even reads the SSL virtual host .conf file. Apache starts up
without an error, but listens only to port 80.
Any hints will be appreciated...
TIA,
Stefan
The setup is as follows:
listen.conf:
Listen my.ip.add.res:80
<IfDefine SSL>
<IfModule mod_ssl.c>
Listen 443
</IfModule>
</IfDefine>
</IfDefine>
NameVirtualHost my.ip.add.res:80
and under /etc/apache2/vhosts.d I have three .conf files:
www.mydomain.tld.conf
<VirtualHost my.ip.add.res:80>
ServerAdmin webmaster@mydomain.tld
ServerName www.mydomain.tld
DocumentRoot /some/where
HostnameLookups Off
UseCanonicalName Off
ServerSignature On
Options None
AllowOverride None
Order allow,deny
Allow from all
</Directory>
www.myvirtualdomain.tld.conf
<VirtualHost my.ip.add.res:80>
ServerAdmin webmaster@myvirtualdomain.tld
ServerName www.myvirtualdomain.tld
DocumentRoot /some/where/else
HostnameLookups Off
UseCanonicalName Off
ServerSignature On
Options None
AllowOverride None
Order allow,deny
Allow from all
</Directory>
www.myssldomain.tld.conf:
<IfDefine SSL>
DocumentRoot "/some/where/secure"
ServerName www.myssldomain.tld
ServerAdmin webmaster@myssldomain.tld
ErrorLog /var/log/apache2/error_log
TransferLog /var/log/apache2/access_log
Alias /horde "/home/www-ssl/horde"
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl.crt/cert.pem
SSLCertificateKeyFile /etc/apache2/ssl.key/server-key.pem
SSLVerifyClient none
SSLOptions +StdEnvVars
</Files>
SSLOptions +StdEnvVars
</Directory>
#SSLSessionCache none
#SSLSessionCache dbm:/var/lib/apache2/ssl_scache
#SSLSessionCache shmht:/var/lib/apache2/ssl_scache(512000)
SSLSessionCache shmcb:/var/lib/apache2/ssl_scache
SSLSessionCacheTimeout 600
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
Options Includes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
SSLRequireSSL
</Directory>
ScriptAlias /cgi-bin/ "/some/where/secure/cgi-bin/"
AllowOverride None
order allow,deny
allow from all
SSLRequireSSL
</Directory>
</VirtualHost>