James James <jre...@gmail.com> writes:
> [root@webkdc ~]# env PERL_LWP_SSL_VERIFY_HOSTNAME=0 GET
> https://localhost/webkdc-service/
> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <html><head>
> <title>404 Not Found</title>
> </head><body>
> <h1>Not Found</h1>
> <p>The requested URL /webkdc-service/ was not found on this server.</p>
> <hr>
> <address>Apache/2.2.15 (Scientific Linux) Server at localhost Port
> 443</address>
> </body></html>
Aha! Okay, now we're getting somewhere.
> I don't have multiple SSL vhost on this server. There is the <VirtualHost
> _default_:443>
> and <VirtualHost webkdc.example.com:443> ...
That's two different SSL vhosts, though. :) I'm guessing that only the
latter has the /webkdc-service/ definition, and the former doesn't?
I think there are three possible fixes:
1. Combine the _default_ and webkdc.example.com virtual hosts into just a
single _default_ virtual host (or, better, a *:443 virtual host).
2. Add:
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0;
to /etc/webkdc/webkdc.conf and go back to using the webkdc.example.com
URL.
3. Add:
$ENV{PERL_LWP_SSL_CA_FILE} = '/path/to/ca/file';
to /etc/webkdc/webkdc.conf where the path points to the CA that signed
your webkdc.example.com SSL certificate.
I'd recommend the first solution, since it simplifies your Apache
configuration.
--
Russ Allbery <ea...@windlord.stanford.edu>
Technical Lead, ITS Infrastructure Delivery Group, Stanford University
