We help IT Professionals succeed at work.
Get Started

How do I set up the Apache conf file for SSL connections?

pmascari
pmascari asked
on
487 Views
Last Modified: 2012-05-11
I am extremely new to the Linux world and have set up my first Apache web server on Xubuntu.  I have a couple sites running fine using virtual hosts.  However, I need to enable an SSL connection to one of them and am failing miserably.

I have purchased the certificate and generated all the keys needed.  I've followed several tutorials I've found on how to set up Apache for this but they're not working for me.  I am still able to connect to my site normally but connecting with https gives me a "Connection was interrupted" error in Firefox.

Here is my Default config file:
 
NameVirtualHost *

<VirtualHost *>
	ServerAdmin webmaster@localhost
	ServerName *.mysite.com
	DocumentRoot /ebs/websites/default
	<Directory />
		Options FollowSymLinks
		AllowOverride None
	</Directory>
	<Directory /ebs/websites/default/>
		Options FollowSymLinks MultiViews
		AllowOverride None
		Order allow,deny
		allow from all
	</Directory>
	DirectoryIndex index.cfm index.html
</VirtualHost>

Open in new window


And here is the default-ssl config file in its current state (it's gone through many iterations as I've wrestled with this):

 
<VirtualHost *:443>
	 	ServerAdmin paul@mysite.com
                DocumentRoot /ebs/websites/default
                ServerName mysite.com:443
                ErrorLog ${APACHE_LOG_DIR}/error.log
                SSLEngine on
		SSLProxyEngine On
                SSLProtocol all
                SSLCertificateFile /ebs/websites/ssl/certificate.crt
                SSLCertificateKeyFile /ebs/websites/ssl/PrivateKey.key
                SSLCertificateChainFile /ebs/websites/ssl/intermediate.crt
                ServerPath /default
	<Directory /ebs/websites/default/>
		Options FollowSymLinks MultiViews
		AllowOverride None
		Order allow,deny
		allow from all
	</Directory>
	DirectoryIndex index.cfm index.html
		BrowserMatch "MSIE [2-6]" \
		nokeepalive ssl-unclean-shutdown \
		downgrade-1.0 force-response-1.0
		# MSIE 7 and newer should be able to use keepalive
		BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

</VirtualHost>

Open in new window


Any help?
Comment
Watch Question
Commented:
This problem has been solved!
Unlock 1 Answer and 11 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE