Yes, I have SSLEngine On in ssl.conf, here's my ssl.conf file: SSLRandomSeed startup builtin SSLRandomSeed connect builtin
<IfDefine SSL> Listen 443 Listen my.ip.ad.dr:443 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl SSLPassPhraseDialog builtin SSLSessionCache dbm:/var/run/ssl_scache SSLSessionCacheTimeout 300 SSLMutex file:/var/run/ssl_mutex <VirtualHost _default_:443> DocumentRoot "/usr/pkg/share/httpd/htdocs" ServerName www.mydomain.net:443 ServerAdmin [EMAIL PROTECTED] ErrorLog /var/log/httpd/error_log TransferLog /var/log/httpd/access_log SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile /usr/pkg/etc/httpd/ssl.crt/server.crt SSLCertificateKeyFile /usr/pkg/etc/httpd/ssl.key/server.pem <FilesMatch "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "/usr/pkg/libexec/cgi-bin"> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog /var/log/httpd/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> </IfDefine> Any ideas? --- "Omar W. Hannet" <[EMAIL PROTECTED]> wrote: > SSLEngine On? > > Glyn Astill wrote: > > Hi people, > > > > I'm new to this list, so hello. > > > > I've been trying to get https working with apache 2.0.59 on > NetBSD > > 3.99 today, and it's > > beginning to make my face ache. > > > > Basically when I try to view a page via https I get connection > > refused. Apache is compiled with mod_ssl.c, I have openssl > installed. > > > > This is what I've done so far: > > > > 1) Copied the example openssl cfg from examples to > > /etc/openssl/openssl.cnf > > > > 2)Generated my server key, then pem file then the csr and crt. > > > > 3)Then coppied them all into ssl.key (server.pem, server.key), > > ssl.csr (server.csr) and ssl.crt (server.crt). This is where my > > ssl.conf expects them. > > > > 4) Made sure ssl.conf is pointing to these files properly and is > > listening on port 443 (Listen <ipaddress>:443) > > > > 5) Made sure ssl.conf is included in httpd.conf properly > > > > 6) check that mod_ssl.c is compiled in with https -l > > > > 7) checked my apache access and error logs - nothing ! > > > > .... And still nothing, it can't be listening on 443. > > > > If I do the following: > > > > #openssl s_client -connect localhost:443 -state -debug > > > > I get: > > > > connect: Connection refused > > connect:errno=61 > > I've even tried copying all my virtual hosts and changing :80 to > > :443, still nothing. > > > > This is really the first time I've ever touched ssl, so I'm > hoping > > I'm missing something really dumb. I've basically just got the > > standard ssl.conf example modified ever so slightly so that > things > > point in the right place. > > > > ? > > > > Any ideas? > > > > > > Cheers > > Glyn > > > > > > ___________________________________________________________ > > > Yahoo! Mail is the world's favourite email. Don't settle for > less, sign up for > > your free account today > http://uk.rd.yahoo.com/evt=44106/*http://uk.docs.yahoo.com/mail/winter07.html > > > > ______________________________________________________________________ > > Apache Interface to OpenSSL (mod_ssl) > www.modssl.org > > User Support Mailing List > modssl-users@modssl.org > > Automated List Manager > [EMAIL PROTECTED] > > > -- > Omar W. Hannet > http://www.allez-oop.net/ > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) > www.modssl.org > User Support Mailing List > modssl-users@modssl.org > Automated List Manager > [EMAIL PROTECTED] > ___________________________________________________________ Yahoo! Answers - Got a question? Someone out there knows the answer. Try it now. http://uk.answers.yahoo.com/ ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager [EMAIL PROTECTED]