I have the need for a secure server, so I compiled in openssl and have done everything (i think) according to the manual.
I can't get my server to respond on https - (It responds to ALL http requests) Here is the outline: I can start apache with ssl; it asks for the passphrase and starts up. I can see it running (httpd -DSSL) using ps I can see it listening using netstat -a (https) I created a self-signed certificate I configured httpd.conf according to all the manuals I could find. I am running SSL on a NON-NAME-based virtual host I CAN ONLY connect to the https address FROM THE SERVER using Lynx - ( it is the only thing that generates entries in the ssl_engine_log) I can't figure out why I can't connect. Is it possible that TCP wrappers has any effect?? I am running Linux RedHat 7.2. I've disabled most tcpd services and I have set immutable attributes to all binary files and have removed SUID from all but a couple of files. Could any of this be causing the problem ??? Confused in Alaska...... Here is the output of the ssl_3engine_log right after doing apachectl startssl: [15/Jan/2002 21:27:10 30027] [info] Server: Apache/1.3.22, Interface: mod_ssl/2.8.5, Library: OpenSSL/0.9.6b [15/Jan/2002 21:27:10 30027] [info] Init: 1st startup round (still not detached) [15/Jan/2002 21:27:10 30027] [info] Init: Initializing OpenSSL library [15/Jan/2002 21:27:10 30027] [info] Init: Loading certificate & private key of SSL-aware server www.alaskastyle.com:443 [15/Jan/2002 21:27:10 30027] [info] Init: Requesting pass phrase via builtin terminal dialog [15/Jan/2002 21:27:13 30027] [trace] Init: (www.alaskastyle.com:443) encrypted RSA private key - pass phrase requested [15/Jan/2002 21:27:13 30027] [info] Init: Wiped out the queried pass phrases from memory [15/Jan/2002 21:27:13 30027] [info] Init: Seeding PRNG with 136 bytes of entropy [15/Jan/2002 21:27:13 30027] [info] Init: Generating temporary RSA private keys (512/1024 bits) [15/Jan/2002 21:27:15 30027] [info] Init: Configuring temporary DH parameters (512/1024 bits) [15/Jan/2002 21:27:15 30028] [info] Init: 2nd startup round (already detached) [15/Jan/2002 21:27:15 30028] [info] Init: Reinitializing OpenSSL library [15/Jan/2002 21:27:15 30028] [trace] Inter-Process Session Cache (DBM) Expiry: old: 0, new: 0, removed: 0 [15/Jan/2002 21:27:15 30028] [info] Init: Seeding PRNG with 136 bytes of entropy [15/Jan/2002 21:27:15 30028] [info] Init: Configuring temporary RSA private keys (512/1024 bits) [15/Jan/2002 21:27:15 30028] [info] Init: Configuring temporary DH parameters (512/1024 bits) [15/Jan/2002 21:27:15 30028] [info] Init: Initializing (virtual) servers for SSL [15/Jan/2002 21:27:15 30028] [info] Init: Configuring server www.alaskastyle.com:443 for SSL protocol [15/Jan/2002 21:27:15 30028] [trace] Init: (www.alaskastyle.com:443) Creating new SSL context (protocols: SSLv2, SSLv3, TLSv1) [15/Jan/2002 21:27:15 30028] [trace] Init: (www.alaskastyle.com:443) Configuring permitted SSL ciphers [ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL] [15/Jan/2002 21:27:15 30028] [trace] Init: (www.alaskastyle.com:443) Configuring RSA server certificate [15/Jan/2002 21:27:15 30028] [trace] Init: (www.alaskastyle.com:443) Configuring RSA server private key ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
