Re: [users@httpd] VirtualHost

Tue, 06 Jun 2006 13:53:57 -0700

sounds like a firewall issue, is port 443 accessible through your firewall? 


On 6-Jun-06, at 1:29 PM, Marcos R. Cardoso wrote:


Ok, guys, I've found out the problem and solved it. I was really  
calling twice the ssl.conf from inside the httpd.conf (how couldn't  
I notice that?), so I'm imposing myself a severe punishment for  
that (I'm gonna eat liver for a whole week, eeewwww). Sorry about  
this unnecessary brainburning.



But a new problem has come out: I can establish a secure https  
connection from inside the LAN to the Web Server, but the same  
can't be done outside (the very Internet). You can check it trying  
to access the url https://www.bc.furb.br and you also may notice  
that the ordinary http://www.bc.furb.br works well.


What may I be missing in the conf file?

Here goes the basic configuration in the SSL part:
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

SSLPassPhraseDialog builtin

SSLSessionCache         dbm:logs/ssl_scache
SSLSessionCacheTimeout  300

SSLMutex  default

<VirtualHost *:443>
ServerName www.bc.furb.br
ServerAdmin [EMAIL PROTECTED]
ErrorLog logs/error_ssl.log
TransferLog logs/access_ssl.log

SSLEngine on


SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2: 
+EXP:+eNULL


SSLCertificateFile conf/www.bc.furb.br.crt
SSLCertificateKeyFile conf/www.bc.furb.br.key

<FilesMatch "\.(cgi|shtml|phtml|php3?)$">
   SSLOptions +StdEnvVars
</FilesMatch>
<Directory "c:/apache/cgi">
   SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request.log \
         "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>


--
Marcos R. Cardoso
Seção de Processamento Técnico e Automação
Sistema Integrado de Bibliotecas
FURB - Blumenau
(047) 3321-0660


---------------------------------------------------------------------

The official User-To-User support forum of the Apache HTTP Server  
Project.

See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to