Thanks for the response. Also this is a development server. the how-to document placed the .crt and .key files in the following directories.
cp mars-server.crt /etc/httpd/conf/ssl.crt cp mars-server.key /etc/httpd/conf/ssl.key cp my-ca.crt /etc/httpd/conf/ssl.crt These directories do not exist on this pc. Is there a default location under Apache2 where .crt and .key files need to be placed? There are backups of all of the conf files -----Original Message----- From: Jorey Bump <[EMAIL PROTECTED]> Sent: Aug 10, 2005 3:28 PM To: openssl-users@openssl.org Subject: Re: apachectl startssl started, but viewing https in browser does not [EMAIL PROTECTED] wrote: > Is it possible to clarify some of the confusion with the configuration? >>From what you wrote I don't really see what the issue is - > Any clarification would be appreciated. > The certificates were placed in a directory called CA. > How is this a problem? > Thank you. What you're doing is the equivalent of filling your car with gasoline. I mean, literally, opening the window of your automobile and dispensing petrol into the backseat. The problem is that if you don't understand what is meant by "fill it up" it's hard to determine where to begin with your instruction, other than from the very beginning. When you do this as a gas station attendant, it's very frightening, indeed. >> DocumentRoot "/opt/apache/CA" Your web pages go in DocumentRoot. This is very, very basic. >>SSLCertificateFile /opt/apache/CA/192.33.175.160.crt >>SSLCertificateKeyFile /opt/apache/CA/192.33.175.160.key >>SSLCertificateChainFile /opt/apache/CA/my-ca.crt >>SSLCACertificateFile /opt/apache/CA/my-ca.crt This could be an appropriate configuration. >> <Directory "/opt/apache/CA"> >> SSLOptions +StdEnvVars >> </Directory> Makes no sense whatsoever. >>DocumentRoot "/opt/apache/htdocs" - This is a second DocumentRoot - the This is just where your default web pages are. An SSL virtual host can have its own DocumentRoot or share another. >>httpd.conf includes the ssl.conf - could this be causing the problem? It's not unusual to include other conf files into httpd.conf to keep it manageable. >>changed htdocs to CA - still with problem Please. Make it stop! You're grasping at straws, here. You must read the documentation. >>Do the .crt and .key files need be in CA? They need to be handled securely. They need to be where apache can find them. They certainly don't belong in your DocumentRoot (not the key, anyway). >>The certificates were created by following the steps in this document. >>http://www.vanemery.com/Linux/Apache/apache-SSL.html This document is not the cause of your problem. I do things my own way, but a quick glance at the page raises no flags. Your problem is that you have no grasp of basic apache administration concepts. This isn't an SSL issue, anymore. You could put your server at risk by making more of these misguided errors. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
