Re: Re: SSL problem + Apache 1.3.33

To: <debian-user@lists.debian.org>
Subject: Re: Re: SSL problem + Apache 1.3.33
From: "Belikov Anton" <Anton.Belikov@egip.com>
Date: Mon, 22 Aug 2005 12:02:43 +0200
Message-id: <[🔎] 5463585A29C1534C8D4CDBD6DB95785D589EB2@mail.agamus.com>

Title: Re: Re: SSL problem + Apache 1.3.33

Hi all,
I had a problem with the same symptoms, and in my case I got read of it by fixing virtual host definition. See below two VH sections; one of them doesn't work and the other works fine. Hope It can be usefull.

-------- this doesn't work
<VirtualHost ip_address:443>
ServerName ....
SSLEngine On

SSLCertificateFile path_to_sertificate
SSLCertificateKeyFile path_to_key

DocumentRoot .....
CustomLog /var/log/httpd/egipssl_access.log combined
ErrorLog /var/log/httpd/ssl_test_error.log

   <IfModule mod_perl.c>
       PerlModule Apache::DBI
       PerlOptions +Parent
       PerlRequire "/etc/httpd/conf/addon-modules/apache2-mod_perl-startup.pl"
       PerlSwitches -I....
    </IfModule>
    <Directory ....>
       Order allow,deny
       Allow from all
    </Directory>
    <Directory ....>
        Options +ExecCGI
       <IfModule mod_perl.c>
           Sethandler perl-script
           PerlResponseHandler ModPerl::Registry
           PerlOptions +ParseHeaders
       </IfModule>
    </Directory>

</VirtualHost>
---------------------------

---------- and this works
<VirtualHost host_name:443>

DocumentRoot ....

<IfModule mod_perl.c>
PerlModule Apache::DBI
PerlOptions +Parent
PerlRequire "/etc/httpd/conf/addon-modules/apache2-mod_perl-startup.pl"
PerlSwitches -I....
</IfModule>

<Directory ....>
       Order allow,deny
       Allow from all
    </Directory>
    <Directory ....>
        Options +ExecCGI
       <IfModule mod_perl.c>
           Sethandler perl-script
           PerlResponseHandler ModPerl::Registry
           PerlOptions +ParseHeaders
       </IfModule>
    </Directory>

ServerName ....
ServerAdmin .....

ErrorLog logs/ssl_error_log

<IfModule mod_log_config.c>
TransferLog logs/ssl_access_log
</IfModule>

SSLEngine on

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile path_to_sertificate
SSLCertificateKeyFile path_to_key

SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

</IfModule>

<IfModule mod_log_config.c>
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</IfModule>

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteOptions inherit
</IfModule>
</VirtualHost>
----------------------------------

It is worth to mention that in my config there are some normal (non-ssl) name-based virtual hosts, defined before the SSL virtual host section

Reply to:

Prev by Date: Re: tclConfig.sh and tkConfig.sh are not included in the binary distribution
Next by Date: Sieve: No access
Previous by thread: Re: Re: SSL problem + Apache 1.3.33
Next by thread: Cannot open master side of pty
Index(es):
- Date
- Thread