[vox-tech] mod_ssl (was: Mod_perl)

Ricardo Anguiano vox-tech@lists.lugod.org
03 Apr 2003 13:56:08 -0800


"Jay Strauss" <me@heyjay.com> writes:

> I'd be happy to, but...
> 
> I fixed one thing to break another.  Maybe someone could help me fix this: I
> can now server https but not http, it has something to do with the Port
> directives and the Listen Directive and the virtual server directives.  I
> just a total newbie with apache config
> 
> below are my config files

Jay,

You need two listen statements, so apache listens on both ports:

        Listen 80
        Listen 443

I also didn't see a NameVirtualHost entry.

        http://httpd.apache.org/docs-2.0/mod/core.html#namevirtualhost

I have two NameVirtualHost entries in my httpd.conf file.  See below
for the relevant httpd.conf section.  Let me know if you want a copy
of my entire config file.

HTH,
-- 
Ricardo Anguiano
http://www.codesourcery.com

------------------------------------------------------------------------
NameVirtualHost *
NameVirtualHost *:443
########################################################################
# http://foo.example.com
########################################################################
<VirtualHost *>
ServerName foo.example.com
ServerAdmin webmaster@example.com
DocumentRoot /var/inet/hello
</VirtualHost>

########################################################################
# https://foo.example.com
########################################################################
<VirtualHost *:443>
ServerName foo.example.com
ServerAdmin webmaster@example.com
DocumentRoot "/var/inet/shello"

# LOGGING
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
CustomLog logs/ssl_request_log \
%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

# SSL
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

</VirtualHost>