Re: apache+ssl

To: debian-user@lists.debian.org
Subject: Re: apache+ssl
From: Andrew Sackville-West <andrew@farwestbilliards.com>
Date: Mon, 4 Jun 2007 19:48:52 -0700
Message-id: <[🔎] 20070605024851.GA2667@localhost.localdomain>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 4664A536.6010603@tacocat.net>
References: <4663AC92.1090403@tacocat.net> <[🔎] 4664A536.6010603@tacocat.net>

On Mon, Jun 04, 2007 at 07:50:14PM -0400, Tom Allison wrote:
> Tom Allison wrote:
> >
> >OK, at one point in my life I had something working for a very brief 
> >period that looked like https.
> >Unfortunately after a few days... it stopped.  Never got it working 
> >again...
> 
> I've found a number of mailing lists in search engines that talk about
> 
> openssl s_client -connect localhost:443 -state -debug -showcerts
> connect: Connection refused
> connect:errno=29

I only get that error when I do 

openssl s_client

as soon as i put in the -connect localhost:443 part, it connects. And
I get various bits of output. (including some errors). I don't really
know about this, so i don't know how to interpret that except that
perhaps you are not listening on 443? I also get that error if I try
to connect to a port that I know is not listening, so I think that
might be the problem (simple as it may be...). 

> 
> I'm really frustrated with this SSL stuff, is this like a state secret or 
> something?

probably 

> 
> I've tried rebuilding keys using every possible combination I can find for 
> doing it.  The latest was
> openssl req -new -x509 -nodes -out server.crt -keyout server.key
> taken straight from the apache2.2 site.
> 
> I'm stuck.  How do you get SSL to work?
> 
> I did have this under apache 1 years ago.
> 
> How do you do it under Apache 2.2?
> 
> I created the keys as mentioned above.
> I enabled ssl.conf
> I added to http.conf the following:
> SSLEngine on
> 

FWIW, this is what is in my /etc/apache2.2/sites-available/default
that might be pertinent. note that i made the key and cert using a
multi-step procedure that I can't find right now...


NameVirtualHost 192.168.2.3:80
NameVirtualHost 192.168.2.3:443

<VirtualHost 192.168.2.3:443>
...
        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/cert.pem
        SSLCertificateKeyFile /etc/apache2/ssl/key.pem
        DocumentRoot /var/www/
 ...
</VirtualHost>



> and found that even though it was listed in ssl.conf I also had to include 
> the Directives for the CertificatFile, CertificatKeyFile, Cache and that 
> would at least allow it to start, but not serve a page.
> 
> Also tried moving all the SSL directives into the <VirtualHost *> Directive 
> and that also started but did nothing.
> 
> 
> 
> HOWTO?  Anyone have a HOWTO that actually works?

how about this one? 


http://www.debian-administration.org/articles/349

it includes a few links to some other stuff as well.

hth

A

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- apache+ssl
  - From: Tom Allison <tom@tacocat.net>

Prev by Date: Re: I am ANGRY with Debian.
Next by Date: console too long after stopping x
Previous by thread: apache+ssl
Next by thread: Re: apache+ssl
Index(es):
- Date
- Thread