[Bug 891813] New: SSL instructions in /etc/sysconfig/apache2 are outdated
https://bugzilla.novell.com/show_bug.cgi?id=891813 https://bugzilla.novell.com/show_bug.cgi?id=891813#c0 Summary: SSL instructions in /etc/sysconfig/apache2 are outdated Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Apache AssignedTo: bnc-team-apache@forge.provo.novell.com ReportedBy: jnweiger@gmail.com QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 /etc/sysconfig/apache2 has these Instructions about an SSL setup: # * before you can use mod_ssl, you need a server certificate. # A test certificate can be created by entering # 'cd /usr/share/doc/packages/apache2; ./certificate.sh' as root. # Also, you need to set the ServerName inside the <VirtualHost _default_:443> # block to the fully qualified domain name (see /etc/HOSTNAME). # * if your server certificate is protected by a passphrase you should increase the # APACHE_START_TIMEOUT (see above) # * to finally enable ssl support, you need to add 'SSL' to APACHE_SERVER_FLAGS # below. A file /usr/share/doc/packages/apache2/certificate.sh does not exist. But we have something else, that probably should be mentioned here: rpm -ql apache2-utils | grep cert /usr/bin/gensslcert Reproducible: Always Steps to Reproduce: Try follow the instructions. Actual Results: File not found. Expected Results: Working instructions. mention /usr/bin/gensslcert -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=891813 https://bugzilla.novell.com/show_bug.cgi?id=891813#c1 --- Comment #1 from Juergen Weigert <jnweiger@gmail.com> 2014-08-13 17:09:40 UTC --- In /etc/sysconfig/apache2 three modules are actually needed, only ssl is mentioned: APACHE_MODULES=" .... ssl socache_shmcb socache_dbm ... " -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=891813 Christian Boltz <suse-beta@cboltz.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |suse-beta@cboltz.de --- Comment #6 from Christian Boltz <suse-beta@cboltz.de> --- (In reply to Petr Gajdos from comment #3)
So it is somehow expected that mod_ssl can run also without mod_socache_shmcb (mod_socache_dbm is just mentioned in the instructions in the connection to network-mounted drivers). And it actually run as far as I tested correctly.
So it is really required? Or recommended?
http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslsessioncache sounds like highly recommended ("speeds up parallel request processing") (At the time when this bug was reported, the answer was "required" because 13.1 doesn't have it wrapped in <IfModule>.) -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com