Anders Norrbring wrote:
Just out of curiousity.. Has anybody managed to get a SSL web server up and running with an unmodified ssl-global.conf and then added the server cert and server key parameters to the vhosts.d/vhost-ssl.conf only?
I haven't... If I set up the SSL server in the vhost-ssl.conf only, since that's the place suggested for cert and key, the server barfes and gives me an error line in the log.
Yes. It worked for me on 9.1 just copying vhost-ssl.template to vhost-ssl.conf and editing a few parameters in vhost-ssl.conf. You also have to set APACHE_SERVER_FLAGS="SSL" in /etc/sysconfig/apache2 and copy the certificate to /etc/apache2/ssl.crt/server.crt and request to /etc/apache2/ssl.key/server.key.
Doesn't work for me. I've added both cert and key files, and when I try to start it up I get:
Starting httpd2 (prefork) Creating new config (0x80f05f0) for (null) failed
And the error_log say:
[Thu Apr 14 16:57:55 2005] [error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile]
Of course the parameters are active in vhost-ssl.conf. When I set certificate and keyfile parameters in ssl-global.conf instead, everything works fine. Seems like there are dependencies that aren't solved.
Seems like it's YaST that breaks the SSL configuration... If I install Apache2 just as default and copy in cert and key, then start the sucker with 'rcapache startssl' it works fine. But if I go to 'yast2 http-server' and modify anything it's screwed up. Seems like it's necessary to configure it manually. Anybody who can verify this before I go Bugzilla with it? Anders.