RE: httpsd doesn't start
I was in your exact boat yesterday, (except I use RH 8), and my problem turned out to be that the default, out-of-the-box ssl.conf file has ssl logging to logs/whateverLogFile, and I don't have a logs subdirectory where I keep my ssl.conf. I commented out all the logging lines (and hopefully everything will work when I replace them with the real paths to the real logs) and it started up right away with /usr/sbin/httpd -k start -DSSL. I wish it would have complained about this everytime I tried to start it up rather than just returning a prompt as if everything was fine... HTHE -Original Message-From: Mike Burkhouse [mailto:[EMAIL PROTECTED]Sent: Thursday, March 13, 2003 11:42 AMTo: [EMAIL PROTECTED]Subject: httpsd doesn't start Hi All, I saw a couple of references to this problem in the archives, but none of the solutions there solved my problem. I am running: Red Hat 7.3 Apache 2.0.44 OpenSSL 0.9.7 1) I have a pretty vanilla httpd.conf running only one site and I am trying to set up a secure virtual site in /apache2/htdocs/secureSite/ . 2) I created my key and self-signed cert in /apache2/conf/ . 3) I configured apache2/conf/ssl.conf to point to the correct key and cert and with the correct path to the directory that I want to serve documents from I stop httpd and run apachectl startssl with no complaints, but only httpd starts, not httpsd, and nothing gets logged. I have no idea how to track down what has gone wrong. Can anyone offer any suggestions where to look? Sorry if this is not enough information - if you tell me what else you need, I am happy to provide it to you. Thanks, Mike
How to start mod ssl?
Hello all I just built from source apache 2 on RedHat 8 with this config: $-./configure --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --enable-mods-shared=all --enable-so --with-mpm=worker --enable-ssl --with-ssl=/usr/include/openssl --libexecdir=/usr/lib/httpd/modules --mandir=/usr/share/man --sysconfdir=/etc/httpd/conf --datadir=/var/www --localstatedir=/var --disable-imap --disable-dav --disable-dav_fs --disable-speling --disable-autoindex and it went smoothly, as did make and make install. I tried to startssl, but it complained about the cert and key file, so I built those using the makefile that RedHat provides to build dummy certs and keys, and that went smoothly. It then complained about the DocumentRoot, so I fixed that, and now it doesn't complain, but nothing happens. #-/usr/sbin/apachectl startssl #-ps -eaf | grep httpd root 19590 19172 0 13:53 pts/100:00:00 grep httpd #-/usr/sbin/httpd -DSSL #-ps -eaf | grep httpd root 19594 19172 0 13:53 pts/100:00:00 grep httpd I figured it was a weird situation so I tore out everything, and rebuilt from scratch. Twice, and yes, both times I md5summed the tarball. However, each time, if I don't start ssl, it works: #-/usr/sbin/httpd -k start #-ps -eaf | grep httpd root 19597 1 0 13:56 ?00:00:00 /usr/sbin/httpd -k start nobody 19598 19597 0 13:56 ?00:00:00 /usr/sbin/httpd -k start nobody 19599 19597 0 13:56 ?00:00:00 /usr/sbin/httpd -k start nobody 19600 19597 1 13:56 ?00:00:00 /usr/sbin/httpd -k start root 19658 19172 0 13:56 pts/100:00:00 grep httpd and then, I can connect to localhost, but not to port 443, even though I have no firewall at all. #-/sbin/iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination #-/usr/bin/openssl s_client -connect localhost:80 CONNECTED(0003) 19856:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:460: #-/usr/bin/openssl s_client -connect localhost:443 connect: Connection refused connect:errno=29 The syntax seems to be OK; I haven't changed anything but what I mentioned above - #-/usr/sbin/httpd -t Syntax OK #-/usr/sbin/httpd -S VirtualHost configuration: Syntax OK I'm (obviously) new to this whole thing, so I'd be grateful if anyone who's been through this before can steer me in the right direction. Thanks for your time E --- __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: How to 'start' mod ssl?
-Original Message- From: Aaron Stromas [mailto:[EMAIL PROTECTED] Did you add any directories to be served over SSL? e.g. for CGI, No, it is almost untouched. The only changes are to give it the path to the key file, the cert file, and the Document Root. Was I supposed to do something like that? Thanks Edmund Mitchell, Edmund said: Hello all I just built from source apache 2 on RedHat 8 with this config: $-./configure --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --enable-mods-shared=all --enable-so --with-mpm=worker --enable-ssl --with-ssl=/usr/include/openssl --libexecdir=/usr/lib/httpd/modules --mandir=/usr/share/man --sysconfdir=/etc/httpd/conf --datadir=/var/www --localstatedir=/var --disable-imap --disable-dav --disable-dav_fs --disable-speling --disable-autoindex and it went smoothly, as did make and make install. I tried to startssl, but it complained about the cert and key file, so I built those using the makefile that RedHat provides to build dummy certs and keys, and that went smoothly. It then complained about the DocumentRoot, so I fixed that, and now it doesn't complain, but nothing happens. #-/usr/sbin/apachectl startssl #-ps -eaf | grep httpd root 19590 19172 0 13:53 pts/100:00:00 grep httpd #-/usr/sbin/httpd -DSSL #-ps -eaf | grep httpd root 19594 19172 0 13:53 pts/100:00:00 grep httpd I figured it was a weird situation so I tore out everything, and rebuilt from scratch. Twice, and yes, both times I md5summed the tarball. However, each time, if I don't start ssl, it works: #-/usr/sbin/httpd -k start #-ps -eaf | grep httpd root 19597 1 0 13:56 ?00:00:00 /usr/sbin/httpd -k start nobody 19598 19597 0 13:56 ?00:00:00 /usr/sbin/httpd -k start nobody 19599 19597 0 13:56 ?00:00:00 /usr/sbin/httpd -k start nobody 19600 19597 1 13:56 ? 00:00:00 /usr/sbin/httpd -k start root 19658 19172 0 13:56 pts/1 00:00:00 grep httpd and then, I can connect to localhost, but not to port 443, even though I have no firewall at all. #-/sbin/iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination #-/usr/bin/openssl s_client -connect localhost:80 CONNECTED(0003) 19856:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:460: #-/usr/bin/openssl s_client -connect localhost:443 connect: Connection refused connect:errno=29 The syntax seems to be OK; I haven't changed anything but what I mentioned above - #-/usr/sbin/httpd -t Syntax OK #-/usr/sbin/httpd -S VirtualHost configuration: Syntax OK I'm (obviously) new to this whole thing, so I'd be grateful if anyone who's been through this before can steer me in the right direction. Thanks for your time E --- __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] -- Aaron Stromas | Tik-tik-tik!!!... ja, Pantani is weg... [EMAIL PROTECTED]| BRTN commentator +1 (301) 493 4933 | L'Alpe d'Huez http://www.izoard.com | 1995 Tour de France __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]