Forum Moderators: phranque
I have
<IfModule mod_ssl.c>
Include conf/ssl.conf
</IfModule>
in my httpd.conf file.
In my ssl.conf file, I replaced the existing
SSLCertificateKeyFile conf/ssl.key/server.key with
SSLCertificateKeyFile c:/Apache Group/Apache2/bin/mydomain.key
and replaced the existing
SSLCertificateFile conf/ssl.crt/server.crt with
SSLCertificateFile c:/Apache Group/Apache2/bin/mydomain.crt
I then restarted Apache.
I then tried [mydomain.com...] in my browser, it says it cannot find my website.
Have I done something wrong to setup https/ssl for my Apache? How do I test whether my https/ssl setup is working? I see " IfModule mod_ssl.c" in the ssl.conf directive. Seems like mod_ssl.so is needed. Do I need to take the # sign away in the line
#LoadModule ssl_module modules/mod_ssl.so
in my httpd.conf file?
Do I need to take the # sign away in the line
#LoadModule ssl_module modules/mod_ssl.so
Yes. You also need to add a virtual host in your httpd.conf file for port 443. Something like:
NameVirtualHost *:443
<VirtualHost _default_:443>
SSLEngine On
SSLCertificateFile c:/Apache Group/Apache2/bin/mydomain.crt
SSLCertificateKeyFile c:/Apache Group/Apache2/bin/mydomain.key
DocumentRoot "path to document root"
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Satisfy all
</Directory>
</VirtualHost>
[edited by: Key_Master at 4:45 am (utc) on July 16, 2008]
Listen 443
in your httpd.conf file (after the Listen 80 directive).
Looks like my ssl.conf is not called up by the httpd.conf. I used canyouseeme.org to test the port. When I have 'listen 443' in httpd.conf file, the port check is O.K.. But when I removed 'listen 443' from httpd.conf and keep the 'listen 443' in ssl.conf file, the port check by canyouseeme.org failed.
These following lines come with the installation of Apache2.0.63, they are in ssl.conf file, from **** to *****
*****
Listen 443
<VirtualHost _default_:443>
DocumentRoot "C:/Apache Group/Apache2/htdocs"
ServerName localhost:443
ServerAdmin myemailaddress@gmail.com
ErrorLog logs/error_log
TransferLog logs/access_log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile c:/Apache Group/Apache2/bin/mydomain.crt
#####SSLCertificateFile conf/ssl.crt/server.crt>>>came with installation
SSLCertificateKeyFile c:/Apache Group/Apache2/bin/mydomain.key
#####SSLCertificateKeyFile conf/ssl.key/server.key>>>came with installation
+StrictRequire
<FilesMatch "\.(cgi¦shtml¦phtml¦php3?)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "C:/Apache Group/Apache2/cgi">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
*****
I added NameVirtualHost *:443 before 'listen 443' in the above lines. Since it did not come with installation.
The following is not within <VirtualHost...> in ssl.conf, but by itself in httpd.conf file.
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Satisfy all
</Directory>
So I keep the 'Listen 443' in httpd.conf to pass the canyouseeme.org check. I added https:// in one of my href line in html. Everytime I click this href from browser, it cannot find its way. I am not sure this is the way to test https, can you tell be better way to test https working or not. Once I know this test. I can try and error with more combination.
Thanks!
