Can't get apache 2.0.28 to work with SSL (was apache 2.0.28 + SSL)

Can't get apache 2.0.28 to work with SSL (was apache 2.0.28 + SSL)

Post by ow » Wed, 21 Nov 2001 00:44:41



Cannot get apache 2.0.28 to work with SSL

That what I did:
1) Installed apache 2.0.28
2) started apache using ".../apache2/bin/apachectl startssl
3) could not generate test ceritificate as per doc "make certificate"
4) generated a test certificate using "make_dummy_cert" script that comes
with OpenSSL
5) changed <apachehome>/conf/ssl.conf file accordingly, I think
6) Apache does not appear to be listening on port 443.
Telnet localhost 443 results in "Connection refused".
7) There are no error messages in the error_log.

With reference to the above:
1) Has anyone been able to get SSL working with Apache 2.0.28?
2) If yes, would you post your instructions on how you did it?

Thanks in advance.

 
 
 

Can't get apache 2.0.28 to work with SSL (was apache 2.0.28 + SSL)

Post by Enemius Sleep » Mon, 03 Dec 2001 02:57:09


Here is what I did:

Configuring Apache2 w/ mod_ssl (So much easier that apache 1!!)

./configure --prefix=/usr/local/apache2 \
--enable-so \
--enable-ssl=shared

make; sudo make install

I went to this URL for the 'dummy cert'
http://www.spack.org/index.cgi/OpensslHelp
the actual apache docs with that bogus 'make certificate' thing
just made me angry, so I thouhgt that I would do it by hand. Not a
problem...

I installed the crt in /usr/local/apache2/conf/ssl.crt and the key in
/usr/local/apach2/conf/ssl.key...

Then to check that apache was running on ssl port 443 as well as 80, I did this:

telnet localhost 80
get /index.html http/1.0\n\n

Worked!

then

openssl s_client -connect localhost:443 -state -debug

CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 0814D6E0 [0814D728] (124 bytes => 124 (0x7C))
0000 - 80 7a 01 03 01 00 51 00-00 00 20 00 00 16 00 00   .z....Q... .....
0010 - 13 00 00 0a 07 00 c0 00-00 66 00 00 05 00 00 04   .........f......
0020 - 03 00 80 01 00 80 08 00-80 00 00 65 00 00 64 00   ...........e..d.
0030 - 00 63 00 00 62 00 00 61-00 00 60 00 00 15 00 00   .c..b..a..`.....


0060 - 10 cd 5d a1 14 fd 4b 0b-1f 6a 9d 12 cf ba 71 b9   ..]...K..j....q.
0070 - 7c 78 ee f4 dc cf fe 4d-fa da f2 79               |x.....M...y
SSL_connect:SSLv2/v3 write client hello A
read from 0814D6E0 [08152C88] (7 bytes => 7 (0x7))
0000 - 0a 3c 21 44 4f 43 54                              .<!DOCT

WooHoo!!! Seems to work ust fine for me!
-james


> Cannot get apache 2.0.28 to work with SSL

> That what I did:
> 1) Installed apache 2.0.28
> 2) started apache using ".../apache2/bin/apachectl startssl
> 3) could not generate test ceritificate as per doc "make certificate"
> 4) generated a test certificate using "make_dummy_cert" script that comes
> with OpenSSL
> 5) changed <apachehome>/conf/ssl.conf file accordingly, I think
> 6) Apache does not appear to be listening on port 443.
> Telnet localhost 443 results in "Connection refused".
> 7) There are no error messages in the error_log.

> With reference to the above:
> 1) Has anyone been able to get SSL working with Apache 2.0.28?
> 2) If yes, would you post your instructions on how you did it?

> Thanks in advance.


 
 
 

Can't get apache 2.0.28 to work with SSL (was apache 2.0.28 + SSL)

Post by ow » Mon, 03 Dec 2001 16:36:43


Thanks, I now got it working.


Quote:> Here is what I did:

[ ...]