Pls help me set up SSL.. My httpd.conf file has nothing about SSL

I am trying to set up SSL using port 443. My httpd.conf file has no examples of how to set this up. Can someone ple help me put the right stuff in my config file. Also do I have to add to my listening port 443 and duplicate the virtual host as 443. Here's what I have so far:

Listen 10.1.1.3:80
Port 80
NameVirtualHost *:80
<VirtualHost *:80>
    ServerName mydomain.com
    ServerAlias *.mydomain.com
    DocumentRoot /my/path
</VirtualHost>
<Directory "/my/path">
    AllowOverride All
</Directory>

Thanks in advance to all the commnuity for any help they can share.


bemara57Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Robin HickmottConnect With a Mentor Software DeveloperCommented:
Ok what do you currently have in your httpd.conf file?

Im assuming you have compiled Apache with mod_ssl. In which case you will need to uncomment the

LoadModule ssl_module modules/mod_ssl.so

Line in your Apache Setup.

At the end of the file before your Virtual Hosts try adding the following.

<IfModule mod_ssl.c>
         
      ## Handle SSL
      Listen 443

      #SSL Types
      AddType application/x-x509-ca-cert .crt
      AddType application/x-pkcs7-crl    .crl

      SSLPassPhraseDialog  builtin
          SSLSessionCache none
      SSLSessionCacheTimeout  300      
      SSLMutex default
      SSLRandomSeed startup builtin
      SSLRandomSeed connect builtin
      SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
      
      <VirtualHost *:443>

            #  General setup for the virtual host
            DocumentRoot <HTTPSDOCROOT>
            ServerName *:443
            ServerAdmin you@yourdomain.com
            ErrorLog logs/error.log
            TransferLog logs/access.log
                  
            <Directory "HTTPSDOCROOT">
                      Options FollowSymLinks
                      AllowOverride All
                      Order allow,deny
                      Allow from all
            </Directory>

            <Files ~ "\.(cgi|shtml|phtml|php3?)$">
                      SSLOptions +StdEnvVars
            </Files>
            <Directory "cgi-bin">
                      SSLOptions +StdEnvVars
            </Directory>
      
            CustomLog logs/ssl_request_log \
                "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

            SSLEngine On
            SSLCertificateFile conf/ssl/server.cert
            SSLCertificateKeyFile conf/ssl/server.key
      </virtualhost>
</IfModule>

And then above your Virtual Host declarations add.

<VirtualHost *:443>
        SSLEngine On
        SSLCertificateFile conf/ssl/server.cert
        SSLCertificateKeyFile conf/ssl/server.key
</VirtualHost>

Making sure of course that that your server.cert and server.key files are in the right place ( <apache>/conf/ssl/ )

Let us know if you get any probs
0
 
periwinkleCommented:
Which version of Apache?
0
 
Robin HickmottSoftware DeveloperCommented:
Can you go to

http://web-sniffer.net/

Select HTTP Version 1.1 and Request Type POST.

Leave the Agent as it is and then post up the results.

0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

 
Robin HickmottSoftware DeveloperCommented:
Apologies wrong Question :(
0
 
Robin HickmottSoftware DeveloperCommented:
How far have you got?

You will then need to modify the separate conf for Mod SSL. How far have you got have you been given your key and certificate yet or have you generated them yourself? Basically you will need to set up your http as normal using standard HTTP.CONF setup. there is then an additional one for ModSSL which you can merge if you wish. This sets up the listen port for HTTPS.

Once you have done this your Virtual Hosts section should look like this.


<VirtualHost *:443>
         SSLEngine On
         SSLCertificateFile conf/ssl/server.cert
         SSLCertificateKeyFile conf/ssl/server.key
</VirtualHost>

NameVirtualHost *:80

<VirtualHost *:80>
     #Use The standard server definitions or define your virtual hosts as normal under this
</VirtualHost>
0
 
periwinkleCommented:
rhickmott - I'm wondering if the user has Apache 2.x where there are multiple configuration files, or if SSL support has even been compiled into the executable.
0
 
Robin HickmottSoftware DeveloperCommented:
Basically yes Its impossible to process without knowing the version and how far they have got. If the OP hasent even generated a CSR request and have a signed certificate then this question can get quite extensive :)

The company I work for has a standard Apache 2 conf file which makes it easier for some ofthe admins to configure but it has everything needed for HTTPS in one file and not that extensively difficult to work with. It also depends on the OS as well.

Whats the OS?
Whats the Apache Version?
How far have you got setting it up?

Is basically the information we need.
0
 
bemara57Author Commented:
I am using AIX Unix 4.3.3 and Apache 1.3.26

I have already gotten the SSL certificate and key files generated for me. They actually came from another server. We are moving our website from one server to another (Apache to Apache). So I have already got the 2 files from the other server. Now I have to configure my new webserver Apache 1.3.26.
0
 
bemara57Author Commented:
Thanks but there is no LoadModule ssl_module modules/mod_ssl.so line in my config file. Is it possible that I have to download and install this module onto Apache or does it always come with it?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.