[GLLUG] Apache-SSL

Charles Williams willcha@sme.org
Wed, 17 Apr 2002 11:28:20 -0400 

It's talking about SSLEngine line? Where does the line come from? What's
line 1081 say? Maybe spelling? What happens if you delete it? Or turn it
'off'?
- chuck

> -----Original Message-----
> From:	Mike Szumlinski [SMTP:szumlin@msu.edu]
> Sent:	Tuesday, April 16, 2002 12:25 PM
> To:	gllug
> Cc:	Dpk
> Subject:	Re: [GLLUG] Apache-SSL
> 
> This is what I get when I try firing it up...
> 
> bash-2.05a$ sudo apachectl startssl
> Syntax error on line 1081 of /usr/local/etc/apache/httpd.conf:
> Invalid command 'SSLEngine', perhaps mis-spelled or defined by a module 
> not included in the server configuration
> /usr/local/sbin/apachectl startssl: httpd could not be started
> 
> Here is my virtual host setup, and I moved the certificates I generated 
> to the directories listed in it. Any ideas anyone?
> 
> <VirtualHost *>
> 	ServerAdmin compstor@msu.edu
> 	DocumentRoot /usr/local/www/secure
> 	ServerName cstore-secure.cl.msu.edu		
> 	SSLEngine on
> 	SSLVerifyClient 0
> 	SSLVerifyDepth 10
> 	SSLCertificateKeyFile /usr/local/www/certs/www.key
> 	SSLCertificateFile /usr/local/www/certs/www.cert
> 	SSLCACertificatePath /usr/local/www/certs
> </VirtualHost>
> 
> -Mike
> 
> On Tuesday, April 16, 2002, at 12:16  PM, Dpk wrote:
> 
> > On Tue, Apr 16, 2002 at 12:08:29PM -0400, Mike Szumlinski wrote:
> >
> >    Has anyone set up a secure VirtualHost using apache13 on FreeBSD? I
> >    can't seem to find a good howto out there anywhere. I have it
> >    compiled and installed, but I can't figure out how to generate
> >    certificates and turn on the SSL VirtualHost (my primary host works
> >    fine)
> >
> > The apache-ssl/mod-ssl and openssl websites should provide you with
> > this information.  If you have problems, this should get you
> > started...  To enerate a self-signed certificate:
> >
> > openssl  md5 * > rand.dat
> > openssl req -new -rand rand.dat > www.csr
> > openssl rsa -in privkey.pem -out www.key
> > openssl x509 -in www.csr -out www.cert -req -signkey www.key -days 365
> >
> > I would highly recommend using mod-ssl over apache-ssl... you can
> > search sunmanagers.org for the numerous reasons to do so.  Using
> > mod-ssl, the directives you will want to add to the VirtualHost:
> >
> > SSLEngine on
> > SSLVerifyClient 0
> > SSLVerifyDepth 10
> > SSLCertificateKeyFile /usr/local/apache/certs/www.key
> > SSLCertificateFile /usr/local/apache/certs/www.cert
> > SSLCACertificatePath /usr/local/apache/certs
> >
> > Hope this helps.
> >
> > Dpk
> > _______________________________________________
> > linux-user mailing list
> > linux-user@egr.msu.edu
> > http://www.egr.msu.edu/mailman/listinfo/linux-user
> 
> _______________________________________________
> linux-user mailing list
> linux-user@egr.msu.edu
> http://www.egr.msu.edu/mailman/listinfo/linux-user