Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 184
  • Last Modified:

Pls help me set up SSL.. My httpd.conf file has nothing about SSL

I am trying to set up SSL using port 443. My httpd.conf file has no examples of how to set this up. Can someone ple help me put the right stuff in my config file. Also do I have to add to my listening port 443 and duplicate the virtual host as 443. Here's what I have so far:

Listen 10.1.1.3:80
Port 80
NameVirtualHost *:80
<VirtualHost *:80>
    ServerName mydomain.com
    ServerAlias *.mydomain.com
    DocumentRoot /my/path
</VirtualHost>
<Directory "/my/path">
    AllowOverride All
</Directory>

Thanks in advance to all the commnuity for any help they can share.


0
bemara57
Asked:
bemara57
  • 5
  • 2
  • 2
1 Solution
 
periwinkleCommented:
Which version of Apache?
0
 
rhickmottCommented:
Can you go to

http://web-sniffer.net/

Select HTTP Version 1.1 and Request Type POST.

Leave the Agent as it is and then post up the results.

0
 
rhickmottCommented:
Apologies wrong Question :(
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
rhickmottCommented:
How far have you got?

You will then need to modify the separate conf for Mod SSL. How far have you got have you been given your key and certificate yet or have you generated them yourself? Basically you will need to set up your http as normal using standard HTTP.CONF setup. there is then an additional one for ModSSL which you can merge if you wish. This sets up the listen port for HTTPS.

Once you have done this your Virtual Hosts section should look like this.


<VirtualHost *:443>
         SSLEngine On
         SSLCertificateFile conf/ssl/server.cert
         SSLCertificateKeyFile conf/ssl/server.key
</VirtualHost>

NameVirtualHost *:80

<VirtualHost *:80>
     #Use The standard server definitions or define your virtual hosts as normal under this
</VirtualHost>
0
 
periwinkleCommented:
rhickmott - I'm wondering if the user has Apache 2.x where there are multiple configuration files, or if SSL support has even been compiled into the executable.
0
 
rhickmottCommented:
Basically yes Its impossible to process without knowing the version and how far they have got. If the OP hasent even generated a CSR request and have a signed certificate then this question can get quite extensive :)

The company I work for has a standard Apache 2 conf file which makes it easier for some ofthe admins to configure but it has everything needed for HTTPS in one file and not that extensively difficult to work with. It also depends on the OS as well.

Whats the OS?
Whats the Apache Version?
How far have you got setting it up?

Is basically the information we need.
0
 
bemara57Author Commented:
I am using AIX Unix 4.3.3 and Apache 1.3.26

I have already gotten the SSL certificate and key files generated for me. They actually came from another server. We are moving our website from one server to another (Apache to Apache). So I have already got the 2 files from the other server. Now I have to configure my new webserver Apache 1.3.26.
0
 
rhickmottCommented:
Ok what do you currently have in your httpd.conf file?

Im assuming you have compiled Apache with mod_ssl. In which case you will need to uncomment the

LoadModule ssl_module modules/mod_ssl.so

Line in your Apache Setup.

At the end of the file before your Virtual Hosts try adding the following.

<IfModule mod_ssl.c>
         
      ## Handle SSL
      Listen 443

      #SSL Types
      AddType application/x-x509-ca-cert .crt
      AddType application/x-pkcs7-crl    .crl

      SSLPassPhraseDialog  builtin
          SSLSessionCache none
      SSLSessionCacheTimeout  300      
      SSLMutex default
      SSLRandomSeed startup builtin
      SSLRandomSeed connect builtin
      SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
      
      <VirtualHost *:443>

            #  General setup for the virtual host
            DocumentRoot <HTTPSDOCROOT>
            ServerName *:443
            ServerAdmin you@yourdomain.com
            ErrorLog logs/error.log
            TransferLog logs/access.log
                  
            <Directory "HTTPSDOCROOT">
                      Options FollowSymLinks
                      AllowOverride All
                      Order allow,deny
                      Allow from all
            </Directory>

            <Files ~ "\.(cgi|shtml|phtml|php3?)$">
                      SSLOptions +StdEnvVars
            </Files>
            <Directory "cgi-bin">
                      SSLOptions +StdEnvVars
            </Directory>
      
            CustomLog logs/ssl_request_log \
                "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

            SSLEngine On
            SSLCertificateFile conf/ssl/server.cert
            SSLCertificateKeyFile conf/ssl/server.key
      </virtualhost>
</IfModule>

And then above your Virtual Host declarations add.

<VirtualHost *:443>
        SSLEngine On
        SSLCertificateFile conf/ssl/server.cert
        SSLCertificateKeyFile conf/ssl/server.key
</VirtualHost>

Making sure of course that that your server.cert and server.key files are in the right place ( <apache>/conf/ssl/ )

Let us know if you get any probs
0
 
bemara57Author Commented:
Thanks but there is no LoadModule ssl_module modules/mod_ssl.so line in my config file. Is it possible that I have to download and install this module onto Apache or does it always come with it?
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

  • 5
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now