RE: IP Based Virtual Hosting

Mon, 23 Apr 2001 18:15:15 -0700 

> From: Stephen Bader [mailto:[EMAIL PROTECTED]]
> 
> I have a server that is hosting several non-ssl virtual  sites. I recenlty
> added an SSL site. Mod_SSL is working perfectly, and the secure site loads
> just fine. The only problem I'm having is with apachectl. It complains
> that there is a problem in my configuration. httpd -t shows the same
> thing. Here is an output from httpd -t
> 
> Syntax error on line 2159 of /usr/local/etc/apache/httpd.conf:
> Invalid command 'SSLEngine', perhaps mis-spelled or defined by a module
> not included in the server configuration

This message means that when Apache read the config file, none of the
available modules would handle the command.  Which means that mod_ssl is
unavailable, or should mean that, anyway.  You're sure that the secure site
loads _securely_?

> The strange part is, in httpd.conf, I have:
> SSLEngine on in
> <VirtualHost _default_:443>

This probably has an "<IfDefine SSL>" block around it.

> And it doesn't complain about that one, it only complains 
> about this one:
> <VirtualHost www.blah.com:443>
> DocumentRoot    /home/blah                                          
> ServerName      www.blah.com
> ErrorLog        logs/error_log.blah.com
> SSLEngine on
> SSLCipherSuite ALL
> SSLCertificateFile /usr/local/etc/apache/ssl.crt/blah.crt
> SSLCertificateKeyFile /usr/local/etc/apache/ssl.key/blah.key
> SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> </VirtualHost>

This probably does not have an "<IfDefine SSL>" block around it.

If I'm right about the IfDefine, then these errors indicate that you
probably didn't start the server with SSL active, i.e. without using
"apachectl startssl" or the "-DSSL" argument.

> Is there something I should be doing differently? I tried taking
> "SSLEngine on" out of the virtual host statement, but then it complains
> about the next SSL command in the Virtualhost.

Well, yeah.  Once it finds a config command that can't be handled, it stops
reading the file.

> Any help would  be greatly
> appreciated. Also, please CC me in your replies, I am not yet 
> subscribed to the list.

Eh?  This list is available to people who haven't subscribed?

 
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to