troubleshooting Question

How do I set up the Apache conf file for SSL connections?

Avatar of pmascari
pmascariFlag for United States of America asked on
Apache Web ServerSSL / HTTPS
11 Comments1 Solution489 ViewsLast Modified:
I am extremely new to the Linux world and have set up my first Apache web server on Xubuntu.  I have a couple sites running fine using virtual hosts.  However, I need to enable an SSL connection to one of them and am failing miserably.

I have purchased the certificate and generated all the keys needed.  I've followed several tutorials I've found on how to set up Apache for this but they're not working for me.  I am still able to connect to my site normally but connecting with https gives me a "Connection was interrupted" error in Firefox.

Here is my Default config file:
 
NameVirtualHost *

<VirtualHost *>
	ServerAdmin webmaster@localhost
	ServerName *.mysite.com
	DocumentRoot /ebs/websites/default
	<Directory />
		Options FollowSymLinks
		AllowOverride None
	</Directory>
	<Directory /ebs/websites/default/>
		Options FollowSymLinks MultiViews
		AllowOverride None
		Order allow,deny
		allow from all
	</Directory>
	DirectoryIndex index.cfm index.html
</VirtualHost>

Open in new window


And here is the default-ssl config file in its current state (it's gone through many iterations as I've wrestled with this):

 
<VirtualHost *:443>
	 	ServerAdmin paul@mysite.com
                DocumentRoot /ebs/websites/default
                ServerName mysite.com:443
                ErrorLog ${APACHE_LOG_DIR}/error.log
                SSLEngine on
		SSLProxyEngine On
                SSLProtocol all
                SSLCertificateFile /ebs/websites/ssl/certificate.crt
                SSLCertificateKeyFile /ebs/websites/ssl/PrivateKey.key
                SSLCertificateChainFile /ebs/websites/ssl/intermediate.crt
                ServerPath /default
	<Directory /ebs/websites/default/>
		Options FollowSymLinks MultiViews
		AllowOverride None
		Order allow,deny
		allow from all
	</Directory>
	DirectoryIndex index.cfm index.html
		BrowserMatch "MSIE [2-6]" \
		nokeepalive ssl-unclean-shutdown \
		downgrade-1.0 force-response-1.0
		# MSIE 7 and newer should be able to use keepalive
		BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

</VirtualHost>

Open in new window


Any help?
ASKER CERTIFIED SOLUTION
pmascari

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 11 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 11 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros