Re: how to enable SSL for a handler

Sun, 03 Jul 2022 19:30:05 -0700 

Thank you Jack.
The problem I have is that I don't have a DocRoot IMO.
I will check this configuration.

Regards.


On Sun, Jul 3, 2022 at 7:53 PM Jacques Deguest <j...@deguest.jp> wrote:

> Re,
> You're probably going to need a DocRoot directive somewhere though.
> You might want to check the sanity of your configuration with Apache
> command line -t flag
>
> On 2022/07/03 19:32, Jacques Deguest wrote:
>
> Sure, comment out all the perl stuff that are not required for certbot to
> work, run something like:
> certbot certonly --rsa-key-size 4096 --agree-tos --email
> yongw...@gmail.com -d luck.cloudcache.net
> Get the cert, and then after uncomment what you previously commented out.
> It should work.
>
> Regards,
> Jacques
>
> On 2022/07/03 19:29, Yong Walt wrote:
>
> This is my httpd.conf.
>
> <VirtualHost *:80>
>
>         ServerAdmin webmaster@localhost
>
>         ServerName luck.cloudcache.net
>
>
>
>         PerlPostConfigRequire /etc/apache2/modperl/startup.pl
>
>
>         <Location />
>
>             SetHandler modperl
>
>             PerlResponseHandler LuckyNum
>
>         </Location>
>
>
>
>         ErrorLog ${APACHE_LOG_DIR}/error.log
>
>         LogLevel warn
>
>         CustomLog ${APACHE_LOG_DIR}/luck.access.log combined
>
>
> </VirtualHost>
>
>
>
> How do you think I can set up the SSL?
>
>
> I asked it just b/c "certbot --apache" doesn't work for this handler.
>
>
> Thanks.
>
> On Sun, Jul 3, 2022 at 6:24 PM Jacques Deguest <j...@deguest.jp> wrote:
>
>> You do not even need to have a virtualhost with ssl enabled for certbot
>> to work.
>> You can have a simple VirtualHost responding to regular 80 port, then get
>> the ssl certificate, then add the VirtualHost for SSL and all your modperl
>> specifications to it. Something like the following, and once you got the
>> certificate, you uncomment the 2nd part.
>>
>> ----
>> <Virtualhost *:80>
>>     ServerName api.example.org:80
>>     ServerAdmin w...@example.org
>>     DocumentRoot /var/www/api.example.org
>>     DirectoryIndex "index.html" "index.pl" "index.php"
>>     CustomLog "/var/log/apache2/api.example.org-access.log" combined
>>     ErrorLog "/var/log/apache2/api.example.org-error.log"
>>     LogLevel warn
>>     <Directory "/var/www/api.example.org">
>>         Options All +MultiViews -ExecCGI -Indexes -Includes
>>         AllowOverride All
>>     </Directory>
>>     ScriptAlias     "/cgi-bin/"     "/var/www/api.example.org/cgi-bin/"
>>     <IfModule mod_alias.c>
>>         Alias "/icons/" "/var/www/icons/"
>>     </IfModule>
>>     <IfModule mod_ssl.c>
>>         RewriteEngine on
>>         RewriteRule ^\/?(.*)$ https://%{SERVER_NAME}/$1 [R,L]
>>     </IfModule>
>> </VirtualHost>
>>
>> # <IfModule mod_ssl.c>
>> #     <VirtualHost *:443>
>> #         ServerName api.example.org:443
>> #         ServerAdmin w...@example.org
>> #         DocumentRoot /var/www/api.example.org
>> #         DirectoryIndex "index.html" "index.php"
>> #         CustomLog "/var/log/apache2/api.example.org-access.log" combined
>> #         ErrorLog "/var/log/apache2/api.example.org-error.log"
>> #         LogLevel warn
>> #         <Directory "/var/www/api.example.org">
>> #         RewriteEngine Off
>> #             Options All +MultiViews -ExecCGI -Indexes -Includes
>> #             AllowOverride All
>> #         </Directory>
>> #         ScriptAlias "/cgi-bin/"     "/var/www/api.example.org/cgi-bin/"
>> #         <Directory "/var/www/api.example.org/cgi-bin/">
>> #             RewriteEngine Off
>> #             Options All +Includes +ExecCGI -Indexes +MultiViews
>> #             AllowOverride All
>> #             SetHandler cgi-script
>> #             AcceptPathInfo On
>> #             Require all granted
>> #         </Directory>
>> #         <IfModule mod_perl.c>
>> #             PerlOptions        +GlobalRequest
>> #             PerlPassEnv        MOD_PERL
>> #             PerlPassEnv        HOME
>> #             PerlPassEnv        SERVER_NAME
>> #             PerlPassEnv        HTTP_HOST
>> #             PerlPassEnv        REMOTE_ADDR
>> #             PerlPassEnv        REMOTE_HOST
>> #             PerlPassEnv        PATH_INFO
>> #             PerlPassEnv        LC_MESSAGES
>> #             PerlPassEnv        LANGUAGE
>> #             PerlModule        Apache2::Request
>> #             PerlModule        Apache2::Status
>> #             PerlModule        Apache::DBI
>> #             <Location />
>> #                 SetHandler        modperl
>> #                 PerlHandler        Apache::Registry
>> #                 PerlSendHeader      On
>> #                 PerlSetupEnv        On
>> #                 PerlOptions        +GlobalRequest
>> #                 Options            +Includes +ExecCGI
>> #                 Order allow,deny
>> #                 Allow from all
>> #             </Location>
>> #         </IfModule>
>> #
>> #         SSLCertificateFile /etc/ssl/private/api.example.org/cert.pem
>> #         SSLCertificateKeyFile /etc/ssl/private/
>> api.example.org/privkey.pem
>> #         Include /etc/ssl/options-ssl-apache.conf
>> #
>> #         <IfModule mod_alias.c>
>> #             Alias "/icons/" "/var/www/icons/"
>> #         </IfModule>
>> #     </Virtualhost>
>> # </IfModule>
>> ----
>>
>>
>> On 2022/07/03 19:00, Yong Walt wrote:
>>
>> but that vhost has a modperl handler as the endpoint only.
>>
>> On Sun, Jul 3, 2022 at 12:19 PM Mithun Bhattacharya <mit...@gmail.com>
>> wrote:
>>
>>> You don't enable SSL for a endpoint you do it for a host/port
>>> combination. All endpoints under that virtual host is SSL enabled.
>>>
>>> On Sat, Jul 2, 2022, 9:01 PM Yong Walt <yongw...@gmail.com> wrote:
>>>
>>>> Hello
>>>>
>>>> When I run certbot --apache for modperl handler service, it doesn't
>>>> work.
>>>> So how can I setup letsencrypt SSL for a pure handler web API?
>>>>
>>>> Thanks
>>>>
>>>
>>
>
>

Reply via email to