SSL session on Apache

Rick Stevens rstevens at vitalstream.com
Wed Feb 25 20:38:59 UTC 2004 

John Strunk wrote (reformatted for bottom-posting):


> John
> 
> Rick Stevens wrote:
> 
>> John Strunk wrote (reformatted for bottom posting):
>>
>>> Rick Stevens wrote:
>>>
>>>> John Strunk wrote:
>>>>
>>>>> I recently saw a thread on this list about installing SSL access on 
>>>>> Apache.  Not sure of all the details but I find myself with a 
>>>>> problem upgrading a server from rel 8 to rel 9.  The rel 8 system 
>>>>> has apache running with both non ssl access and ssl access, no 
>>>>> problems.  When I built a test host with rel 9 and apache using the 
>>>>> same httpd.conf and ssl.conf files I am unable to start httpd. I 
>>>>> get the following error:
>>>>>    Starting httpd: (98)Address already in use: make_sock: could not 
>>>>> bind to address 90.0.0.15:443 no listening sockets available, 
>>>>> shuting down
>>>>>
>>>>> Was this covered? If so where can I find the fix?  If not has 
>>>>> anyone got any ideas on how to remidy the situation?
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Uh, it would appear that you have another apache running on port 443.
>>>> Do a "ps -ax" and see if there's other httpd processes running.  If so,
>>>> odds are that the rh9 install installed the default apache2 server and
>>>> your startup scripts are starting it.  I can't recall if it does an
>>>> SSL daemon or not.
>>>>
>>>> You can kill those apache2 processes by doing
>>>>
>>>>     /etc/rc.d/init.d/httpd stop
>>>>
>>>> Then use "redhat-config-services" to disable Red Hat's apache server.
>>>> You need to add your own startup script or modify Red Hat's to run your
>>>> server.
>>>
>>>
>>
>>> Rick,
>>> There are no httpd (apache) processes running.  I even used the  
>>> /sbin/service httpd stop command and got the response that httpd was 
>>> not running.  Then the /sbin/service httpd start command still fails.
>>>
>>> Do you know of a way to check to see what process is supposed to be 
>>> listening to port 443?
>>
>>
>>
>> Sure.  Use "netstat -lpn".  You'll see what's listening on where.  Look
>> for something like "0.0.0.0:443" in the "Local Address".  Under the
>> "PID/Program name" column, you'll see the process ID and (possibly) the
>> name of the binary that's listening.
> Rick,
> Thanks.
> Using the netstat -lpn command I found that the port was captured by 
> keriomailserver.  I remember selecting this too install when I build the 
> system but did not realize that the deamon was started. After stopping 
> kerio, http was happy to start.  I was planning to learn about kerio 
> mail.  Since we use sendmail for mail transport this is no great loss.

Ah.  Keriomail has a webmail component and they may take over 443 for
SSL-authenticated webmail sessions.

> Thanks again.

No problem, John. In the future, by the way, try to bottom-post (make
your comments AFTER what you're commenting on).  It makes following the
thread of the messages easier since the additions are in chronological
order.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens at vitalstream.com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-      Always remember you're unique, just like everyone else.       -
----------------------------------------------------------------------

More information about the Redhat-install-list mailing list