[opensuse] Enabling ssl on apache 2.4
I have certificate set, I created a conf file in vhosts.d. But setting APACHE_SERVER_FLAGS='SSL' in /etc/systemctl/apache2 cause apache to crash. Actually it looks like playing in.../systemctl/apache2 make apache to crash! Is some where a proper documentation, HOWTO or tutorial I can refer to.? As I could not find anything usable on google Thanks in advance. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Andre Malin wrote:
I have certificate set, I created a conf file in vhosts.d. But setting APACHE_SERVER_FLAGS='SSL' in /etc/systemctl/apache2 cause apache to crash. Actually it looks like playing in.../systemctl/apache2 make apache to crash!
I have no problems with this, it works fine in 12.3 with apache 2.4.
Is some where a proper documentation, HOWTO or tutorial I can refer to.? As I could not find anything usable on google
The best place is probably: http://httpd.apache.org./docs/2.4/ -- Per Jessen, Zürich (5.5°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, 04 Jan 2014 16:27:02 +0100 Per Jessen wrote:
Andre Malin wrote:
I have certificate set, I created a conf file in vhosts.d. But setting APACHE_SERVER_FLAGS='SSL' in /etc/systemctl/apache2 cause apache to crash. Actually it looks like playing in.../systemctl/apache2 make apache to crash!
I have no problems with this, it works fine in 12.3 with apache 2.4.
Is some where a proper documentation, HOWTO or tutorial I can refer to.? As I could not find anything usable on google
The best place is probably: http://httpd.apache.org./docs/2.4/
http://activedoc.opensuse.org/book/opensuse-reference/chapter-20-the-apache-... Happy New Year, Per, Andre! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 04/01/2014 13:32, Carl Hartung a écrit :
On Sat, 04 Jan 2014 16:27:02 +0100 Per Jessen wrote:
Andre Malin wrote:
I have certificate set, I created a conf file in vhosts.d. But setting APACHE_SERVER_FLAGS='SSL' in /etc/systemctl/apache2 cause apache to crash. Actually it looks like playing in.../systemctl/apache2 make apache to crash! I have no problems with this, it works fine in 12.3 with apache 2.4.
Is some where a proper documentation, HOWTO or tutorial I can refer to.? As I could not find anything usable on google The best place is probably: http://httpd.apache.org./docs/2.4/
http://activedoc.opensuse.org/book/opensuse-reference/chapter-20-the-apache-...
Happy New Year, Per, Andre!
I already did all this stuff, but I just notice there is no more apache2_mod_ssl module. Is apache2_mod_nss replacing it? If this is the case how to include it. Every thing was fine undeer 12.3 but 13.1 give me headache with apache! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
El 04/01/14 16:29, Andre Malin escribió:
I already did all this stuff, but I just notice there is no more apache2_mod_ssl module. Is apache2_mod_nss replacing it? If this is the case how to include it. Every thing was fine undeer 12.3 but 13.1 give me headache with apache!
mod_ssl is included as usual, I do not know where you got the idea that it is not there or does not work. Without seeing the relevant bits of the *apache* logs (as opposed to the system's logs) it is hard to tell what is going on. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Cristian Rodríguez wrote:
El 04/01/14 16:29, Andre Malin escribió:
I already did all this stuff, but I just notice there is no more apache2_mod_ssl module. Is apache2_mod_nss replacing it? If this is the case how to include it. Every thing was fine undeer 12.3 but 13.1 give me headache with apache!
mod_ssl is included as usual, I do not know where you got the idea that it is not there or does not work.
Agree, it's in /usr/lib{64}/apache2/mod_ssl.so
Without seeing the relevant bits of the *apache* logs (as opposed to the system's logs) it is hard to tell what is going on.
Particularly /var/log/apache2/error_log. -- Per Jessen, Zürich (5.3°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 04/01/2014 14:52, Per Jessen a écrit :
Cristian Rodríguez wrote:
El 04/01/14 16:29, Andre Malin escribió:
I already did all this stuff, but I just notice there is no more apache2_mod_ssl module. Is apache2_mod_nss replacing it? If this is the case how to include it. Every thing was fine undeer 12.3 but 13.1 give me headache with apache!
mod_ssl is included as usual, I do not know where you got the idea that it is not there or does not work. Agree, it's in /usr/lib{64}/apache2/mod_ssl.so
Without seeing the relevant bits of the *apache* logs (as opposed to the system's logs) it is hard to tell what is going on. Particularly /var/log/apache2/error_log.
Shame on me!. Is under /usr/lib64/apache2 and /usr/lib64/apache2/prefork.. Also in loadmodule.conf I see this: LoadModule ssl_module /usr/lib64/apache2-prefork/mod_ssl.so Now, if I put 'APACHE_SERVER_FLAGS="SSL"' in /etc/sysconfig/apache2 and restart apache status tell me that: ---------------------------------------------------- port:/home/andre # systemctl status apache2.service apache2.service - The Apache Webserver Loaded: loaded (/usr/lib/systemd/system/apache2.service; enabled) Active: failed (Result: exit-code) since sam. 2014-01-04 15:19:04 EST; 1min 24s ago Process: 5258 ExecStop=/usr/sbin/start_apache2 -D SYSTEMD -DFOREGROUND -k graceful-stop (code=exited, status=1/FAILURE) Process: 5240 ExecStart=/usr/sbin/start_apache2 -D SYSTEMD -DFOREGROUND -k start (code=exited, status=1/FAILURE) Main PID: 5240 (code=exited, status=1/FAILURE) Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec" janv. 04 15:19:04 port start_apache2[5240]: AH00526: Syntax error on line 48 of /etc/apache2/ssl-global.conf: janv. 04 15:19:04 port start_apache2[5240]: SSLSessionCache: 'shmcb' session cache not supported (known n...b?). janv. 04 15:19:04 port systemd[1]: apache2.service: main process exited, code=exited, status=1/FAILURE janv. 04 15:19:04 port start_apache2[5258]: AH00526: Syntax error on line 48 of /etc/apache2/ssl-global.conf: janv. 04 15:19:04 port start_apache2[5258]: SSLSessionCache: 'shmcb' session cache not supported (known n...b?). janv. 04 15:19:04 port systemd[1]: apache2.service: control process exited, code=exited status=1 janv. 04 15:19:04 port systemd[1]: Failed to start The Apache Webserver. janv. 04 15:19:04 port systemd[1]: Unit apache2.service entered failed state. Hint: Some lines were ellipsized, use -l to show in full. ------------------------------------------------------- And in error.log: --------------------------------------------------------- [Sat Jan 04 15:14:31.999864 2014] [mpm_prefork:notice] [pid 4262] AH00170: caught SIGWINCH, shutting down gracefully [Sat Jan 04 15:14:32.186029 2014] [ssl:warn] [pid 5042] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache] [Sat Jan 04 15:14:32.224142 2014] [mpm_prefork:notice] [pid 5042] AH00163: Apache/2.4.6 (Linux/SUSE) OpenSSL/1.0.1e PHP/5.4.20 mod_nss/2.4.6 NSS/3.15.1 configured -- resuming normal operations [Sat Jan 04 15:14:32.224188 2014] [core:notice] [pid 5042] AH00094: Command line: '/usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -D SYSTEMD -D FOREGROUND' [Sat Jan 04 15:17:46.957756 2014] [mpm_prefork:notice] [pid 5042] AH00170: caught SIGWINCH, shutting down gracefully [Sat Jan 04 15:17:47.141781 2014] [ssl:warn] [pid 5131] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache] [Sat Jan 04 15:17:47.169612 2014] [mpm_prefork:notice] [pid 5131] AH00163: Apache/2.4.6 (Linux/SUSE) OpenSSL/1.0.1e PHP/5.4.20 mod_nss/2.4.6 NSS/3.15.1 configured -- resuming normal operations [Sat Jan 04 15:17:47.169652 2014] [core:notice] [pid 5131] AH00094: Command line: '/usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -D SSH -D SYSTEMD -D FOREGROUND' [Sat Jan 04 15:18:02.499173 2014] [mpm_prefork:notice] [pid 5131] AH00170: caught SIGWINCH, shutting down gracefully [Sat Jan 04 15:18:02.667132 2014] [ssl:warn] [pid 5181] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache] [Sat Jan 04 15:18:02.698013 2014] [mpm_prefork:notice] [pid 5181] AH00163: Apache/2.4.6 (Linux/SUSE) OpenSSL/1.0.1e PHP/5.4.20 mod_nss/2.4.6 NSS/3.15.1 configured -- resuming normal operations [Sat Jan 04 15:18:02.698060 2014] [core:notice] [pid 5181] AH00094: Command line: '/usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -D SSH -D SYSTEMD -D FOREGROUND' [Sat Jan 04 15:19:04.827047 2014] [mpm_prefork:notice] [pid 5181] AH00169: caught SIGTERM, shutting down -------------------------------------------------------- BTW, I notice under /etc 2 folders:: apache2 and apache2_work with identical stucture. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
El 04/01/14 17:33, Andre Malin escribió:
janv. 04 15:19:04 port start_apache2[5240]: AH00526: Syntax error on line 48 of /etc/apache2/ssl-global.conf: janv. 04 15:19:04 port start_apache2[5240]: SSLSessionCache: 'shmcb' session cache not supported (known n...b?).
a2enmod socache_shmcb -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 04/01/2014 16:43, Cristian Rodríguez a écrit :
El 04/01/14 17:33, Andre Malin escribió:
janv. 04 15:19:04 port start_apache2[5240]: AH00526: Syntax error on line 48 of /etc/apache2/ssl-global.conf: janv. 04 15:19:04 port start_apache2[5240]: SSLSessionCache: 'shmcb' session cache not supported (known n...b?).
a2enmod socache_shmcb
This did it, but why this module was disabled? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
El 05/01/14 18:38, Andre Malin escribió:
Le 04/01/2014 16:43, Cristian Rodríguez a écrit :
El 04/01/14 17:33, Andre Malin escribió:
janv. 04 15:19:04 port start_apache2[5240]: AH00526: Syntax error on line 48 of /etc/apache2/ssl-global.conf: janv. 04 15:19:04 port start_apache2[5240]: SSLSessionCache: 'shmcb' session cache not supported (known n...b?).
a2enmod socache_shmcb
This did it, but why this module was disabled?
-Not enabled by default - Apache does not currently have a way to tell you that you need "module X for feature Y". -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
* Cristian Rodríguez
El 04/01/14 17:33, Andre Malin escribió:
janv. 04 15:19:04 port start_apache2[5240]: AH00526: Syntax error on line 48 of /etc/apache2/ssl-global.conf: janv. 04 15:19:04 port start_apache2[5240]: SSLSessionCache: 'shmcb' session cache not supported (known n...b?).
a2enmod socache_shmcb
Anomaly: I recently replaced my 11.1 server with a new install of 13.1 on a new drive, somewhat hastily due to activity conflicts. Upon returning from a lengthy trim, noticed that my apache2 logs were not updating. Somewhat old-school or just plain old, I issued: rcapache2 status and get the systemctl report showing the service loaded, enabled, but not running ???? I am/was able to access the web server from outside the local net so this does not make sense, and no logs to read! Grasping straws I read the systemctl output further and noticed an error, mod_socache2_shmcb was not loaded. So I ran the command, a2enmode socache_shmcb. My logs immediately updated. BUT, my web server was active and publically accessable even thou systemctl reported it not. I had been successfully accessing it for >3 weeks from afar. Something is not kosher! -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://linuxcounter.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (5)
-
Andre Malin
-
Carl Hartung
-
Cristian Rodríguez
-
Patrick Shanahan
-
Per Jessen