[users@httpd] SSL Problem Still not Solved in Apache2-RHEL4

Mon, 15 May 2006 09:50:24 -0700

I'm still stuck with httpd not starting while mod_ssl included in Apache2.0 in RHEL4. 

httpd will start without mod_ssl.
However, connection is then refused at both of the Virtual Hosts I'm using together: 
Default=mysqld-php portal;
Other=Derby-tomcat-jsp ebxmlrr registry;
so I returned to turned mod_ssl back on.

error_log:
[date-time] [notice] core dump file size limit raised to 4294967295 bytes
[date-time] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[date-time] [error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile]
Note: 'SSLEngine on' is specified in both the httpd.conf and the ssl.conf files. I found one question in my research where this duplication was a problem in conjunction with duplicated ssl variables/settings. Unfortunately the version of apache and OS were not specified, but removing 'SSLEngine on' from httpd.conf caused no change in the condition, so I returned to initial conditions again. 

Vitals:

ssl.conf:
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd.conf/sslkey/server.key


permissions:
[EMAIL PROTECTED] ssl.crt]# ls -al
total 40
drwx------  2 root root 4096 May 13 08:06 .
drwxr-xr-x  7 root root 4096 May 13 08:23 ..
-rw-r--r--  1 root root 1773 May  8 17:22 cacert.pem
-rw-r--r--  1 root root 1522 Feb 28  2005 Makefile.crt
-rw-------  1 root root 1497 May  8 21:27 server.crt
[EMAIL PROTECTED] ssl.crt]# cd ..
[root@@XXX conf]# cd ssl.key
[EMAIL PROTECTED] ssl.key]# ls -al
total 48
drwx------  2 root root 4096 Feb 28  2005 .
drwxr-xr-x  7 root root 4096 May 13 08:23 ..
-rw-r--r--  1 root root 1751 May  8 17:18 privkey.pem
-rw-------  1 root root  963 May  8 21:23 server.key
As you can see, the server.crt and server.key files are not publicly readable, but I do not have specific lines in ssl.conf for cacert.pem or privkey.pem. The documentaton for apache-ssl specfically mentions pem-encoding as does the Apache Model mod_ssl documentation. Could this be a problem? 

The SSLCACertificatePath is commented in ssl.conf. Could this be a problem?
I haven't changed or questioned all of the variables, including DocumentRoot and ServerName which are also commented.
I have to find a solution to this. It's one of those things that just isn't optional for me. Sorry to be a pain. 

Rex
--
Rex Brooks
President, CEO
Starbourne Communications Design
GeoAddress: 1361-A Addison
Berkeley, CA 94702
Tel: 510-849-2309

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to