I think you're misunderstanding something about how apache and SSL work. It is not that you "switch on" SSL over all VHs like it was a Romulan Cloaking Device...
Rather, SSL (more properly, HTTPS) is a protocol you define for a particular virtual host. This means the SSL directives *must* go inside a VH container. The only exception is if you don't use VHs at all and only have one site which is defined at server config level (i.e. there are no VH containers at all and only one DocumentRoot). Then the SSL directives can be at config level. To put it another way; - Listen directives tell apache which TCP/IP sockets to listen to. - DocumentRoot directives tell apache where to find the start each the site's content. - VHs map Listens to DocumentRoots, i.e. TCP/IP sockets to directories. - The protocol to be used (HTTP or HTTPS) is defined separately for each VH. Rgds, Owen Boyle >-----Original Message----- >From: Kent Perrier [mailto:[EMAIL PROTECTED]] >Sent: Mittwoch, 20. November 2002 14:40 >To: [EMAIL PROTECTED] >Subject: Re: Configuring a stand alone SSL enabled apache webserver > > >On Tue, 2002-11-19 at 15:53, R. DuFresne wrote: >> >> As far as I'm aware, and others can correct me if I'm saying >something >> wrong here, the virtual server directives are optional. The >key would be >> the server root for the ssl based pages to be served, tough >enclosing a >> SERVERROOT directive within the virtual server directives >would benefit >> you in seperation of pages being servered. don't be overly >confused by >> the virtual server directives, they aren't just for VH >hosting <smile>. >> > >The question is, how do I turn SSL on outside of a virtual server? The >SSLEngine On directive gives me the "Illegal attempt to re-initialize >SSL for server" error. I comment this out, the server starts, I see >mod_ssl listed in the error_log when the server starts and the >server is >listening on port 443, but it will not accept SSL connections. I now >have a standard web server running on port 443, not 80. > >FYI, I don't really want to seperate the pages being server, I need >apache to be the front end for a Tomcat based e-commerce >application and >I am having problems with getting mod_jk working inside the virtual >server that hosts the SSL enabled server. I decided to go >this route as >I thought it would be easer and server resources are not an issue. > >Kent >______________________________________________________________________ >Apache Interface to OpenSSL (mod_ssl) www.modssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] > This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
