Results 1 to 4 of 4

Thread: apache2 global SSL setup

  1. #1

    Default apache2 global SSL setup

    On OpenSUSE 10.3 I have several virtual host files under
    /etc/apache2/vhosts.d/. These files were created from the template:
    /etc/apache2/vhosts.d/vhost.template (not
    /etc/apache2/vhosts.d/vhost-ssl.template)

    Does anyone know how do I setup SSL globally so all these virtual hosts
    be accessed on port 443 as well?

    I have created the SSL certificates using
    /usr/share/doc/packages/apache2/certificate.sh script

    I have also edited /etc/sysconfig/apache2 and added APACHE_SERVER_FLAGS="SSL"

    I can access the site on http://127.0.0.1 but if I try https://127.0.0.1
    I get error message "127.0.0.1 has sent an incorrect or unexpected message.
    Error Code: -12263" (tried from Firefox 2.0.0.6). In apache2 error log I get
    "Invalid method in request \x16\x03\x01"

    Apache2 is listening on port 80 and 443 on 0.0.0.0.

    I have read Apache Howto SSL - openSUSE
    and when I try a2enmod ssl and a2enflag SSL I get message
    "ssl already present"

    Thanks for any help.

  2. #2
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: apache2 global SSL setup

    You have to edit those <virtualhost> elements so that they are also active for port 443.

    Due to the nature of HTTPS and virtualhosts, you will get a mismatch on the certs on all but one HTTPS host, unless you have a wildcard certificate.

  3. #3

    Default Re: apache2 global SSL setup

    Sorry how do I do that? At the moment, the Apache2 directive is "<VirtualHost *:80>"

    Thanks.

  4. #4
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: apache2 global SSL setup

    <Virtualhost _default_:443>

    as shown in vhost-ssl.template. But as I explained, you don't really have named-based virtualhosts with SSL so they will all go to one host, the default one. You can have IP-based virtualhosts with SSL.

    The reason is that SSL communication is established before the Host: line is sent to the server. So all the requests will end up at the default server.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •