On Sat, 22 Dec 2001, Mike Brandonisio wrote: > Hi, > > I wanted to post an answer to a problem I had with Apache and SSL. It took > some time to figure this one out but here it is: > > PROBLEM: > When I installed Apache and setup a virtual server for my test web site the > standard HTTP requests worked fine and port 80 requests work fine. However > when I would enable SSL on the Test Web Site It would act like the HTTP:80 > and HTTPS:443 were switched. > > When I'd hit the server with http://192.168.0.60 I get an error saying that > the I am trying to talk to the server in an ssl enabled port try https. I > thought that http was port-80. So I try https and is gives me an error could > not connect to host. I try https://192.168.0.60:80 it makes an ssl > connection. Now here is the odd part I try http://192.168.0.60:443 and it > makes non-secure connection. To summarize it looked like the server is > talking ssl on port80 and plain talk on port443. > > RESOLUTION: (newbie brain fart) > It turns out that you can only have 1 virtual server respond to 1 port. > Previously I had SSL enabled on a single virtual server that was set to > respond to port 80. To have a web site respond to HTTP:80 and HTTPS:443 you > need two virtual servers both responding to the same IP and both using the > same path for their root. Then set virtual server 1 to respond to HTTP:80 > and virtual server 2 to respond to HTTPS:443. Enable SSL on virtual server 2 > as well.
It's unlikely one would want to set the same path for ssl and plain-tcp apache virtual servers. SSL is used to transport sensitive information and giving that out over tcp would be security problem at site design level. > I guess I was confused by my past experience with IIS servers. There you > have one server that you enable SSL on. > > I hope this helps some else on the list as it helped me. I should say this stuff is apache-specific and apache is not the only one project that could be compiled with openssl. Please consider another mailing list (I guess mod_ssl -users). best wishes, Vadim ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
