SSL session on Apache
Rick Stevens
rstevens at vitalstream.com
Wed Feb 25 20:38:59 UTC 2004
John Strunk wrote (reformatted for bottom-posting):
> John
>
> Rick Stevens wrote:
>
>> John Strunk wrote (reformatted for bottom posting):
>>
>>> Rick Stevens wrote:
>>>
>>>> John Strunk wrote:
>>>>
>>>>> I recently saw a thread on this list about installing SSL access on
>>>>> Apache. Not sure of all the details but I find myself with a
>>>>> problem upgrading a server from rel 8 to rel 9. The rel 8 system
>>>>> has apache running with both non ssl access and ssl access, no
>>>>> problems. When I built a test host with rel 9 and apache using the
>>>>> same httpd.conf and ssl.conf files I am unable to start httpd. I
>>>>> get the following error:
>>>>> Starting httpd: (98)Address already in use: make_sock: could not
>>>>> bind to address 90.0.0.15:443 no listening sockets available,
>>>>> shuting down
>>>>>
>>>>> Was this covered? If so where can I find the fix? If not has
>>>>> anyone got any ideas on how to remidy the situation?
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Uh, it would appear that you have another apache running on port 443.
>>>> Do a "ps -ax" and see if there's other httpd processes running. If so,
>>>> odds are that the rh9 install installed the default apache2 server and
>>>> your startup scripts are starting it. I can't recall if it does an
>>>> SSL daemon or not.
>>>>
>>>> You can kill those apache2 processes by doing
>>>>
>>>> /etc/rc.d/init.d/httpd stop
>>>>
>>>> Then use "redhat-config-services" to disable Red Hat's apache server.
>>>> You need to add your own startup script or modify Red Hat's to run your
>>>> server.
>>>
>>>
>>
>>> Rick,
>>> There are no httpd (apache) processes running. I even used the
>>> /sbin/service httpd stop command and got the response that httpd was
>>> not running. Then the /sbin/service httpd start command still fails.
>>>
>>> Do you know of a way to check to see what process is supposed to be
>>> listening to port 443?
>>
>>
>>
>> Sure. Use "netstat -lpn". You'll see what's listening on where. Look
>> for something like "0.0.0.0:443" in the "Local Address". Under the
>> "PID/Program name" column, you'll see the process ID and (possibly) the
>> name of the binary that's listening.
> Rick,
> Thanks.
> Using the netstat -lpn command I found that the port was captured by
> keriomailserver. I remember selecting this too install when I build the
> system but did not realize that the deamon was started. After stopping
> kerio, http was happy to start. I was planning to learn about kerio
> mail. Since we use sendmail for mail transport this is no great loss.
Ah. Keriomail has a webmail component and they may take over 443 for
SSL-authenticated webmail sessions.
> Thanks again.
No problem, John. In the future, by the way, try to bottom-post (make
your comments AFTER what you're commenting on). It makes following the
thread of the messages easier since the additions are in chronological
order.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Always remember you're unique, just like everyone else. -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list