apache SSL not working: SSL not defined

I’, configuring a web server, is workking with a virtualhost on port 80, and I’m configuring the server with SSL on port 443. But the server is not configured. I have found that the problem (one of them at least) is that the server does not listen at 443 because of listen.conf


#Listen 80
#Listen 443

Listen 80

<IfDefine SSL>
        <IfDefine !NOSSL>
        <IfModule mod_ssl.c>

                Listen 443

        </IfModule>
        </IfDefine>
</IfDefine>


from another computer I do

tutatis:~ # telnet 192.168.2.246  443
Trying 192.168.2.246...
telnet: connect to address 192.168.2.246: Connection refused

But if I uncomment line #Listen 443 from listen.conf and restart apache, then the server answer

tutatis:~ # telnet 192.168.2.246  443
Trying 192.168.2.246...
Connected to 192.168.2.246.
Escape character is '^]'.

so the problem is that the line of listen.conf is not working, but i cant see why

I have enabled SSL with


#a2enmod ssl
#a2enflag ssl

and it seems enabled

moodle:/etc/apache2 # apachectl -M
AH00558: httpd-prefork: Could not reliably determine the server's fully qualified domain name, using 192.168.2.246. Set the 'ServerName' directive globally to suppress this message
Loaded Modules:
 core_module (static)
 so_module (static)
 http_module (static)
 mpm_prefork_module (static)
 unixd_module (static)
 systemd_module (static)
 actions_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_host_module (shared)
 authz_groupfile_module (shared)
 authz_core_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cgi_module (shared)
 dir_module (shared)
 env_module (shared)
 expires_module (shared)
 include_module (shared)
 log_config_module (shared)
 mime_module (shared)
 negotiation_module (shared)
 setenvif_module (shared)
 ssl_module (shared)
 socache_shmcb_module (shared)
 userdir_module (shared)
 reqtimeout_module (shared)
 php7_module (shared)
moodle:/etc/apache2 # 

What am I missing?

@fperal:

Are you suggesting that, the Apache “How-To” is incorrect?

No, I am not suggesting that.

But the syntax in opensuse differs from that in apache howto. I can’t see this “<IfDefine SSL>” of listen.conf of opensuse in the apache howto. And I suppose that enabling ssl should do apache to use the configuration in the <IfDefine SSL> section, but id does not, so I’m missing something.

So maybe the question should be what do I need to enable or configure to make apache use the configuration inside a <IfDefine SSL> section?

You have three nested conditions and all of them must be true for code inside them to be used. Why do you think that it is <IfDefine SSL> that fails?

You’re rigt, I should have explained.
Because this does not start apache listening on 443 either

#Listen 80
#Listen 443

Listen 80

<IfDefine SSL>
                Listen 443
        <IfDefine !NOSSL>
        <IfModule mod_ssl.c>

                Listen 443

        </IfModule>
        </IfDefine>
</IfDefine>

No, you did not. You enabled “ssl” which is not the same as “SSL”.

<IfDefine SSL>

The code checks for “SSL” flag, not for “ssl” flag.

Yes, that was the problem. I could have been hours searching for it and not finding it.
I didn’t notice it was case sensitive.

Now that you have pointed it I have seen in section 24.6.2 of opensuse apache ssl guide that they say that SSL for the flag is case sensitive.

thanks

I’ve just got the apache web service running on my new server with a ssl certificate.
To begin with, the SSL flag was not set and no secure connection could be built up.
I resolved this issue by commenting out the tags in /etc/apache2/vhosts.d/vhost-ssl.conf.
Also after rebooting the server, the https connection was still working.
I am not aware from where the SSL flag is set and if someone has an explanation to this behavior, I would be happy for any information!

Oh! I forgot to mention, I did set APACHE_SERVER_FLAGS=“SSH” in /etc/sysconfig/apache2.
But this did not resolve the issue.
The issue wasn’t resolved until I commented out the tag in /etc/apache2/vhosts.d/vhost-ssl.conf.