On Mon, Feb 18, 2002 at 10:28:49AM +0100, S�ren Neigaard wrote:
> I'm having some problems with my router, so I'm not sure where my
> problem is, in the router or in my httpd.conf
>
First look in your error_log from apache.
> If I do a portscan of my machine, port 443 return stealth. But it
> should be open. Can port 443 return stealth because there is no server
> listening, or is it because it is closed?
>
netstat -an|grep 443 locally on the machine or
openssl s_client -connect 192.168.1.4:443
> Anyway I have attached a snippet from my httpd.conf, where I have
> tried to adjust the example to my needs. Now I was hoping you guys
> could tell me if it look ok. It looks like this:
>
> <IfDefine SSL>
> <VirtualHost 192.168.1.4:443>
> DocumentRoot "/usr/local/www/data"
> ServerName ssl.duketech.net
> ServerAdmin [EMAIL PROTECTED]
> ErrorLog /var/log/httpd-error.log
> TransferLog /var/log/httpd-access.log
> SSLEngine on
> SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> <Files ~ "\.(cgi|shtml|phtml|php3?)$">
> SSLOptions +StdEnvVars
> </Files>
> <Directory "/usr/local/www/cgi-bin">
> SSLOptions +StdEnvVars
> </Directory>
> SetEnvIf User-Agent ".*MSIE.*" \
> nokeepalive ssl-unclean-shutdown \
> downgrade-1.0 force-response-1.0
> CustomLog /var/log/ssl_request_log \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> </VirtualHost>
> </IfDefine>
>
You need the SSLCertificateFile and SSLCertificateKeyFile directives too -
http://www.modssl.org/docs/2.8/ssl_reference.html#ToC10
http://www.modssl.org/docs/2.8/ssl_reference.html#ToC11
> What is the <Files>, <Directory> and SetEnvIf used for?
>
See http://httpd.apache.org/docs/
vh
Mads Toftum
--
With a rubber duck, one's never alone.
-- "The Hitchhiker's Guide to the Galaxy"
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
