Why can't I get a directory listing when I use HTTPS?

Hi all,

I've just successfully installed an SSL certificate on my server (I get no reboot errors when I restart apache2 server and also when I type in the URL with the https I can see the green lock symbol which I can click and see corresponds to my certificate).

The problem is that when I use the https protocol I get an error:
https://www.mifujiclark.com/
Forbidden
You don't have permission to access / on this server.

Open in new window


When I use the http protocol I get the right page:
http://www.mifujiclark.com


What am I doing wrong here?

thanks in advance.


P.S. Here is my site's conf file from the apache2 sites enabled folder:
# domain: mifujiclark.com
# public: /home/myfolder/public/mifujiclark.com/public

<VirtualHost *:443>
  SSLEngine On
  SSLProtocol all -SSLv2
  SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

  SSLCertificateFile /PATH_TO_APACHE_FOLDER/ssl/mifujiclark.com.crt
  SSLCertificateKeyFile /PATH_TO_APACHE_FOLDER/ssl/mifujiclark.com.key
  SSLCertificateChainFile /PATH_TO_APACHE_FOLDER/ssl/sub.class1.server.ca.pem

  # Admin email, Server Name (domain name), and any aliases
  ServerAdmin info@ookami.it
  ServerName  www.mifujiclark.com
  ServerAlias mifujiclark.com

  # Index file and Document Root (where the public files are located)
  DirectoryIndex index.html index.htm index.php
  DocumentRoot /home/myfolder/public/mifujiclark.com/public

  # Log file locations
  LogLevel warn
  ErrorLog  /home/myfolder/public/mifujiclark.com/log/error.log
  CustomLog /home/myfolder/public/mifujiclark.com/log/ssl_request.log \
      "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
  TransferLog /home/myfolder/public/mifujiclark.com/log/access.log
</VirtualHost>



<VirtualHost *:80>
  # Admin email, Server Name (domain name), and any aliases
  ServerAdmin info@ookami.it
  ServerName  www.mifujiclark.com
  ServerAlias mifujiclark.com

  # Index file and Document Root (where the public files are located)
  DirectoryIndex index.html index.htm index.php
  DocumentRoot /home/myfolder/public/mifujiclark.com/public

  # Log file locations
  LogLevel warn
  ErrorLog  /home/myfolder/public/mifujiclark.com/log/error.log
  CustomLog /home/myfolder/public/mifujiclark.com/log/access.log combined

</VirtualHost>

Open in new window

badwolfffAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
badwolfffConnect With a Mentor Author Commented:
I solved it myself by adding:

  ExpiresActive on

  ExpiresByType image/jpg "access plus 1 year"
  ExpiresByType image/png "access plus 1 year"
  ExpiresByType image/gif "access plus 1 year"
  ExpiresByType image/jpeg "access plus 1 year"

  ExpiresByType text/css "access plus 1 month"

  ExpiresByType image/x-icon "access plus 1 month"

  ExpiresByType text/javascript "access plus 1 month"
  ExpiresByType application/x-javascript "access plus 1 month"
  ExpiresByType application/javascript "access plus 1 month"


        <Directory /home/myfolder/public/mifujiclark.com/public>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride all
            Order allow,deny
            Allow from all
            Require all granted
        </Directory>
0
 
badwolfffAuthor Commented:
Here are the three logs:

ACCESS.LOG
90.14.76.165 - - [30/Dec/2014:03:06:56 +0000] "GET / HTTP/1.1" 403 202
90.14.76.165 - - [30/Dec/2014:03:06:56 +0000] "GET /favicon.ico HTTP/1.1" 403 213

Open in new window


ERROR.LOG
[Tue Dec 30 03:06:56.610993 2014] [authz_core:error] [pid 22773] [client 90.14.76.165:57228] AH01630: client denied by server configuration: /home/myfolder/public/mifujiclark.com/public/
[Tue Dec 30 03:06:56.697159 2014] [authz_core:error] [pid 22773] [client 90.14.76.165:57228] AH01630: client denied by server configuration: /home/myfolder/public/mifujiclark.com/public/favicon.ico

Open in new window



SSL_REQUEST.LOG
[30/Dec/2014:03:06:56 +0000] 90.14.76.165 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET / HTTP/1.1" 202
[30/Dec/2014:03:06:56 +0000] 90.14.76.165 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /favicon.ico HTTP/1.1" 213

Open in new window

0
 
schapsCommented:
Is the domain set up in httpd-ssl.conf ?
0
A proven path to a career in data science

At Springboard, we know how to get you a job in data science. With Springboard’s Data Science Career Track, you’ll master data science  with a curriculum built by industry experts. You’ll work on real projects, and get 1-on-1 mentorship from a data scientist.

 
badwolfffAuthor Commented:
Hi,
thanks for the reply. I use Apache2 on Ubuntu. I don't see a httpd-ssl.conf.
I see a default-ssl.conf file. Do I need to add something to it?
If so could you please help me with the syntax?
Also the default-ssl.conf file at the moment I see it only in the sites-available folder and not in the sites-enabled folder.
Do I need to make a shortcut to it there?

thanks in advance
0
 
gheistCommented:
Secure your server NOW:
SSLProtocol all -SSLv2
must become
SSLProtocol all -SSLv2 -SSLv3
(ssl3 is broken)
And
  SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
must become
  SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:!3DES
(3des is effectively 112bit cypher)
0
 
badwolfffAuthor Commented:
I solved the problem myself
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.