RE: Virtual Hosting Problem
From: Danalien [mailto:[EMAIL PROTECTED]] As I know, you can only bind one uniqe ip to one SSL virtual host. not quite - see below.. and from what I have read, you can't use name-based SSL virtual host(s) either, as a work around. Mostly right, but with one privisio: You cannot do name-based VHs with SSL but you can have many SSL port-based VHs on ONE IP address.. To understand why - Because in SSL the contents of the TCP/IP packets are encrypted, you can only use external TCP/IP attributes (i.e. IP address and port number) to route the packets. For name-based VHing, you need access to the Host header which is an HTTP attribute (i.e. it is inside the TCP/IP packet). This is visible in plain HTTP but not visible in SSL. (48)Address already in use: make_sock: could not bind to address [::]:447 no listening sockets available, shutting down This usually means that some other process is already using port 447. Check /etc/services for a list of pre-defined ports, also verify that you have completely killed all other instances of apache which may have been blocking the port (ps -ef ¦ grep httpd). Rgds, Owen Boyle __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
[BugDB] SSL_connect:error in SSLv2/v3 read server hello A (PR#738)
Full_Name: Keith Mastin Version: mod_ssl-2.8.5-3 OS: Redhat 7.2 Submission from: (NULL) (216.138.194.32) The webserver has a site http:www.mcleodlake.com that I configured ssl with a document root directory of mcleodlake.com/webmail/, where I have squirrelmail running. I want the login process for squirrelmail to be encrypted. The login.php file is mcleodlake.com/webmail/src/login.php. Sometimes the server cannot find the login.php file, and sometimes it can, but does not open the file under https, instead it always opens it under http. I did a debug: [root@laird1 html]# openssl s_client -connect localhost:443 -state -debug CONNECTED(0003) SSL_connect:before/connect initialization write to 0814D6D0 [0184D718] (124 bytes = 124 (0x7C)) - 80 7a 01 03 01 00 51 00-00 00 20 00 00 16 00 00 .zQ... . 0010 - 013 00 00 0a 07 00 c0 00-00 66 00 00 05 00 00 04 .f.. 0020 - 03 00 80 01 00 80 08 00-80 00 00 65 00 00 64 00 ...e..d. 0030 - 00 63 00 00 62 00 00 61-00 00 60 00 00 15 00 00 .c..b..a..`. 0040 - 12 00 00 09 06 00 40 00-00 14 00 00 11 00 00 08 ..@. 0050 - 00 00 06 00 00 03 04 00-80 02 00 80 5c 9a 76 a0 \.v. 0060 - d7 67 cc 16 77 1b 0d 93-8a 85 cc b9 ce b5 fe 46 .g..w..F 0070 - 76 b8 ab 8b d9 db 2f 09-3e 98 b4 84 v./ SSL_connect:SSLv2/v3 write client hello A read from 0814D6D0 [08152C79] (7 bytes = 7 (0x7)) -03c 21 44 4f 43 54 59 !DOCTY SSL_connect:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:460: __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
modssl and htaccess
Hi, I am running apache 1.3.23 with modssl. I have setup a htaccess file in a directory, but it isn't being picked up. I have set the Directory / Options FollowSymLinks AllowOverride AuthConfig /Directory I seem to remember that I might have to set somthing in the SSL options in the virtual host section of my httpd.conf Can anyone suggest some possible cause to why my htaccess file is being ignored. The contents of my htaccess file is AuthUserFile /apps/apache/bin/.htpasswd AuthGroupFile /dev/null AuthName Restricted Site AuthType Basic Limit GET POST require valid-user /Limit Thanks in advance for any suggestions that you can provide cheers Mike -- __ Sign-up for your own FREE Personalized E-mail at Mail.com http://www.mail.com/?sr=signup Get 4 DVDs for $.49 cents! plus shipping processing. Click to join. http://adfarm.mediaplex.com/ad/ck/990-1736-3566-59 __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: modssl and htaccess
From: Michael O'Brien [mailto:[EMAIL PROTECTED]] Can anyone suggest some possible cause to why my htaccess file is being ignored. The contents of my htaccess file is AuthUserFile /apps/apache/bin/.htpasswd AuthGroupFile /dev/null AuthName Restricted Site AuthType Basic Limit GET POST require valid-user /Limit AuthUserFile is supposed to point at the file containing your usernames and passwords. Did you really do: cd /apps/apache/bin ./htpasswd -c .htpasswd username when you were making your password file? (i.e. why call a password file nearly the same as the binary that made it and put it in a bin directory?) I usually have things like: AuthUserFile /home/site/admin/passwords/member_section.pwd Which is a whole lot less confusing... Anyway: Is your htaccess file really called htaccess? Is so, do you have: AccessFileName htaccess because the default is .htaccess and htaccess will not work on its own (all these leading dots are part of the filename, remember). Otherwise, check the error log and post the results. Rgds, Owen Boyle __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
RE: Apache Mod_SSL Cannot load /modules/mod_ssl.so
You can do that or you can put the path to your OPENSSL's bin directory in your PATH environment variable and start the server under that environment. -Noah -Original Message- From: David W [mailto:[EMAIL PROTECTED]] Sent: Sunday, July 28, 2002 2:20 PM To: [EMAIL PROTECTED] Subject: Re: Apache Mod_SSL Cannot load /modules/mod_ssl.so Hopefully I'm not duplicating someone else's response, but I think your answer can be found by searching the archives. It looks like you didn't copy the openssl dlls into your c:\winnt\system32 directory. You need: libeay32.dll ssleay32.dll -david --- Oliver Enders [EMAIL PROTECTED] wrote: Hello ervebody, I´ve got the following problem: I´ve installed a apache_1.3.23 with OpenSSL, mod_ssl and mod_jk with WIN 2000 everything works fine when the LoadModule for mod_ssl is commented out. After including the LoadModule line, i get the following Syntax Error: Syntax error on line 195 of c:/ptc/apache/conf/httpd.conf: Cannot load /modules/mod_ssl.so into server: (126) Das angegebene Modul wurde nicht gefunden: (Module couldnt be found) But it is the definately there !! I´ve allready set the PATH in the system variables to /apache/conf/ because i thought that might be the problem, but the path in the Error-message is absoloute, so it cant be.. Has anybody had/solved the same problems ?? Thanx a lot Oliver __ Do You Yahoo!? Yahoo! Health - Feel better, live better http://health.yahoo.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
simple question
i am very new to mod_ssl. i am trying to figure out how to set up some specific directories to accept ssl connection. i have looked at the documentation and the mail archives, but was unable to decpiher how to do this. when i look at the httpd.conf file, i saw a documentroot specifing the root directory of my webserver. if i changed that to a directory below, it doesn't seem to affect whether or not the root document is no longer ssl enable. any help would be appreciated. Peter Choe __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Port-based questions?
I would like to clear up port-based hosting for mod-ssl: 1. https looks for port 443, but you can change that to any port with modification to the apache configure file and also as long as you specify the port in the url (https;//sample.com:445). 2. Mod-ssl does not work for name based hosting. Me must use ports in order for it to work. 3. Can you specify more than one port to bind https? What if your only have 1 ip address and 10 different domain names. What do you do then? Place the domain names behind you firewall and use a class a,b or c ip addresses? 4. If mod-ssl can be placed on more any one port what does the config file look like, I keep getting errors. All the docs I've read said that name-based virtual do not work. They do not say that multiple ports can not be specified. I have been looking for a solid answer for 3 weeks and thanks to all who answer my questions. J __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]