apache SSL not working: SSL not defined

fperal · August 14, 2022, 7:06pm

I’, configuring a web server, is workking with a virtualhost on port 80, and I’m configuring the server with SSL on port 443. But the server is not configured. I have found that the problem (one of them at least) is that the server does not listen at 443 because of listen.conf


#Listen 80
#Listen 443

Listen 80

<IfDefine SSL>
        <IfDefine !NOSSL>
        <IfModule mod_ssl.c>

                Listen 443

        </IfModule>
        </IfDefine>
</IfDefine>

from another computer I do

tutatis:~ # telnet 192.168.2.246  443
Trying 192.168.2.246...
telnet: connect to address 192.168.2.246: Connection refused

But if I uncomment line #Listen 443 from listen.conf and restart apache, then the server answer

tutatis:~ # telnet 192.168.2.246  443
Trying 192.168.2.246...
Connected to 192.168.2.246.
Escape character is '^]'.

so the problem is that the line of listen.conf is not working, but i cant see why

I have enabled SSL with


#a2enmod ssl
#a2enflag ssl

and it seems enabled

moodle:/etc/apache2 # apachectl -M
AH00558: httpd-prefork: Could not reliably determine the server's fully qualified domain name, using 192.168.2.246. Set the 'ServerName' directive globally to suppress this message
Loaded Modules:
 core_module (static)
 so_module (static)
 http_module (static)
 mpm_prefork_module (static)
 unixd_module (static)
 systemd_module (static)
 actions_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_host_module (shared)
 authz_groupfile_module (shared)
 authz_core_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cgi_module (shared)
 dir_module (shared)
 env_module (shared)
 expires_module (shared)
 include_module (shared)
 log_config_module (shared)
 mime_module (shared)
 negotiation_module (shared)
 setenvif_module (shared)
 ssl_module (shared)
 socache_shmcb_module (shared)
 userdir_module (shared)
 reqtimeout_module (shared)
 php7_module (shared)
moodle:/etc/apache2 #

What am I missing?

dcurtisfra · August 15, 2022, 12:11pm

@fperal:

Are you suggesting that, the Apache “How-To” is incorrect?

Apache «How-To»: <https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html>
Apache SSL documentation: <https://httpd.apache.org/docs/2.4/ssl/>

fperal · August 16, 2022, 12:20am

No, I am not suggesting that.

But the syntax in opensuse differs from that in apache howto. I can’t see this “<IfDefine SSL>” of listen.conf of opensuse in the apache howto. And I suppose that enabling ssl should do apache to use the configuration in the <IfDefine SSL> section, but id does not, so I’m missing something.

So maybe the question should be what do I need to enable or configure to make apache use the configuration inside a <IfDefine SSL> section?

arvidjaar · August 16, 2022, 9:56am

You have three nested conditions and all of them must be true for code inside them to be used. Why do you think that it is <IfDefine SSL> that fails?

fperal · August 16, 2022, 10:54am

You’re rigt, I should have explained.
Because this does not start apache listening on 443 either

#Listen 80
#Listen 443

Listen 80

<IfDefine SSL>
                Listen 443
        <IfDefine !NOSSL>
        <IfModule mod_ssl.c>

                Listen 443

        </IfModule>
        </IfDefine>
</IfDefine>

arvidjaar · August 16, 2022, 2:47pm

No, you did not. You enabled “ssl” which is not the same as “SSL”.

<IfDefine SSL>

The code checks for “SSL” flag, not for “ssl” flag.

fperal · August 16, 2022, 4:36pm

Yes, that was the problem. I could have been hours searching for it and not finding it.
I didn’t notice it was case sensitive.

Now that you have pointed it I have seen in section 24.6.2 of opensuse apache ssl guide that they say that SSL for the flag is case sensitive.

thanks