vhost-ssl

Hi,

SLES15:
How to get SSL with apache running?

There is a vhost.conf and a vhost-ssl.conf. Cert and key (For test as
selfsigned cert) is at the configured place. But after a restart the
local port at 443 is not open. (via http(Port 80) web-content is accessable)

journal shows no error; apache2/error_log shows :“AH01873: Init: Session
Cache is not configured [hint: SSLSessionCache]”
But this is only a warning …

Bernd

Hi Bernd,

in case you don’t use YaST to configure httpd (and if you don’t - I’d recommend not to open the YaST httpd module it if you haven’t saved your config files :-/ ), have a look at /etc/sysconfig/apache2 - in APACHE_MODULES, you need to have “ssl” and in APACHE_SERVER_FLAGS you need “SSL” added. See the comments regarding SSL, right before APACHE_MODULES.

If you have httpd running, you can check via “ps” if “-DSSL” is active - if it’s not, you’re missing part of the configuration.

Regards,
J

Am 13.11.18 um 13:04 schrieb jmozdzen:[color=blue]

Hi Bernd,

in case you don’t use YaST to configure httpd (and if you don’t - I’d
recommend not to open the YaST httpd module it if you haven’t saved your
config files :-/ ), have a look at /etc/sysconfig/apache2 - in
APACHE_MODULES, you need to have “ssl” and in APACHE_SERVER_FLAGS you
need “SSL” added. See the comments regarding SSL, right before
APACHE_MODULES.[/color]
$§%& … sysconfig … there were the ant in the bed …
I have struggled there years ago …

Thx!

Bernd

… and new question.

I can access my index.html via http. But when test via https I get an 403 ?

Path are checked, there are noch typos …

Bernd

Hi Bernd,

[QUOTE=nntp-user;55216]… and new question.

I can access my index.html via http. But when test via https I get an 403 ?

Path are checked, there are noch typos …

Bernd[/QUOTE]

and a question in return: What’s in the logs (/var/log/apache2/*, if you haven’t setup different locations)?

Regards,
J

Am 13.11.18 um 14:54 schrieb jmozdzen:[color=blue]

Hi Bernd,[/color]
(…)[color=blue][color=green]

I can access my index.html via http. But when test via https I get an
403 ?

Path are checked, there are noch typos …[/color][/color]
(…)
[color=blue]
and a question in return: What’s in the logs (/var/log/apache2/*, if you
haven’t setup different locations)?[/color]
The -error_log say:

[authz_core:error] (…) AH01630: client denied by server configuration:
(here is the correct Path included)

… but I see an warning in the main error_log:
[ssl:warn] (…) AH01916: Init: You configured HTTP(80) on the standard
HTTPS(443) port!

But in the vhost.conf is only one entry with a port:

and in the vhost-ssl.conf:

Bernd

Am 12.11.18 um 16:32 schrieb nntp-user:[color=blue]

SLES15:
 How to get SSL with apache running?

There is a vhost.conf and a vhost-ssl.conf. Cert and key (For test as
selfsigned cert) is at the configured place. But after a restart the
local port at 443 is not open. (via http(Port 80) web-content is
accessable)

journal shows no error; apache2/error_log shows :“AH01873: Init: Session
Cache is not configured [hint: SSLSessionCache]”
But this is only a warning …
[/color]

There is no problem in certificate config.

The problem was the (new in apache 2.4) access restrictions. I copied
the section from vhost.conf into vhost-ssl.conf and bingo.

I had assumed that the vhost-ssl.conf is an ‘add-on’ to the
vhost-ssl.conf but this is not.

Bernd