There is another option - using a kernel mod called "insider" available as a
patch for the 2.4 kernel (2.4.4 upwards I think) - this allows you to add
certain UID's, PID's or actual programs to start 'low' listening sockets as
a non-root user.
Bill
----- Original Message -----
From: "Damion Parry" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, May 31, 2001 5:24 PM
Subject: Re: HTTPS & OpenSSL
> Hello,
>
> I'm afraid that this is a problem associated with vsdredirect (the VERY
> basic port redirector used to redirect port 80 to 8080 and 443 to 8443).
> As a result of the way sockets are used, the source IP address gets
> replaced by that of the hosting server, causing the secure bits to fail
> with https. This can be resolved by running apache as root (bad) or
> using ipchains to do the port redirection (ugly) or iptables in the 2.4
> kernel (not supported yet).
>
> I believe that the first two methods have been covered in the
> documentation, and I'm working on the third (will be available with the
> RH 7.1 port).
>
> HTH,
> Damion.
>
> Ben Kennish wrote:
> >
> > I can't seem to set up HTTPS in of my test VS. I have compiled with the
> > --with-openssl option.
> >
> > I have created a certificate for my host server (CA) with vsd-genca
> > and one for my vs (vsone) using "vsd-ca_certadd vsone".
> >
> > But doing https://vsone.office.fubra/ doesn't seem to work (Network
> > Error : I/O error with nutscrape.) I've checked through the default
> > secure virtual host on the server and it seems OK. I don't get anything
> > in Apache's error logs although I do get a few weird looking symbols in
> > the access log!
> >
> > I've tried copying the .crt or .key files that are made on the host from
> > vsd-ca_certadd to where Apache is looking for them on the VS but to no
> > avail (same error.)
> >
> > netstat -nat shows that the VS is listening on both 443 and 8443 ports.
> >
> > Any ideas? Am I missing some vsdadm ca_certadd stuff?
> >
> > TIA,
> >
> > --
> > Ben Kennish
> >
> > e: [EMAIL PROTECTED]
> > w: www.fubra.com
