Mailinglist Archive: opensuse (3397 mails)
| < Previous | Next > |
RE: [SLE] SSL and Apache2
- From: "Anders Norrbring" <lists@xxxxxxxxxxxx>
- Date: Sat, 16 Apr 2005 14:37:06 +0200
- Message-id: <20050416123706.9B49CFDFB@xxxxxxxxxxxxxxxxxxx>
> > Anders Norrbring wrote:
> > > Just out of curiousity.. Has anybody managed to get a SSL web server
> up
> > and
> > > running with an unmodified ssl-global.conf and then added the server
> > cert
> > > and server key parameters to the vhosts.d/vhost-ssl.conf only?
> > >
> > > I haven't... If I set up the SSL server in the vhost-ssl.conf only,
> > since
> > > that's the place suggested for cert and key, the server barfes and
> gives
> > me
> > > an error line in the log.
> >
> > Yes. It worked for me on 9.1 just copying vhost-ssl.template to
> > vhost-ssl.conf and editing a few parameters in vhost-ssl.conf. You also
> > have to set APACHE_SERVER_FLAGS="SSL" in /etc/sysconfig/apache2 and copy
> > the certificate to /etc/apache2/ssl.crt/server.crt and request to
> > /etc/apache2/ssl.key/server.key.
>
>
> Doesn't work for me. I've added both cert and key files, and when I try
> to start it up I get:
>
> Starting httpd2 (prefork) Creating new config (0x80f05f0) for (null)
> failed
>
> And the error_log say:
>
> [Thu Apr 14 16:57:55 2005] [error] Server should be SSL-aware but has no
> certificate configured [Hint: SSLCertificateFile]
>
> Of course the parameters are active in vhost-ssl.conf. When I set
> certificate and keyfile parameters in ssl-global.conf instead, everything
> works fine. Seems like there are dependencies that aren't solved.
Seems like it's YaST that breaks the SSL configuration... If I install
Apache2 just as default and copy in cert and key, then start the sucker with
'rcapache startssl' it works fine.
But if I go to 'yast2 http-server' and modify anything it's screwed up.
Seems like it's necessary to configure it manually. Anybody who can verify
this before I go Bugzilla with it?
Anders.
> > > Just out of curiousity.. Has anybody managed to get a SSL web server
> up
> > and
> > > running with an unmodified ssl-global.conf and then added the server
> > cert
> > > and server key parameters to the vhosts.d/vhost-ssl.conf only?
> > >
> > > I haven't... If I set up the SSL server in the vhost-ssl.conf only,
> > since
> > > that's the place suggested for cert and key, the server barfes and
> gives
> > me
> > > an error line in the log.
> >
> > Yes. It worked for me on 9.1 just copying vhost-ssl.template to
> > vhost-ssl.conf and editing a few parameters in vhost-ssl.conf. You also
> > have to set APACHE_SERVER_FLAGS="SSL" in /etc/sysconfig/apache2 and copy
> > the certificate to /etc/apache2/ssl.crt/server.crt and request to
> > /etc/apache2/ssl.key/server.key.
>
>
> Doesn't work for me. I've added both cert and key files, and when I try
> to start it up I get:
>
> Starting httpd2 (prefork) Creating new config (0x80f05f0) for (null)
> failed
>
> And the error_log say:
>
> [Thu Apr 14 16:57:55 2005] [error] Server should be SSL-aware but has no
> certificate configured [Hint: SSLCertificateFile]
>
> Of course the parameters are active in vhost-ssl.conf. When I set
> certificate and keyfile parameters in ssl-global.conf instead, everything
> works fine. Seems like there are dependencies that aren't solved.
Seems like it's YaST that breaks the SSL configuration... If I install
Apache2 just as default and copy in cert and key, then start the sucker with
'rcapache startssl' it works fine.
But if I go to 'yast2 http-server' and modify anything it's screwed up.
Seems like it's necessary to configure it manually. Anybody who can verify
this before I go Bugzilla with it?
Anders.
| < Previous | Next > |