Mailinglist Archive: opensuse (4208 mails)

< Previous Next >
Re: [SLE] https - :D
  • From: Leendert Meyer <leen.meyer@xxxxxxx>
  • Date: Fri, 2 Jul 2004 21:45:39 +0200
  • Message-id: <200407022145.39872.leen.meyer@xxxxxxx>
On Friday 02 July 2004 19:19, steve-ss wrote:
> On Friday 02 July 2004 16:30, Leendert Meyer wrote:
> > On Friday 02 July 2004 14:39, Leendert Meyer wrote:
> > > On Friday 02 July 2004 15:07, steve-ss wrote:
> > > > The error log still shows:
> > > > [Fri Jul 02 13:58:32 2004] [notice] caught SIGTERM,
> > > > shutting down
> >
> > This is no problem, apache is just shutting down.
> >
> > > > [Fri Jul 02 13:58:33 2004] [error] Server should be
> > > > SSL-aware but has no certificate configured [Hint:
> > > > SSLCertificateFile]
> >
> > Yup. Got this too, but all seems well.
> >
> > > > Really sorry but just can't figure this one out for
> > > > myself.
> > >
> > > Ok, hang on, I'll try it myself with an unconfigured
> > > apache2. I hope to report back within the next hour.
> >
> > Up until now I can only confirm that I got the same error
> > message. :(( This used to work in 9.0 AFAIK.
> >
> > I'll look into this further this evening, and see what
> > has changed.
> >
> > Cheers,
> >
> > Leen
>
> Hi. Thanks a million for testing this for me. The problem is
> that I still can't serve any files (either http ot https)
> as apache will not restart. If I lose the -D SSL then at
> least it will serve http.
> Steve.

Got something. It only works with a pristine /etc/apache2 directory,
but I can reproduce a working apache2 with SSL. Basically it comes
down to the steps described in README.QUICKSTART.SSL - well known by
now I guess. ;)

rcapache2 stop

# backup:
mv /etc/apache2{,.SAVE}
mv /etc/sysconfig/apache2{,.SAVE}

# remove apache2 (and dependent rpm's):
rpm -e apache2 apache2-prefork apache2-mod_php4

# we have already a backup, delete it:
rpm -r /etc/apache2

# install *same* rpm's as removed earlier:
rpm -Uhv apache2 apache2-prefork apache2-mod_php4

# make ssl conf file, using defaults:
cp /etc/apache2/vhosts.d/{vhost-ssl.template,default-ssl.conf}
# [editing not needed ;) ]

edit /etc/sysconfig/apache2
- APACHE_SERVER_FLAGS="-D SSL"
- APACHE_MODULES contains "ssl"

# make certificates:
####################################
#### file 'mk-ssl-cert' - BEGIN ####
#! /bin/sh
set -x

#####
# Change items marked with ***

# prefix (FNAME="example.org" creates example.org-server.crt, etc.)
: ${FNAME=}

# Common Name:
: ${CN=`hostname -f`}

# *** Country:
: ${C=XY}

# *** State or province:
: ${ST=unknown}

# *** Location (city):
: ${L=unknown}

# Organisation:
: ${O=SuSE Linux Web Server}

# Organisational unit:
: ${U=web server}

# Email address:
: ${e=webmaster@$CN}

gensslcert ${FNAME:+-C "$FNAME"} -c "$C" -s "$ST" -l "$L" -o "$O" -u "$U" -n "$CN" -e "$e"
#### file 'mk-ssl-cert' - END ####
##################################

# save above file as mk-ssl-cert, and chmod +x mk-ssl-cert
mk-ssl-cert

SuSEconfig --module apache2
rcapache2 start

http & https works. Of course the browser complaines about my
certificates, but after clicking a few buttons the site is served
in https mode.

Key is:
a pristine /etc/apache2 directory
a pristine /etc/sysconfig/apache2 file

Cheers,

Leen

< Previous Next >
Follow Ups