Illegal attempt to re-initialise SSL for server
hi, i'm able to get this error message with the following configuration file fragment put in the global context: CUT HERE -- # ... SSLEngine on SSLCertificateFile /etc/apache/ssl.crt/server.crt SSLCertificateKeyFile /etc/apache/ssl.key/server.key VirtualHost _default_:* /VirtualHost # ... CUT HERE -- without any VirtualHost diretive apache starts correctly with SSL on every port it listens to. as soon as i insert a VirtualHost directive, even if empty, apache doesn't start and i get the error message in subject. if i put the SSL directive into a VirtualHost everything works as usual. i can reproduce it with different configuration files. any advice? thanks cavok -[ Domenico Andreoli, aka cavok --[ http://filibusta.crema.unimi.it/~cavok/gpgkey.asc ---[ 3A0F 2F80 F79C 678A 8936 4FEE 0677 9033 A20E BC50 pgp0.pgp Description: PGP signature
Re: Illegal attempt to re-initialise SSL for server
On Sat, 1 Mar 2003, Domenico Andreoli wrote: CUT HERE -- # ... SSLEngine on SSLCertificateFile /etc/apache/ssl.crt/server.crt SSLCertificateKeyFile /etc/apache/ssl.key/server.key VirtualHost _default_:* /VirtualHost # ... CUT HERE -- It ought to look like this: VirtualHost foo:443 SSLEngine on SSLCertificateFile ... SSLCertificateKeyFile ... /VirtualHost Note that your use of the certificate and key across all virtual hosts, whether by putting it in the server-wide config or by putting it in VirtualHost _default_:*, won't generally work. Your clients will get errors when they try to browse to your site if the hostname doesn't match the one stored in the certificate, for example. You should have a different certificate/key pair for every hostname on which you wish to run SSL. And of course each of those virtual hosts needs to be on a unique IP:port pair--no name-based virtual hosting. --Cliff __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: Illegal attempt to re-initialise SSL for server
On Sat, Mar 01, 2003 at 10:59:33AM -0500, Cliff Woolley wrote: It ought to look like this: VirtualHost foo:443 SSLEngine on SSLCertificateFile ... SSLCertificateKeyFile ... /VirtualHost Note that your use of the certificate and key across all virtual hosts, whether by putting it in the server-wide config or by putting it in VirtualHost _default_:*, won't generally work. Your clients will get errors when they try to browse to your site if the hostname doesn't match the one stored in the certificate, for example. You should have a different certificate/key pair for every hostname on which you wish to run SSL. And of course each of those virtual hosts needs to be on a unique IP:port pair--no name-based virtual hosting. right right. this is not a issue because this configuration has not any sense. many thanks cavok ps: may i quote your message? i'd like to include your reply to who reported the original problem (debian bug report #169083). -[ Domenico Andreoli, aka cavok --[ http://filibusta.crema.unimi.it/~cavok/gpgkey.asc ---[ 3A0F 2F80 F79C 678A 8936 4FEE 0677 9033 A20E BC50 pgp0.pgp Description: PGP signature
Re: Illegal attempt to re-initialise SSL for server
On Sat, 1 Mar 2003, Domenico Andreoli wrote: ps: may i quote your message? i'd like to include your reply to who reported the original problem (debian bug report #169083). Sure! It's a public list after all. :) --Cliff - Cliff Woolley Apache HTTP Server Project Apache Software Foundation __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
mod_ssl: Illegal attempt to re-initialise SSL for server (theoretically shouldn't happen!)
When I enable SSL (SSLEngine on in httpd.conf) the following error is logged: [Sat Jul 14 19:34:55 2001] [error] mod_ssl: Init: (someserver:80) Illegal attempt to re-initialise SSL for server (theoretically shouldn't happen!) After disable SSL everything's just fine. But I definitely need SSL! I am using: Apache/1.3.20 (Unix) PHP/4.0.6 mod_ssl/2.8.4 OpenSSL/0.9.6a (in fact SuSE Linux 7.2) Is anyone out there who can help me? Lukas Feiler /** EndlosProduktion Kusch Senoner OEG [EMAIL PROTECTED] www.endlos.at **/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: mod_ssl: Illegal attempt to re-initialise SSL for server (theoretically shouldn't happen!)
Thanks for your quick response but SSLEngine on does not appears two times in my httpd.conf (I wished that would have been the problem) Can you (or anybody else!) think of an other reason (-solution) for my problem? Help needed! Lukas Feiler /** EndlosProduktion Kusch Senoner OEG [EMAIL PROTECTED] www.endlos.at **/ - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, July 16, 2001 11:34 AM Subject: RE: mod_ssl: Illegal attempt to re-initialise SSL for server (theoretically shouldn't happen!) This is a wild guess, but you wouldn't happen to have SSLEngine on more than once in your httpd.conf? You can do this if they are in different virtual hosts, but I think this error would be caused otherwise. - John Airey Internet Systems Support Officer, ITCSD, Royal National Institute for the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] -Original Message- From: Lukas Feiler [mailto:[EMAIL PROTECTED]] Sent: 16 July 2001 10:23 To: [EMAIL PROTECTED] Subject: mod_ssl: Illegal attempt to re-initialise SSL for server (theoretically shouldn't happen!) When I enable SSL (SSLEngine on in httpd.conf) the following error is logged: [Sat Jul 14 19:34:55 2001] [error] mod_ssl: Init: (someserver:80) Illegal attempt to re-initialise SSL for server (theoretically shouldn't happen!) After disable SSL everything's just fine. But I definitely need SSL! I am using: Apache/1.3.20 (Unix) PHP/4.0.6 mod_ssl/2.8.4 OpenSSL/0.9.6a (in fact SuSE Linux 7.2) Is anyone out there who can help me? Lukas Feiler /** EndlosProduktion Kusch Senoner OEG [EMAIL PROTECTED] www.endlos.at **/ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
