unable to start apache with 2 certificates
Hi all, i have a problem with an apache 2.2.9, maybe this is not the correct mailing list but i am going to ask, my apologizes if this isn't the properly place. I had an instance of apache 2.2.9 with and IP serving contents with the port 80 and 443, we bought a godaddy certificate and all went pretty well, but we needed to install another certificate for other domain in the same machine. I had several domains and all works with vhosts with http, but when i first tried to use several vhosts for secure connections the apache seemed to restart well but stop working. With an only certificate, apache use to ask me the certificate password, but when i configure a second one, never asked and stop serving content, even in http. Then i tried to configure the system with 2 IPs, one for every certificate, but i got the same problem. The configuration files seems to be well formed (apachectl -t) and i saw some examples out of there: http://www.ibm.com/developerworks/opensource/library/wa-multissl.html am i doing something wrong? this is the correct mailing list to ask? thanks, and best regards. -- ;-) Jorge Martin Cuervo Outsourcing Emarketplace deFacto Powered by Standards email [EMAIL PROTECTED] voice +34 984 832 659 voice +34 660 026 384 DE FACTO STANDARDS, S.L., le informa que su dirección de correo electrónico, así como el resto de los datos de carácter personal que nos facilite, serán objeto de tratamiento automatizado en nuestros ficheros, con la finalidad del envío de información comercial y/o personal por vía electrónica. Vd. podrá en cualquier momento ejercer el derecho de acceso, rectificación, cancelación y oposición en los términos establecidos en la Ley Orgánica de Protección de Datos de Carácter Personal (LOPD. 15/1999), dirigiendo un escrito a C/ Rivero 31 1º Izda. - 33402 AVILES (Asturias), o a nuestra dirección de correo electrónico ([EMAIL PROTECTED]). También informamos que la información incluida en este e-mail es CONFIDENCIAL, siendo para uso exclusivo del destinatario arriba mencionado. Si Usted lee este mensaje y no es el destinatario indicado, le informamos que está totalmente prohibida cualquier utilización, divulgación, distribución y/o reproducción de esta comunicación sin autorización expresa en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por esta misma vía y proceda a su eliminación. This e-mail contains information that will be added to our computerised guest data base and will be trated in the strict confidence. If you wish to access, correct, oppose or cancel your details, as specified the Law 15/99, December 13th, please send a certified letter to this effect to DE FACTO STANDARDS, S.L.., (C/ Rivero 31 1º Izda. - 33402 AVILES (Asturias) SPAIN). If you read this message, and is not the destinatary, we informal you that is forbidden anything utility, distribution, divulgation or reproduction of this communication without express authorization, of the present law. If you received this message for mistake, we proud in order to the present law, immediate communication to us, and please erase this e-mail __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
Re: unable to start apache with 2 certificates
Jorge Martín Cuervo a écrit : Hi all, i have a problem with an apache 2.2.9, maybe this is not the correct mailing list but i am going to ask, my apologizes if this isn't the properly place. I had an instance of apache 2.2.9 with and IP serving contents with the port 80 and 443, we bought a godaddy certificate and all went pretty well, but we needed to install another certificate for other domain in the same machine. I had several domains and all works with vhosts with http, but when i first tried to use several vhosts for secure connections the apache seemed to restart well but stop working. Did you try with SSLPassPhraseDialog in each VirtualHost ? or unciphered key ? Wich is result of httpd -S ? -- Gilles CUESTA - Logiciels Libres 69139920 signature.asc Description: OpenPGP digital signature
Re: unable to start apache with 2 certificates
Hi Cuesta Guilles, thanks for your quickly reply. No i am going to read the documentation about SSLPassPhraseDialog. This is my apachectl -S output: [EMAIL PROTECTED] bin]$ ./apachectl -S VirtualHost configuration: 213.134.38.66:443 cv.smra.org (/home/jmartin/apache22/conf/extra/httpd-ssl.conf:266) 213.134.38.54:443 www.smartcv.org (/home/jmartin/apache22/conf/extra/httpd-ssl.conf:81) wildcard NameVirtualHosts and _default_ servers: *:80 is a NameVirtualHost default server protean.eu (/home/jmartin/apache22/conf/httpd.conf:490) port 80 namevhost protean.eu (/home/jmartin/apache22/conf/httpd.conf:490) port 80 namevhost madrid.protean.eu (/home/jmartin/apache22/conf/httpd.conf:506) port 80 namevhost portal.protean.eu (/home/jmartin/apache22/conf/httpd.conf:519) port 80 namevhost uk.protean.eu (/home/jmartin/apache22/conf/httpd.conf:532) port 80 namevhost portaldeempleo.curtidora.com (/home/jmartin/apache22/conf/httpd.conf:545) port 80 namevhost ofertasdeempleo.curtidora.com (/home/jmartin/apache22/conf/httpd.conf:557) port 80 namevhost smra.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:572) port 80 namevhost gijon.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:580) port 80 namevhost esapa.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:588) port 80 namevhost curtidora.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:596) port 80 namevhost candidato.curtidora.com (/home/jmartin/apache22/conf/httpd.conf:604) port 80 namevhost demo.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:617) port 80 namevhost democv.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:624) port 80 namevhost fade.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:638) port 80 namevhost fadecv.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:645) port 80 namevhost flc.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:659) port 80 namevhost flccv.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:666) port 80 namevhost smartcv.org (/home/jmartin/apache22/conf/httpd.conf:680) port 80 namevhost coiipa.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:708) port 80 namevhost coiial.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:715) port 80 namevhost colegiado.coiial.net (/home/jmartin/apache22/conf/httpd.conf:724) port 80 namevhost ofertas.coiial.net (/home/jmartin/apache22/conf/httpd.conf:736) port 80 namevhost empleo.coiial.net (/home/jmartin/apache22/conf/httpd.conf:747) port 80 namevhost coiil.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:761) port 80 namevhost coiia.smartcv.org (/home/jmartin/apache22/conf/httpd.conf:768) port 80 namevhost smartemployer.org (/home/jmartin/apache22/conf/httpd.conf:778) port 80 namevhost asturiasotrabajas.com (/home/jmartin/apache22/conf/httpd.conf:792) port 80 namevhost asturiasytrabajas.com (/home/jmartin/apache22/conf/httpd.conf:806) port 80 namevhost media.protean.eu (/home/jmartin/apache22/conf/httpd.conf:820) port 80 namevhost protean.es (/home/jmartin/apache22/conf/httpd.conf:832) port 80 namevhost colegios.protean.es (/home/jmartin/apache22/conf/httpd.conf:846) port 80 namevhost opea.protean.es (/home/jmartin/apache22/conf/httpd.conf:858) Syntax OK El lun, 20-10-2008 a las 10:16 +0200, Cuesta Gilles escribió: Jorge Martín Cuervo a écrit : Hi all, i have a problem with an apache 2.2.9, maybe this is not the correct mailing list but i am going to ask, my apologizes if this isn't the properly place. I had an instance of apache 2.2.9 with and IP serving contents with the port 80 and 443, we bought a godaddy certificate and all went pretty well, but we needed to install another certificate for other domain in the same machine. I had several domains and all works with vhosts with http, but when i first tried to use several vhosts for secure connections the apache seemed to restart well but stop working. Did you try with SSLPassPhraseDialog in each VirtualHost ? or unciphered key ? Wich is result of httpd -S ? -- ;-) Jorge Martin Cuervo Outsourcing Emarketplace deFacto Powered by Standards email [EMAIL PROTECTED] voice +34 984 832 659 voice +34 660 026 384 DE FACTO STANDARDS, S.L., le informa que su dirección de correo electrónico, así como el resto de los datos de carácter personal que nos facilite, serán objeto de tratamiento automatizado en nuestros ficheros, con la finalidad del envío de información comercial y/o personal por vía electrónica. Vd. podrá en cualquier momento ejercer el derecho de acceso, rectificación, cancelación y oposición en los términos establecidos en la Ley Orgánica de Protección de Datos de
Re: unable to start apache with 2 certificates
Jorge Martín Cuervo a écrit : I tried with an SSLPassPhraseDialog in every VirtualHost and i get this message: [EMAIL PROTECTED] bin]$ ./apachectl -S Syntax error on line 82 of /home/jmartin/apache22/conf/extra/httpd-ssl.conf: SSLPassPhraseDialog cannot occur within VirtualHost section or unciphered key ? how can i do it? do i need to contact with my certificate provider? http://www.modssl.org/docs/2.8/ssl_faq.html#ToC31 Your key may be stored unciphered on your server. -- Pourquoi Pierre Lescure a quitté Canal? parce qu'il pensait créer une marionette Chuck Norris dans les Guignols de l'info !!! Gilles CUESTA - Logiciels Libres 69139920 signature.asc Description: OpenPGP digital signature
Re: unable to start apache with 2 certificates
I tried with an SSLPassPhraseDialog in every VirtualHost and i get this message: [EMAIL PROTECTED] bin]$ ./apachectl -S Syntax error on line 82 of /home/jmartin/apache22/conf/extra/httpd-ssl.conf: SSLPassPhraseDialog cannot occur within VirtualHost section or unciphered key ? how can i do it? do i need to contact with my certificate provider? thanks. El lun, 20-10-2008 a las 10:32 +0200, Jorge Martín Cuervo escribió: Did you try with SSLPassPhraseDialog in each VirtualHost ? -- ;-) Jorge Martin Cuervo Outsourcing Emarketplace deFacto Powered by Standards email [EMAIL PROTECTED] voice +34 984 832 659 voice +34 660 026 384 DE FACTO STANDARDS, S.L., le informa que su dirección de correo electrónico, así como el resto de los datos de carácter personal que nos facilite, serán objeto de tratamiento automatizado en nuestros ficheros, con la finalidad del envío de información comercial y/o personal por vía electrónica. Vd. podrá en cualquier momento ejercer el derecho de acceso, rectificación, cancelación y oposición en los términos establecidos en la Ley Orgánica de Protección de Datos de Carácter Personal (LOPD. 15/1999), dirigiendo un escrito a C/ Rivero 31 1º Izda. - 33402 AVILES (Asturias), o a nuestra dirección de correo electrónico ([EMAIL PROTECTED]). También informamos que la información incluida en este e-mail es CONFIDENCIAL, siendo para uso exclusivo del destinatario arriba mencionado. Si Usted lee este mensaje y no es el destinatario indicado, le informamos que está totalmente prohibida cualquier utilización, divulgación, distribución y/o reproducción de esta comunicación sin autorización expresa en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por esta misma vía y proceda a su eliminación. This e-mail contains information that will be added to our computerised guest data base and will be trated in the strict confidence. If you wish to access, correct, oppose or cancel your details, as specified the Law 15/99, December 13th, please send a certified letter to this effect to DE FACTO STANDARDS, S.L.., (C/ Rivero 31 1º Izda. - 33402 AVILES (Asturias) SPAIN). If you read this message, and is not the destinatary, we informal you that is forbidden anything utility, distribution, divulgation or reproduction of this communication without express authorization, of the present law. If you received this message for mistake, we proud in order to the present law, immediate communication to us, and please erase this e-mail __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]