Solved

Pls help me set up SSL.. My httpd.conf file has nothing about SSL

Posted on 2006-11-21
9
176 Views
Last Modified: 2012-05-05
I am trying to set up SSL using port 443. My httpd.conf file has no examples of how to set this up. Can someone ple help me put the right stuff in my config file. Also do I have to add to my listening port 443 and duplicate the virtual host as 443. Here's what I have so far:

Listen 10.1.1.3:80
Port 80
NameVirtualHost *:80
<VirtualHost *:80>
    ServerName mydomain.com
    ServerAlias *.mydomain.com
    DocumentRoot /my/path
</VirtualHost>
<Directory "/my/path">
    AllowOverride All
</Directory>

Thanks in advance to all the commnuity for any help they can share.


0
Comment
Question by:bemara57
  • 5
  • 2
  • 2
9 Comments
 
LVL 15

Expert Comment

by:periwinkle
ID: 17988183
Which version of Apache?
0
 
LVL 13

Expert Comment

by:rhickmott
ID: 17988241
Can you go to

http://web-sniffer.net/

Select HTTP Version 1.1 and Request Type POST.

Leave the Agent as it is and then post up the results.

0
 
LVL 13

Expert Comment

by:rhickmott
ID: 17988243
Apologies wrong Question :(
0
 
LVL 13

Expert Comment

by:rhickmott
ID: 17988339
How far have you got?

You will then need to modify the separate conf for Mod SSL. How far have you got have you been given your key and certificate yet or have you generated them yourself? Basically you will need to set up your http as normal using standard HTTP.CONF setup. there is then an additional one for ModSSL which you can merge if you wish. This sets up the listen port for HTTPS.

Once you have done this your Virtual Hosts section should look like this.


<VirtualHost *:443>
         SSLEngine On
         SSLCertificateFile conf/ssl/server.cert
         SSLCertificateKeyFile conf/ssl/server.key
</VirtualHost>

NameVirtualHost *:80

<VirtualHost *:80>
     #Use The standard server definitions or define your virtual hosts as normal under this
</VirtualHost>
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 15

Expert Comment

by:periwinkle
ID: 17988358
rhickmott - I'm wondering if the user has Apache 2.x where there are multiple configuration files, or if SSL support has even been compiled into the executable.
0
 
LVL 13

Expert Comment

by:rhickmott
ID: 17988421
Basically yes Its impossible to process without knowing the version and how far they have got. If the OP hasent even generated a CSR request and have a signed certificate then this question can get quite extensive :)

The company I work for has a standard Apache 2 conf file which makes it easier for some ofthe admins to configure but it has everything needed for HTTPS in one file and not that extensively difficult to work with. It also depends on the OS as well.

Whats the OS?
Whats the Apache Version?
How far have you got setting it up?

Is basically the information we need.
0
 

Author Comment

by:bemara57
ID: 17989303
I am using AIX Unix 4.3.3 and Apache 1.3.26

I have already gotten the SSL certificate and key files generated for me. They actually came from another server. We are moving our website from one server to another (Apache to Apache). So I have already got the 2 files from the other server. Now I have to configure my new webserver Apache 1.3.26.
0
 
LVL 13

Accepted Solution

by:
rhickmott earned 500 total points
ID: 17989392
Ok what do you currently have in your httpd.conf file?

Im assuming you have compiled Apache with mod_ssl. In which case you will need to uncomment the

LoadModule ssl_module modules/mod_ssl.so

Line in your Apache Setup.

At the end of the file before your Virtual Hosts try adding the following.

<IfModule mod_ssl.c>
         
      ## Handle SSL
      Listen 443

      #SSL Types
      AddType application/x-x509-ca-cert .crt
      AddType application/x-pkcs7-crl    .crl

      SSLPassPhraseDialog  builtin
          SSLSessionCache none
      SSLSessionCacheTimeout  300      
      SSLMutex default
      SSLRandomSeed startup builtin
      SSLRandomSeed connect builtin
      SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
      
      <VirtualHost *:443>

            #  General setup for the virtual host
            DocumentRoot <HTTPSDOCROOT>
            ServerName *:443
            ServerAdmin you@yourdomain.com
            ErrorLog logs/error.log
            TransferLog logs/access.log
                  
            <Directory "HTTPSDOCROOT">
                      Options FollowSymLinks
                      AllowOverride All
                      Order allow,deny
                      Allow from all
            </Directory>

            <Files ~ "\.(cgi|shtml|phtml|php3?)$">
                      SSLOptions +StdEnvVars
            </Files>
            <Directory "cgi-bin">
                      SSLOptions +StdEnvVars
            </Directory>
      
            CustomLog logs/ssl_request_log \
                "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

            SSLEngine On
            SSLCertificateFile conf/ssl/server.cert
            SSLCertificateKeyFile conf/ssl/server.key
      </virtualhost>
</IfModule>

And then above your Virtual Host declarations add.

<VirtualHost *:443>
        SSLEngine On
        SSLCertificateFile conf/ssl/server.cert
        SSLCertificateKeyFile conf/ssl/server.key
</VirtualHost>

Making sure of course that that your server.cert and server.key files are in the right place ( <apache>/conf/ssl/ )

Let us know if you get any probs
0
 

Author Comment

by:bemara57
ID: 18003878
Thanks but there is no LoadModule ssl_module modules/mod_ssl.so line in my config file. Is it possible that I have to download and install this module onto Apache or does it always come with it?
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now