how do I enable ssl for apache
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Sun Jan 4 02:51:24 UTC 2004
Am So, den 04.01.2004 schrieb Ron Peters um 03:28:
> > Am So, den 04.01.2004 schrieb Ron Peters um 01:34:
> >> > Am So, den 04.01.2004 schrieb Ron Peters um 00:51:
> >> >
> >> > [ snip ]
> >> >
> snip
>
> > You did install the httpd rpm and mod_ssl? Made you own self-signed
> > certificate/key?
>
> I made my own self signed key. I didn't add anything from the initial
> install of the server though.
>
> >
> > What do you get when you try to access your SSL apache site by using a
> > browser? If you did not something corious HTTPS would work by default
> > without any needed changes. Maybe you should reset your ssl.conf
> > settings back to default, especially the certificate/key entries.
>
> I have had some progress though. I modified the ssl.conf and changed the
> VirtualHost line from _default_ to mydomain.com. This made is so I could
> get to my site via https from a browser (woohoo). However, going to the
> same site via http, gives me the error that says I should try going
> through https at the same site.
Sounds better. Is you main site already the squirrelmail page? I do not
know how to configure squirrelmail but I use horde/imp as webmail and
this is configurable to enforce HTTPS sessions. Maybe your squirrelmail
forces you too?
> A little more info about my server. I have it's own domain and two
> virtual domains. The only reason I really need https is so I can access
> squirrelmail from outside my firewall.
More infos are mostly helpful :)
> Ideally, I would like all 3 of the domains to be accessible as normal via
> http as well as the main domain to be accessible via https.
Ok, so you will need 1 IP for the main server and the 3 namebased HTTP
virtual hosts. Be sure you set the ServerName in the main section of the
httpd.conf. Either include the configuration files for the virtual hosts
or directly add their instructions to the httpd.conf. If you only want a
HTTPS host for the main server you don't need an additional IP. You
maybe only have to set a different DocumentRoot to the squirrelmail
directory.
> I've read a little that virtual domains that are non-ip (name based) won't
> work with ssl. I don't think that is an issue since I just want to access
> the main IP/domain for ssl. It seems that there are some virtualhost
> settings in the ssl.conf that I'm not understanding.
I have a similar configuration running, one main host, a dozen virtual
hosts and a few HTTPS virtual hosts with their own IP serving for
virtual webmail hosting with horde/imp. Running fine.
If you like, send me your httpd.conf and ssl.conf files and I will have
a close look at them.
> >
> > Alexander
> >
>
> Thanks for the continued help.
If it helps :)
Alexander
--
Alexander Dalloz | Enger, Germany
PGP key valid: made 13.07.1999
PGP fingerprint: 2307 88FD 2D41 038E 7416 14CD E197 6E88 ED69 5653
More information about the fedora-list
mailing list