You could try adding these directives inside your virtual host block (or else make the
scope global if you wish):
SSLLog /var/log/httpd/{virtual-host-name}-ssl_log
SSLogLevel debug
These will provide some verbose debug spew in the ssl log file that might help.
-----Original Message-----
From: Sean M Alderman [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 18, 2002 5:21 PM
To: [EMAIL PROTECTED]
Subject: SSL w/ Virtual Hosts startup failure...
Hi, I just received certs today for a couple of Vhosts. I setup their
SSL vhosts like -
<IfDefine SSL>
<VirtualHost 111.222.444.333:443>
# Server Info
ServerName www.server.com
ServerAdmin [EMAIL PROTECTED]
# SSL Stuff
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/appl/www/www.server.com/certs/server.crt
SSLCertificateKeyFile /usr/appl/www/www.server.com/certs/server.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/usr/appl/www/www.server.com/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /usr/appl/www/cws.grc.nasa.gov/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
# Document Directory Information
DocumentRoot /usr/appl/www/www.server.com/htdocs
<Directory />
Options +Includes
</Directory>
# Jakarta Mounts for the
# Bobby Section 508 software
JkMount /bobby ajp13
JkMount /bobby/*.jsp ajp13
# CGI Directories
ScriptAlias /cgi-bin/ "/usr/appl/www/www.server.com/cgi-bin/"
# Log Configuration
ErrorLog /usr/appl/www/www.server.com/logs/error_log
CustomLog "|/usr/appl/apache/bin/rotatelogs
/usr/appl/www/www.server.com/logs/access_log 2419200" combined
</VirtualHost>
</IfDefine>
I configured ssl and certs for 3 vhosts and tested each one after I made
the configuration for it. The server started after the first ssl
config, and the second, but it's not starting on the last. The SSL
Engine Log is here, access_log and error_log have are empty
==> ssl_engine_log <==
[18/Jul/2002 17:09:30 11938] [info] Server: Apache/1.3.26, Interface:
mod_ssl/2.8.9, Library: OpenSSL/0.9.6d
[18/Jul/2002 17:09:30 11938] [info] Init: 1st startup round (still not
detached)
[18/Jul/2002 17:09:30 11938] [info] Init: Initializing OpenSSL
library[18/Jul/2002 17:09:30 11938] [info] Init: Loading certificate &
private key of SSL-aware server mailarch.grc.nasa.gov:443
[18/Jul/2002 17:09:30 11938] [info] Init: Loading certificate & private
key of SSL-aware server cws.grc.nasa.gov:443
[18/Jul/2002 17:09:30 11938] [info] Init: Loading certificate & private
key of SSL-aware server webapp.grc.nasa.gov:443
[18/Jul/2002 17:09:30 11938] [info] Init: Seeding PRNG with 136 bytes
of entropy
[18/Jul/2002 17:09:30 11938] [info] Init: Generating temporary RSA
private keys (512/1024 bits)
[18/Jul/2002 17:09:31 11938] [info] Init: Configuring temporary DH
parameters (512/1024 bits)
Is there some advanced logging I can do to determine the problem? Has
this been handled before (and I didn't use the right search terms)?
Thanks!
--
Sean M. Alderman
ITRACK Systems Analyst
PACE/NCI - NASA Glenn Research Center
(216) 433-2795
Calling a windowed operating system "Windows" is like naming an
automobile "Wheels."
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
