IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New apache2 SSL question
I've done a bit of apt-get-ing and installed apache2, ie:


apt-get install apache2 apache2-common apache2-doc apache2-mpm-prefork apache2-utils libapr0 libexpat1 ssl-cert


I've added: "LISTEN 443" to /etc/apache2/ports.conf.

I've: "a2enmod ssl"

I've restarted.

The web server works, ie: I can get to stuff using regular http.

But when I do https, I get:

The connection to server.com has terminated unexpectedly. Some data may have been transferred.


and then nothing.

The log file shows:
192.168.2.222 - - [27/Nov/2005:17:10:15 -0500] "\\x80g\\x01\\x03" 501 1019 "-" "-"

Huh?


I haven't done anything in any of the conf files. Do I need to?


root@mail5:/etc/apache2# /usr/sbin/apache2 -V
Server version: Apache/2.0.54
Server built: Oct 4 2005 07:50:10
Server's Module Magic Number: 20020903:9
Architecture: 32-bit
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D HTTPD_ROOT=""
-D SUEXEC_BIN="/usr/lib/apache2/suexec2"
-D DEFAULT_PIDLOG="/var/run/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="/var/run/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types"
-D SERVER_CONFIG_FILE="/etc/apache2/apache2.conf"
New A bit of progress
I need "SSLEngine on" in the apache2.conf file.
I also need to generate a certificate, but I'm not quite sure of the correct command for that.
New A bit more
Generate cert/key pair:
openssl req -new -x509 -keyout cakey.pem -out cacert.pem -days 3650

Decrypt key:
openssl rsa -in cakey.pem -out server.key

Place decrypted key in cert file.

And then watch it fail startup with the strangest message:
[Sun Nov 27 17:57:00 2005] [error] Illegal attempt to re-initialise SSL for server (theoretically shouldn't happen!)


Grrrrrr.
New Success
Following these steps for key-generation:
[link|http://www.crazysquirrel.com/computing/debian/apache-mod_ssl.jspx|http://www.crazysqui...ache-mod_ssl.jspx] gave me the same intnerl error, but then they gave me the critical bit of info: MUST USE VIRTUAL SERVERS.
     apache2 SSL question - (broomberg) - (3)
         A bit of progress - (broomberg) - (2)
             A bit more - (broomberg) - (1)
                 Success - (broomberg)

I swear, if I had the Holy Hand Grenade that hamster would be a blood pie.
68 ms