There
are some possible issues here. The RH6.2 skel will be implementing vsdredirect
(the 80:8080,443:8443 port redirector) which for various unavoidable reasons
drops the client IP and may therefore be preventing any SSL authentication from
taking place. Because you are hosting on RH7.1 The port redirection should
already be being carried out by iptables, so you possibly have two mechanisms
attempting to do redirection. You should disable vsdredirect, the unfortunately
inferior redirector, by commenting out both 'vsdredirect' entries in /etc/rc
within your virtual server and rebooting the vs. That should ensure that only
iptables is being involved for any port redirection. It may even fix your
problem...
Tim
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Esparza, Dan
Sent: 15 August 2001 20:22
To: [EMAIL PROTECTED]
Subject: RE: https on vsI apologize.I should clarify: I do see this entry (and others that are using IfModule syntax to see if SSL support is enabled). What I don't see is a LoadModule statement or an AddModule statement for ssl support. It seems that the <IfModule mod_ssl.c> sections wouldn't get executed if this wasn't added -- am I smoking crack? (Always a possibility...)It also seems that the <IfDefine SSL> sections get executed -- because there is one <IfDefine SSL> block that isn't wrapped by a <IfModule mod_ssl.c> block -- this is the block that tells apache to Listen on 8443. This appears to get executed, because the vsdredirect works (it redirects 443 traffic to 8443), and the server is responding with normal http traffic on 443 -- which (it seems to me) would be expected if mod_ssl hasn't been loaded.Again, am I smoking crack (or perhaps something stronger)? Would anyone be interested in smoking with me? Are these questions baffling anyone yet? Would you like more of an explanation?Thanks,Dan "Tim Sellar is my hero" Esparza-----Original Message-----
From: Tim Sellar [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 15, 2001 12:02 PM
To: [EMAIL PROTECTED]
Subject: RE: https on vsI am looking at the httpd.conf provided with freeVSD and it contains the following entries:<IfModule mod_ssl.c>
SSLEngine off
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/home/web/log/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/home/web/log/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLLog /home/web/log/ssl_engine_log
SSLLogLevel error
</IfModule>Are you saying such an entry is not present in the httpd.conf provided within the freevsd-skel-1.4.9-1rh6.tar.bz2?You can check within your vs, or in the skel itself (/home/vsd/skel/skel/etc/httpd/conf/httpd.conf)Tim-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Esparza, Dan
Sent: 15 August 2001 18:25
To: [EMAIL PROTECTED]
Subject: https on vsIs there a special trick to getting https to work with a virtual machine? I'm using freevsd-1.4.9-2rh71.i386.rpm on RedHat 7.1, with the freevsd-skel-1.4.9-1rh6.tar.bz2 skel. Yes, I realize that this is a RedHat 6.2 skel on RedHat 7.1 (and let me know if this is the culprit), and yes I realize that this is 1.4.9-2 using a 1.4.9-1 skel (also let me know if this is the culprit).I've checked http, ftp, ssh (had to make a few small tweaks), and telnet -- and they all seem to work fine for the VS. (Kudos, folks -- this was a LOT easier than I thought it would be). I notice that an ssl module reference doesn't appear anywhere in httpd.conf -- is there documentation that talks about if this needs to be added somewhere, or if there is something special I need to do for https. If I do a ps -ef on the main host machine I see there are vsdredirect's for ports 80 and 443 -- and these appear to work -- but 443 is serving normal HTTP content. (In other words, https://my.vsserver.com doesn't work, but http://my.vsserver.com:443 actually brings up the page. I realize this shouldn't be the case.)Any help would be appreciated.Thanks,Dan
