Solved

Apache2/mod_ssl: I can't connect to an SSL enabled VHost

Posted on 2003-11-10
5
859 Views
Last Modified: 2012-05-04
I use SuSE 9 and Apache 2.0.47 with pre-fork. I used the default SSL Vhost template "/etc/apache2/vhost.d/ssl_vhost.template" I created a self signed cert using the following:
1. openssl -genrsa -des3 -out server.key
2. openssl -req -key ../ssl.key/server.key -days 365 -out server.crt
3. entered the passphrase
4. Entered my cert details.

When I tryied to start apache2 (rcapache2 restart) it asked me for the passphrase and timed out to soon so I starteed it "manualy" (#: httpd2) and entered the passphrase and the server started. However any attempt to connect to the vhost loads the homepage (main server) and SSL connections are refused.
All help appreciated.
0
Comment
Question by:BLaCkDraGoN
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 22

Accepted Solution

by:
pjedmond earned 250 total points
ID: 9720943
I presume that somewhere in your httpd.conf you have the following lines or similar

Listen *:80
Listen *:443

If you are not listening on port 443, then you'll get the connection refused.

As a test, you can telnet to port 443, and it should connect if ssl is enabled - if not then you'll get a comment to the effect that you could not connect/connection failed.

0
 
LVL 22

Expert Comment

by:pjedmond
ID: 9720951
Another idea...just to get the system up and running, is try creating a key without a pass phrase (FOR TEST PURPOSES ONLY), and see if that works for you.

Always start at the simplest level, and then add complexity:)
0
 
LVL 1

Author Comment

by:BLaCkDraGoN
ID: 9723953
Their is the line:
Listen 80
Listen 443
NameVirtualHost *

in /etc/apache2/listen.conf (SuSE9 has "modularised" the configuration)
Normaly when I connect to a vhost I get a "403 Error" because I have disallowed indexes so I am going to assume that either the server is having a problem with the ssl configuration or my certificates are invalid does the server normaly request passphrases at startup I read somewhere about "SSLPassphrase Internal" set the system up not to "nag" for a passphrase without using unencrypted certs. (This is still part of the origional question).
0
 
LVL 1

Author Comment

by:BLaCkDraGoN
ID: 10531615
I have decided to stop this Question as I discovered that I already have another similar one Open. I will only award 100pts IN THIS QUESTION but 300 in the next one to the best answer.
~BD~
0
 
LVL 1

Author Comment

by:BLaCkDraGoN
ID: 10531620
OOPs forgot I cant decrease points! Oh well that makes a potential 550 points up-for-grabs!
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question