Hello Sonu, RE:>>1. where do i put the virtual host details for http page< In the virtual host directive section of your httpd.conf file. Is this working? If not, what about it does not work? Once you have the Secure ServerName, and DocumentRoot for the MAIN server set, does the main server come up okay? If not, you will probably have trouble making the virtual host work.
RE:>>2. where do i put the virtual host details for https page SSLVerifyClient none< This you put in the ssl.conf file. Since Apache 2.0.35 already is mod_ssl aware, all you should need to do is something like: ---- Listen 443 <VirtualHost __default__:443> DocumentRoot "/var/www/secure.server.com/" ServerName secure.server.com:443 </Virtual Host> --- If you don't require the SSLClient to verify, then you shouldn't have to set up anything because the web server software should just handle your secure communications. There are a few other settings that need to be set to read your certificate files, but this should get you to the point of users being able to connect to the https server. And, you said that you had all of the files created so I would imagine that you can see how the default is set. You would change those settings to point to YOUR CRT and KEY files instead. Again, do you have a specific error message? What does your access_log say on that server? ------------ RE:>>3. where do i put the virtual host details for https page SSLVerifyClient< --- Make sure the SSLVerifyClient require statement is uncommented in the ssl.conf file. I did this and immediately, my secure server requests a certificate from my client. I think you can then pick the client cert you want to use from a list, if the client has one. (I don't have one in my client as I have never had a need for one). The best info I had on this was from a message by Owen Boyle with a subject line of "Creating Client Certificates". If you can't find it, I'll forward a copy to you... RE:>>now I need to create three virtual hosts One at 80, one at 443, and one at 8443? Wouldn't this work? Good luck. I'm going to have to bow out because I would be the blind leading the blind. Hopefully I haven't steered you too far off track. :-) Andrew Lietzow The ACL Group, Inc. ----- Original Message ----- From: "Sonu Kishore" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, April 22, 2002 11:44 AM Subject: Re: important - virtual hosts for apache 2.0 > Thanx Andrew for a quick response. > > I am in a mess ... this project landed in my lap just 8 days back when I new > nothing about apache's httpd.conf or PKI or openssl etc etc.. > But today i feel so much more aware. > > [http page] > The problem is in our intranet site we have first page which has to be a http > page where the new user sends a request for certificate to my CA. > > [https Page - SSLVerifyClient none] > The second page is where the new user is asked to provide user id & PEM pass > phrase to generate a certificate > > [http page - SSLVerifyClient require] > The third page where all registered users fill there user id & password and use > the intranet aaplication. > > now I need to create three virtual hosts in > [httpd.conf file] > [ssl.conf file] > how do configure the two files for the same. > > 1. where do i put the virtual host details for http page > 2. where do i put the virtual host details for https page SSLVerifyClient none > 3. where do i put the virtual host details for https page SSLVerifyClient > require > > Please suggest. > > Regards > > Sonu. > > > > > --- Andrew Lietzow <[EMAIL PROTECTED]> wrote: > > Dear Sonu, > > RE:>>I have configured my httpd.conf & ssl.conf file also but probably I am > > not > > doing something right as my site is not opening as required. > > ...and... > > RE:>>> I have one page which has to be http > > > I have the second page which has to be https with sslverifyclient none > > > I have a third page which is https with sslverifyclient require > > > I have read that i will require IP base virtual hosts. > > ...and... > > RE:>> > > I want to use apache 2.0 how do I configure it with mod_ssl & openssl. > > -------- > > Okay, now that you have shared the background, what exactly is happening? I > > guess the reason I was (on Saturday) curious as to whether you have followed > > guides available > > from Apache, openssl, and mod_ssl is because FOR ME, the Apache 2.0.35 > > system > > configured very quickly to provide a secure server, without hardly a > > whimper. Download the tarball, > > run configure, generate the key, csr, and crt, and voila, secure server is > > up and running. This does > > not, however, address your last configuration, with sslverifyclient => > > require. That I have not tried. > > > > However, if you can provide the scenario for your error or perceived > > disfunctionality of the system, > > then possibly someone can help you quickly move forward. I doubt that it is > > I, but send > > more information and I'll be glad to help if I can. Most here will do the > > same, or so I believe, > > or they probably wouldn't continue to subscribe. > > > > Take some time to thoroughly clearly describe the error or the problem and > > you may get some > > very quick help. > > > > Good Luck! > > > > Andrew Lietzow > > The ACL Group, Inc. > > > > > __________________________________________________ > Do You Yahoo!? > Yahoo! Games - play chess, backgammon, pool and more > http://games.yahoo.com/ > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
