SSLCertificateFile

Subject: SSLCertificateFile
bthundereagle@aidea.org
Date: Thu Sep 26 2002 - 23:52:08 AKDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: James Gribbin: "Re: Video editing in linux"
• Previous message: Jon Reynolds: "Video editing in linux"

Okay, I restored a backup of the httpd.conf file. And now I am no longer
getting the previously stated errors. Now I get this:

[error] mod_ssl: Init: Server swjedi.net:80 should be SSL-aware but has no
certificate configured. [Hint: SSLCertificateFile]

I have generated certificates and put them into the file. Am I missing
something?

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

<IfDefine HAVE_SSL>
##
## SSL Virtual Host Context
##

# Apache will only listen on port 80 by default. Defining the virtual server
# (below) won't make it automatically listen on the virtual server's port.
Listen 443

<VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot "/var/www/html"

# SSL Engine Switch:
SSLEngine off

# SSL Cipher Suite:
#SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

# Server Certificate:
#SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
#SSLCertificateFile /etc/httpd/conf/ssl.crt/server-dsa.crt
SSLCertificateFile /root/mystuff/ssl/swjedi_net.cert

# Server Private Key:
#SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
#SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server-dsa.key
SSLCertificateFile /root/mystuff/ssl/private/swjedi_net.key

# Server Certificate Chain:
#SSLCertificateChainFile /etc/httpd/conf/ssl.crt/ca.crt

# Certificate Authority (CA):
#SSLCACertificatePath /etc/httpd/conf/ssl.crt
#SSLCACertificateFile /etc/httpd/conf/ssl.crt/ca-bundle.crt

# Certificate Revocation Lists (CRL):
#SSLCARevocationPath /etc/httpd/conf/ssl.crl
#SSLCARevocationFile /etc/httpd/conf/ssl.crl/ca-bundle.crl

# Client Authentication (Type):
#SSLVerifyClient require
#SSLVerifyDepth 10

#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
<Files ~ "\.(cgi|shtml)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /var/log/httpd/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
</IfDefine>

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

     Brian ThunderEagle
     - bthundereagle@aidea.org
     - furbs@swjedi.net
     - http://www.swjedi.net

-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: James Gribbin: "Re: Video editing in linux"
• Previous message: Jon Reynolds: "Video editing in linux"

This archive was generated by hypermail 2a23 : Thu Sep 26 2002 - 23:52:55 AKDT