[GLLUG] Apache-SSL
Charles Williams
willcha@sme.org
Wed, 17 Apr 2002 11:28:20 -0400
It's talking about SSLEngine line? Where does the line come from? What's
line 1081 say? Maybe spelling? What happens if you delete it? Or turn it
'off'?
- chuck
> -----Original Message-----
> From: Mike Szumlinski [SMTP:szumlin@msu.edu]
> Sent: Tuesday, April 16, 2002 12:25 PM
> To: gllug
> Cc: Dpk
> Subject: Re: [GLLUG] Apache-SSL
>
> This is what I get when I try firing it up...
>
> bash-2.05a$ sudo apachectl startssl
> Syntax error on line 1081 of /usr/local/etc/apache/httpd.conf:
> Invalid command 'SSLEngine', perhaps mis-spelled or defined by a module
> not included in the server configuration
> /usr/local/sbin/apachectl startssl: httpd could not be started
>
> Here is my virtual host setup, and I moved the certificates I generated
> to the directories listed in it. Any ideas anyone?
>
> <VirtualHost *>
> ServerAdmin compstor@msu.edu
> DocumentRoot /usr/local/www/secure
> ServerName cstore-secure.cl.msu.edu
> SSLEngine on
> SSLVerifyClient 0
> SSLVerifyDepth 10
> SSLCertificateKeyFile /usr/local/www/certs/www.key
> SSLCertificateFile /usr/local/www/certs/www.cert
> SSLCACertificatePath /usr/local/www/certs
> </VirtualHost>
>
> -Mike
>
> On Tuesday, April 16, 2002, at 12:16 PM, Dpk wrote:
>
> > On Tue, Apr 16, 2002 at 12:08:29PM -0400, Mike Szumlinski wrote:
> >
> > Has anyone set up a secure VirtualHost using apache13 on FreeBSD? I
> > can't seem to find a good howto out there anywhere. I have it
> > compiled and installed, but I can't figure out how to generate
> > certificates and turn on the SSL VirtualHost (my primary host works
> > fine)
> >
> > The apache-ssl/mod-ssl and openssl websites should provide you with
> > this information. If you have problems, this should get you
> > started... To enerate a self-signed certificate:
> >
> > openssl md5 * > rand.dat
> > openssl req -new -rand rand.dat > www.csr
> > openssl rsa -in privkey.pem -out www.key
> > openssl x509 -in www.csr -out www.cert -req -signkey www.key -days 365
> >
> > I would highly recommend using mod-ssl over apache-ssl... you can
> > search sunmanagers.org for the numerous reasons to do so. Using
> > mod-ssl, the directives you will want to add to the VirtualHost:
> >
> > SSLEngine on
> > SSLVerifyClient 0
> > SSLVerifyDepth 10
> > SSLCertificateKeyFile /usr/local/apache/certs/www.key
> > SSLCertificateFile /usr/local/apache/certs/www.cert
> > SSLCACertificatePath /usr/local/apache/certs
> >
> > Hope this helps.
> >
> > Dpk
> > _______________________________________________
> > linux-user mailing list
> > linux-user@egr.msu.edu
> > http://www.egr.msu.edu/mailman/listinfo/linux-user
>
> _______________________________________________
> linux-user mailing list
> linux-user@egr.msu.edu
> http://www.egr.msu.edu/mailman/listinfo/linux-user