I am trying to set up an ssl connection. I am using aolserver 4.5.0.
Here is the portion of the nsd file that pertains:
# SSL contexts. Each SSL context is a template that SSL connections are
created
# from. A single SSL context may be used by multiple drivers, sockservers
and
# sockclients.
ns_section ns/server/${servername}/module/nsopenssl/sslcontexts
ns_param users "SSL context used for regular user access"
### ns_param client "SSL context used for outgoing script socket
connections"
# We explicitly tell the server which SSL contexts to use as defaults when
an
# SSL context is not specified for a particular client or server SSL
# connection. Driver connections do not use defaults; they must be
explicitly
# specificied in the driver section. The Tcl API will use the defaults as
there
# is currently no provision to specify which SSL context to use for a
# particular connection via an ns_openssl Tcl command.
ns_section ns/server/${servername}/module/nsopenssl/defaults
ns_param server users
ns_section ns/server/${servername}/module/nsopenssl/sslcontext/users
ns_param Role server
ns_param ModuleDir ${homedir}/servers/${servername}/modules/nsopenssl; #
${serverroot}/etc/certs/
ns_param CertFile cert.pem
ns_param KeyFile key.pem
ns_param CADir ca
ns_param CAFile ca.pem
ns_param Protocols "SSLv2, SSLv3, TLSv1"
ns_param CipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
ns_param PeerVerify false
ns_param PeerVerifyDepth 3
ns_param Trace false
# SSL drivers. Each driver defines a port to listen on and an explitictly
named
# SSL context to associate with it. Note that you can now have multiple
driver
# connections within a single virtual server, which can be tied to different
# SSL contexts. Isn't that cool?
ns_section ns/server/${servername}/module/nsopenssl/ssldrivers
ns_param users "Driver for regular user access"
ns_section ns/server/${servername}/module/nsopenssl/ssldriver/users
ns_param sslcontext users
ns_param port $httpsport
ns_param hostname $hostname
ns_param address $address
# OpenSSL library support:
#ns_param RandomFile /some/file
ns_param SeedBytes 1024
================
Here is the result when I restart the server:
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsmain:
AOLserver/4.5.0 starting
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsmain: security
info: uid=xxx, euid=xxx, gid=xxx, egid=xxx
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsmain: max files:
FD_SETSIZE = 1024, rl_cur = 1024, rl_max = 1024
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: encoding: loaded: utf-8
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: fastpath[server8]:
mapped GET /
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: fastpath[server8]:
mapped HEAD /
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: fastpath[server8]:
mapped POST /
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: adp[server8]:
mapped GET /*.adp
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: adp[server8]:
mapped HEAD /*.adp
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: adp[server8]:
mapped POST /*.adp
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: adp[server8]:
mapped GET /*.html
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: adp[server8]:
mapped HEAD /*.html
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: adp[server8]:
mapped POST /*.html
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading
'/usr/local/aolserver/bin/nssock.so'
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading
'/usr/local/aolserver/bin/nslog.so'
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nslog: opened
'/usr/local/aolserver/servers/server8/access.log'
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading
'/usr/local/aolserver/bin/nsperm.so'
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading
'/usr/local/aolserver/bin/nsxml.so'
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsxml module starting
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading
'/usr/local/aolserver/bin/nsdb.so'
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading
'/usr/local/aolserver/bin/nspostgres.so'
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: PostgreSQL loaded.
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading
'/usr/local/aolserver/bin/libphp5.so'
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: Registering PHP for
"*.php"
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: modload: loading
'/usr/local/aolserver/bin/nsopenssl.so'
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl:
generating 512-bit temporary RSA key ...
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl:
generating 1024-bit temporary RSA key ...
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl
(server8): loading SSL context 'users'
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl
(server8): 'users' ciphers loaded successfully
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl
(server8): 'users' using SSLv2 protocol
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl
(server8): 'users' using SSLv3 protocol
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl
(server8): 'users' using TLSv1 protocol
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl
(server8): 'users' certificate and key loaded successfully
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl
(server8): 'users' CA file loaded successfully
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: users (nsopenssl):
session cache is turned on for sslcontext 'server8'
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl
(server8): default SSL context for server is users
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: default server SSL
context: users
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsopenssl
(server8): loading 'users' SSL driver
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: conf:
[ns/server/server8]enabletclpages = 1
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: tcl: enabling .tcl
pages
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsmain:
AOLserver/4.5.0 running
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: nsmain: security
info: uid=xxx, euid=xxx, gid=xxx, egid=xxx
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: driver: starting:
nsopenssl
[27/Oct/2010:17:23:55][13466.3072859040][-sched-] Notice: sched: starting
[27/Oct/2010:17:23:55][13466.3061930912][-nsopenssl:driver-] Notice: starting
[27/Oct/2010:17:23:55][13466.3061930912][-nsopenssl:driver-] Notice:
nsopenssl: listening on 64.58.34.55:8443
[27/Oct/2010:17:23:55][13466.3083437760][-main-] Notice: driver: starting:
nssock
[27/Oct/2010:17:23:55][13466.3060874144][-nssock:driver-] Notice: starting
[27/Oct/2010:17:23:55][13466.3060874144][-nssock:driver-] Notice: nssock:
listening on 64.58.34.55:80
=============
looks like everything loaded
However, when I try to go to a page on the server using https, I get an
error (Unable to connect - Firefox can't establish a connection to the
server at www.getreadytoshift.com)
I copied the text from the .crs files I got from godaddy.com for the
cert.pem and the ca.pem files.
Any help will be appreciated.
--
AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to
<[email protected]> with the
body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject:
field of your email blank.
