Re: SSL support for a VirtualHost on a port other than 443

Tue, 16 Aug 2005 16:48:36 -0700 

Mads,

Thank you so much for your help.  It worked almost perfectly once I
added those lines, plus a couple more:

Listen 81
<VirtualHost *:81>
     ServerAdmin [EMAIL PROTECTED]
     DocumentRoot /usr/local/www/printers
     ServerName pc74965.cts.cwu.edu
     DirectoryIndex index.html index.php
     ErrorLog /var/log/printers-error_log
     CustomLog /var/log/printers-error_log combined
     <IfDefine SSL>
     LoadModule ssl_module libexec/apache2/mod_ssl.so
     SSLEngine on
     SSLCertificateFile /usr/local/etc/apache2/ssl.crt/server.crt  
     SSLCertificateKeyFile /usr/local/etc/apache2/ssl.key/server.key
     </IfDefine>
</VirtualHost>

There may be a couple extra things in there, since apachectl complains
about loading the ssl_module twice..

I really appreciate the help.

Best,
Andrew

Andrew Musselman
[EMAIL PROTECTED]
>>> [EMAIL PROTECTED] 08/16/05 1:41 PM >>>
On Tue, Aug 16, 2005 at 11:16:36AM -0700, Andrew Musselman wrote:
> Listen 81
> <VirtualHost *:81>
>      ServerAdmin [EMAIL PROTECTED] 
>      DocumentRoot /usr/local/www/printers
>      ServerName pc74965.cts.cwu.edu
>      DirectoryIndex index.html index.php
>      ErrorLog /var/log/printers-error_log
>      CustomLog /var/log/printers-error_log combined
> </VirtualHost>
> 
> Do I need to add any ssl-specific directives in there?
> 
Yes. SSLEngine on is the first thing to add - you also need to point to
the server cert and key.

> SSL_connect:SSLv2/v3 write client hello A
> read from 08097700 [080B5000] (7 bytes => 7 (0x7))
> 0000 - 3c 21 44 4f 43 54 59                              <!DOCTY

This matches the config above - SSL isn't turned on on port 81 - you
should never see <!DOCTY in plain as part of an ssl session.

[SNIP lots of useless comments]
no need to paste comments verbatim from the config file.

vh

Mads Toftum
-- 
`Darn it, who spiked my coffee with water?!' - lwall

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@modssl.org
Automated List Manager                            [EMAIL PROTECTED]

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@modssl.org
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to