PDA

Click to See Complete Forum and Search --> : [SOLVED]SSL - Am I missing something?

MastaShake57
03-01-2006, 12:02 PM
I'd like to think I'm pretty astute when it comes to linux, but g*ddamn it, the SSL config in Apache is kicking my ***!

I've searched the forums, read various articles and I woud like to think I followed it correctly, but I'm missing something...

Can anyone help?

Here are the stats:
Server version: Apache/1.3.33 (Debian GNU/Linux)

Compiled-in modules:
http_core.c
mod_so.c
mod_macro.c
suexec: disabled; invalid wrapper /usr/lib/apache/suexec

# Autogenerated file - do not edit!
# This file is maintained by the apache package.
# To update it, run the command:
# /usr/sbin/apache-modconf apache
ClearModuleList
AddModule mod_so.c
AddModule mod_macro.c
LoadModule config_log_module /usr/lib/apache/1.3/mod_log_config.so
LoadModule mime_magic_module /usr/lib/apache/1.3/mod_mime_magic.so
LoadModule mime_module /usr/lib/apache/1.3/mod_mime.so
LoadModule negotiation_module /usr/lib/apache/1.3/mod_negotiation.so
LoadModule status_module /usr/lib/apache/1.3/mod_status.so
LoadModule autoindex_module /usr/lib/apache/1.3/mod_autoindex.so
LoadModule dir_module /usr/lib/apache/1.3/mod_dir.so
LoadModule cgi_module /usr/lib/apache/1.3/mod_cgi.so
LoadModule userdir_module /usr/lib/apache/1.3/mod_userdir.so
LoadModule alias_module /usr/lib/apache/1.3/mod_alias.so
LoadModule rewrite_module /usr/lib/apache/1.3/mod_rewrite.so
LoadModule access_module /usr/lib/apache/1.3/mod_access.so
LoadModule auth_module /usr/lib/apache/1.3/mod_auth.so
LoadModule expires_module /usr/lib/apache/1.3/mod_expires.so
LoadModule setenvif_module /usr/lib/apache/1.3/mod_setenvif.so
LoadModule perl_module /usr/lib/apache/1.3/mod_perl.so
LoadModule ssl_module /usr/lib/apache/1.3/mod_ssl.so
LoadModule php4_module /usr/lib/apache/1.3/libphp4.so


Listen 20.1.1.12:80
Listen 20.1.1.13:443

NameVirtualHost 20.1.1.12:80
NameVirtualHost 20.1.1.13:80

<VirtualHost 20.1.1.12:80>
ServerName www.my-site.com
DocumentRoot /var/www/www.my-site.com
ServerAdmin webmaster@my-site.com
ErrorLog /var/www/logs/www.my-site.com-error.log
CustomLog /var/www/logs/www.my-site.com-custom.log common
</VirtualHost>

<VirtualHost 20.1.1.12:80>
ServerName www2.my-site.com
DocumentRoot /var/www/www2.my-site.com
ServerAdmin mailmaster@my-site.com
ErrorLog /var/www/logs/www2.my-site.com-error.log
CustomLog /var/www/logs/www2.my-site.com-custom.log common
</VirtualHost>

<VirtualHost 20.1.1.12:80>
ServerName www3.my-site.com
DocumentRoot /var/www/www3.my-site.com
ServerAdmin mailmaster@my-site.com
ErrorLog /var/www/logs/www3.my-site.com-error.log
CustomLog /var/www/logs/www3.my-site.com-custom.log common
</VirtualHost>

<VirtualHost 20.1.1.12:80>
ServerName www4.my-site.com
DocumentRoot /var/www/www4.my-site.com
ServerAdmin webmaster@my-site.com
ErrorLog /var/www/logs/www4.my-site.com-error.log
CustomLog /var/www/logs/www4.my-site.com-custom.log common
</VirtualHost>

<VirtualHost 20.1.1.13:80>
ServerName webmail.my-site.com
DocumentRoot /var/www/webmail.my-site.com
ServerAdmin webmaster@my-site.com

# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile /etc/apache/ssl.crt/webmail.crt
SSLCertificateKeyFile /etc/apache/ssl.key/webmail.key

ErrorLog /var/www/logs/webmail.my-site.com-error.log
TransferLog /var/www/logs/webmail.my-site.com-custom.log

# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog /var/www/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
cybertron
03-01-2006, 06:58 PM
I'm no expert on SSL in Apache either, but I think you need the last virtual host listening on port 443 for it to work with SSL (change the 80 to 443). You may also want to set up a redirect for it so regular HTTP requests get sent to HTTPS.
MastaShake57
03-02-2006, 01:17 AM
Thanks for the tip!

Got it working!
I feel like a douche

Listen on 443 AND NameVirtualHost on 443.

:-D