ok, i guess i really don't understand how this works. i have a server (9.3 with all current patches) that i'm trying to do ip based vhosts with and ssl'ifying some of the vhosts. i have this host.org (192.168.1.100) host-devel.org (192.168.1.101) with virtual ips on the interfaces and the hosts/ip's registed in dns. if i don't ssl anything the vhosts work as expect. in /etc/apache2/vhosts.d i have host.conf host-devel.conf with appropriate syntax (at least it works and http -S says its ok). the webserver starts correctly and works as i expect. http://host.org/ gives me the space i expect as does host-devel.org. however, if i copy the vhost-ssl.template file to host-ssl.conf and configure it as: <VirtualHost 192.168.1.100:443> # General setup for the virtual host DocumentRoot "/srv/www/htdocs_main" ServerName host.org:443 #ServerAdmin webmaster@example.com ..... httpd2 -S -DSSL reports syntax ok but the server fails to start with rcapache2 startssl and in the error log i get: [Tue Jul 19 10:01:47 2005] [error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] i'm obviously missing something quite simple here, but i sure cannot see it. any sanity checking will be appreciated. -- michael
Michael, On Tuesday 19 July 2005 15:16, Michael Galloway wrote:
ok, i guess i really don't understand how this works. i have a server (9.3 with all current patches) that i'm trying to do ip based vhosts with and ssl'ifying some of the vhosts. i have this
host.org (192.168.1.100) host-devel.org (192.168.1.101)
with virtual ips on the interfaces and the hosts/ip's registed in dns. if i don't ssl anything the vhosts work as expect. in /etc/apache2/vhosts.d i have
host.conf host-devel.conf
with appropriate syntax (at least it works and http -S says its ok). the webserver starts correctly and works as i expect. http://host.org/ gives me the space i expect as does host-devel.org. however, if i copy the vhost-ssl.template file to host-ssl.conf and configure it as:
<VirtualHost 192.168.1.100:443>
# General setup for the virtual host DocumentRoot "/srv/www/htdocs_main" ServerName host.org:443 #ServerAdmin webmaster@example.com .....
httpd2 -S -DSSL reports syntax ok but the server fails to start with rcapache2 startssl and in the error log i get:
[Tue Jul 19 10:01:47 2005] [error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile]
i'm obviously missing something quite simple here, but i sure cannot see it. any sanity checking will be appreciated.
I've had similar problems and got round them, I did try to send you my config offlist, but your email server doesn't like my domain :( Do you have another email address I can use. -- David Bottrill david@bottrill.org www.bottrill.org Registered Linux user number 330730 Internet SIP Phone: 1-747-244-2699
On 7/19/05, Michael Galloway <mgx@ornl.gov> wrote:
ok, i guess i really don't understand how this works. i have a server (9.3 with all current patches) that i'm trying to do ip based vhosts with and ssl'ifying some of the vhosts. i have this
host.org (192.168.1.100) host-devel.org (192.168.1.101)
with virtual ips on the interfaces and the hosts/ip's registed in dns. if i don't ssl anything the vhosts work as expect. in /etc/apache2/vhosts.d i have
host.conf host-devel.conf
with appropriate syntax (at least it works and http -S says its ok). the webserver starts correctly and works as i expect. http://host.org/ gives me the space i expect as does host-devel.org. however, if i copy the vhost-ssl.template file to host-ssl.conf and configure it as:
<VirtualHost 192.168.1.100:443>
# General setup for the virtual host DocumentRoot "/srv/www/htdocs_main" ServerName host.org:443 #ServerAdmin webmaster@example.com .....
httpd2 -S -DSSL reports syntax ok but the server fails to start with rcapache2 startssl and in the error log i get:
[Tue Jul 19 10:01:47 2005] [error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile]
i'm obviously missing something quite simple here, but i sure cannot see it. any sanity checking will be appreciated.
-- michael
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
Hi Michael, did you place the SSL-certificate file to /etc/apache2/ssl.crt and the key to ssl.key/ directory? and ran a "make" in the ssl.crt directory to generate a rehash link to it? Naturally the files must also be referenced in your vhost file. maybe you could post the ssl-part of it. Or, first I should ask.. do have a certificate at all? Markus
Markus Natter wrote:
Hi Michael,
did you place the SSL-certificate file to /etc/apache2/ssl.crt and the key to ssl.key/ directory? and ran a "make" in the ssl.crt directory to generate a rehash link to it? Naturally the files must also be referenced in your vhost file. maybe you could post the ssl-part of it.
Or, first I should ask.. do have a certificate at all?
Markus
markus ... yes, i made certs with the suse supplied gensslcert script which has always worked. if i look at the key and cert they look as expected: -r-------- 1 root root 1220 2005-07-19 09:50 server.crt and -r-------- 1 root root 891 2005-07-19 09:50 server.key i did not run the make in the ssl.crt dir. i've never seen a reference to this. however, does not solve the issue. still fails with: [Tue Jul 19 11:47:56 2005] [error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] thanks for the help. -- michael
On Tuesday 19 July 2005 7:16 am, Michael Galloway wrote:
ok, i guess i really don't understand how this works. i have a server (9.3 with all current patches) that i'm trying to do ip based vhosts with and ssl'ifying some of the vhosts. i have this
host.org (192.168.1.100) host-devel.org (192.168.1.101)
with virtual ips on the interfaces and the hosts/ip's registed in dns. if i don't ssl anything the vhosts work as expect. in /etc/apache2/vhosts.d i have
host.conf host-devel.conf
with appropriate syntax (at least it works and http -S says its ok). the webserver starts correctly and works as i expect. http://host.org/ gives me the space i expect as does host-devel.org. however, if i copy the vhost-ssl.template file to host-ssl.conf and configure it as:
<VirtualHost 192.168.1.100:443>
# General setup for the virtual host DocumentRoot "/srv/www/htdocs_main" ServerName host.org:443 #ServerAdmin webmaster@example.com .....
httpd2 -S -DSSL reports syntax ok but the server fails to start with rcapache2 startssl and in the error log i get:
[Tue Jul 19 10:01:47 2005] [error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile]
i'm obviously missing something quite simple here, but i sure cannot see it. any sanity checking will be appreciated.
You need the certificates for each vhost and I believe they need to be specified in the virutalhost container. SSLEngine on SSLCertificateFile /path/to/www.domain.com.cert SSLCertificateKeyFile /path/to/www.domain.com.key Scott -- POPFile, the OpenSource EMail Classifier http://popfile.sourceforge.net/ Linux 2.6.11.4-21.7-default x86_64 SuSE Linux 9.3 (x86-64)
participants (4)
-
David Bottrill -
Markus Natter -
Michael Galloway -
Scott Leighton