Re: ModSSL - Knoppix 3.3

From: security (security_at_quirk.co.za)
Date: 03/17/04

Next message: davec: "Rewrite Rules, SSL, and .htaccess"

Previous message: Bernard, Cyrille: "RE: ModSSL - Knoppix 3.3"
In reply to: Bernard, Cyrille: "Re: ModSSL - Knoppix 3.3"
Next in thread: Peter H. Lemieux: "Re: ModSSL - Knoppix 3.3"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: focus-linux@securityfocus.com
Date: Wed, 17 Mar 2004 06:27:14 +0200

hello i had same problem, i had to do add :80 to all <VitualHost> and
add :443 to the site that require https ... i am using apache2, hope it
will help you, i had also problem with, i had to generate the certs
first ...
all the best
<IfModule mod_ssl.c>
<VirtualHost *:443>
    DocumentRoot
    ServerName
    ServerAlias
    ServerAdmin
    ErrorLog
    CustomLog

    <IfModule mod_log_config.c>
        TransferLog
    </IfModule>

    SSLEngine on
    SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile conf/ssl.crt/
    SSLCertificateKeyFile conf/ssl.key/

    <Files ~ "\.(cgi|shtml|phtml|php?)$">
        SSLOptions +StdEnvVars
    </Files>

    <IfModule mod_setenvif.c>
        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
\
        downgrade-1.0 force-response-1.0
    </IfModule>

    <IfModule mod_log_config.c>
        CustomLog logs/ssl_request_log \
        "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
    </IfModule>
</VirtualHost>
</IfModule>

On Tue, 2004-03-16 at 18:21, Bernard, Cyrille wrote:
> Hi again. I forgot to cc answers.
>
> ssl_request doesn't say anything when i request https://apacheserver
> but it says "[16/Mar/2004:16:51:25 +0100] 192.168.1.2 - - "GET /mod_ssl:error:HTTP-request HTTP/1.0" 511
> when i request via http://apacheserver:443
>
> the same way, nothing in error.log when request https://apacheserver
> but
> [Tue Mar 16 16:53:15 2004] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
> [Tue Mar 16 16:53:15 2004] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
> via http://apacheserver:443
>
> cdt,
> CB

www.quirk.co.za
One-2-One

Next message: davec: "Rewrite Rules, SSL, and .htaccess"

Previous message: Bernard, Cyrille: "RE: ModSSL - Knoppix 3.3"
In reply to: Bernard, Cyrille: "Re: ModSSL - Knoppix 3.3"
Next in thread: Peter H. Lemieux: "Re: ModSSL - Knoppix 3.3"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]