This is my first experience with SSL. I have done the Google thing and searched Apache FAQ etc but found nothing regarding my problem.
In a nutshell, I have the following file structure: /var/ssl/www/index.html /var/ssl/www/budget/index.html Everything in both paths is owned by root and either 755 or 644 as appropriate for directories and files. I have the server working for /var/ssl/www/index.html but I get a "HTTP Error 403 - Forbidden" error trying to view /var/ssl/www/budget/index.html The logs are uninformative as to WHY access to /var/ssl/www/budget/index.html is being forbidden. My impression was that subdirectories should inherit the access rights of their parent if I do nothing to override that behavior. I have an http server configured similarly running in the same instance of Apache 2.2.6 (on port 2080 so as to not conflict with my production web site running on port 80). It works as expected, including acces to subdirectories. The URLs are https://daniel.ameriroots.com and http://daniel.ameriroots.com:2080 I have reduced the httpd.conf file to the following essentials (this is what is presently running on the above URLs): ################################################################################# # Main Server Configuration ################################################################################# ServerRoot /usr/daniel/apache2 ServerName danniel.ameriroots.com ServerAdmin [EMAIL PROTECTED] Listen 64.249.12.251:2080 Listen 64.249.12.251:443 User www Group www <Directory /> Options FollowSymLinks AllowOverride None Order deny,allow Deny from all </Directory> DirectoryIndex index.html <FilesMatch "^\.ht"> Order allow,deny Deny from all Satisfy All </FilesMatch> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common ErrorLog /var/log/apache_error_log2 LogLevel info CustomLog /var/log/apache_access_log2 combined ################################################################################# # HTTP SERVER ON PORT 2080 ################################################################################# <VirtualHost _default_:2080> ErrorLog /var/log/http_error_log2 LogLevel info CustomLog /var/log/http_access_log2 combined DocumentRoot /var/www <Directory /var/www> Allow from all </Directory> </VirtualHost> ################################################################################# # HTTPS SERVER ON PORT 443 ################################################################################# SSLCertificateFile /var/ssl/conf/daniel.crt SSLCertificateKeyFile /var/ssl/conf/daniel.key <VirtualHost _default_:443> SSLEngine On CustomLog /var/log/https_access_log2 combined ErrorLog /var/log/https_error_log2 LogLevel info BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 DocumentRoot /var/ssl/www <Directory /var/ssl/www> Allow from all </Directory> </VirtualHost> The log files are unenlightening, even at debug level where I get lots of detail on SSL calculations, but a simple access denied message on the file itself. What am I missing here? ____________________________________________________________________________________ Never miss a thing. Make Yahoo your home page. http://www.yahoo.com/r/hs ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager [EMAIL PROTECTED]