Avatar of badwolfff
badwolfffFlag for United Kingdom of Great Britain and Northern Ireland

asked on 

Why can't I get a directory listing when I use HTTPS?

Hi all,

I've just successfully installed an SSL certificate on my server (I get no reboot errors when I restart apache2 server and also when I type in the URL with the https I can see the green lock symbol which I can click and see corresponds to my certificate).

The problem is that when I use the https protocol I get an error:
https://www.mifujiclark.com/
Forbidden
You don't have permission to access / on this server.

Open in new window


When I use the http protocol I get the right page:
http://www.mifujiclark.com


What am I doing wrong here?

thanks in advance.


P.S. Here is my site's conf file from the apache2 sites enabled folder:
# domain: mifujiclark.com
# public: /home/myfolder/public/mifujiclark.com/public

<VirtualHost *:443>
  SSLEngine On
  SSLProtocol all -SSLv2
  SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

  SSLCertificateFile /PATH_TO_APACHE_FOLDER/ssl/mifujiclark.com.crt
  SSLCertificateKeyFile /PATH_TO_APACHE_FOLDER/ssl/mifujiclark.com.key
  SSLCertificateChainFile /PATH_TO_APACHE_FOLDER/ssl/sub.class1.server.ca.pem

  # Admin email, Server Name (domain name), and any aliases
  ServerAdmin info@ookami.it
  ServerName  www.mifujiclark.com
  ServerAlias mifujiclark.com

  # Index file and Document Root (where the public files are located)
  DirectoryIndex index.html index.htm index.php
  DocumentRoot /home/myfolder/public/mifujiclark.com/public

  # Log file locations
  LogLevel warn
  ErrorLog  /home/myfolder/public/mifujiclark.com/log/error.log
  CustomLog /home/myfolder/public/mifujiclark.com/log/ssl_request.log \
      "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
  TransferLog /home/myfolder/public/mifujiclark.com/log/access.log
</VirtualHost>



<VirtualHost *:80>
  # Admin email, Server Name (domain name), and any aliases
  ServerAdmin info@ookami.it
  ServerName  www.mifujiclark.com
  ServerAlias mifujiclark.com

  # Index file and Document Root (where the public files are located)
  DirectoryIndex index.html index.htm index.php
  DocumentRoot /home/myfolder/public/mifujiclark.com/public

  # Log file locations
  LogLevel warn
  ErrorLog  /home/myfolder/public/mifujiclark.com/log/error.log
  CustomLog /home/myfolder/public/mifujiclark.com/log/access.log combined

</VirtualHost>

Open in new window

Linux DistributionsLinuxApache Web Server

Avatar of undefined
Last Comment
badwolfff
Avatar of badwolfff
badwolfff
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Here are the three logs:

ACCESS.LOG
90.14.76.165 - - [30/Dec/2014:03:06:56 +0000] "GET / HTTP/1.1" 403 202
90.14.76.165 - - [30/Dec/2014:03:06:56 +0000] "GET /favicon.ico HTTP/1.1" 403 213

Open in new window


ERROR.LOG
[Tue Dec 30 03:06:56.610993 2014] [authz_core:error] [pid 22773] [client 90.14.76.165:57228] AH01630: client denied by server configuration: /home/myfolder/public/mifujiclark.com/public/
[Tue Dec 30 03:06:56.697159 2014] [authz_core:error] [pid 22773] [client 90.14.76.165:57228] AH01630: client denied by server configuration: /home/myfolder/public/mifujiclark.com/public/favicon.ico

Open in new window



SSL_REQUEST.LOG
[30/Dec/2014:03:06:56 +0000] 90.14.76.165 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET / HTTP/1.1" 202
[30/Dec/2014:03:06:56 +0000] 90.14.76.165 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /favicon.ico HTTP/1.1" 213

Open in new window

Avatar of schaps
schaps
Flag of United States of America image

Is the domain set up in httpd-ssl.conf ?
Avatar of badwolfff
badwolfff
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Hi,
thanks for the reply. I use Apache2 on Ubuntu. I don't see a httpd-ssl.conf.
I see a default-ssl.conf file. Do I need to add something to it?
If so could you please help me with the syntax?
Also the default-ssl.conf file at the moment I see it only in the sites-available folder and not in the sites-enabled folder.
Do I need to make a shortcut to it there?

thanks in advance
ASKER CERTIFIED SOLUTION
Avatar of badwolfff
badwolfff
Flag of United Kingdom of Great Britain and Northern Ireland image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of gheist
gheist
Flag of Belgium image

Secure your server NOW:
SSLProtocol all -SSLv2
must become
SSLProtocol all -SSLv2 -SSLv3
(ssl3 is broken)
And
  SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
must become
  SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:!3DES
(3des is effectively 112bit cypher)
Avatar of badwolfff
badwolfff
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

I solved the problem myself
Linux
Linux

Linux is a UNIX-like open source operating system with hundreds of distinct distributions, including: Fedora, openSUSE, Ubuntu, Debian, Slackware, Gentoo, CentOS, and Arch Linux. Linux is generally associated with web and database servers, but has become popular in many niche industries and applications.

71K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo