Re: Apache+SSL / Lagged or incorrect DNS


Subject: Re: Apache+SSL / Lagged or incorrect DNS
From: Arthur Corliss (arthur@corlissfamily.org)
Date: Fri Sep 27 2002 - 06:40:10 AKDT


On Thu, 26 Sep 2002 bthundereagle@aidea.org wrote:

>
> I have 2 problems I am desperatly trying to solve. First, my computer is not
> resolving any external addreses, and when it does it goes very very slow. This
> I may be able ot figure out...but then there is the Apache SSL problem. I added
> a line to the httpd.conf file to require SSL, then it wouldn't work because I
> needed a certificate. So I disabled SSL requirment. Now, whenever I try to
> start Apache I get this error:
>
> Failed to start apache :
> Starting httpd: Syntax error on line 530 of /etc/httpd/conf/httpd.conf:
> Invalid command 'SSLEngine', perhaps mis-spelled or defined by a module not
> included in the server configuration
> [FAILED]
>
> I checked the file and it looks correct...it's as if something is corrupt. The
> mod_ssl module is loaded for apache. I know it works because I was able ot
> connect using https once with the default certificates.

On the first problem: if your box is behind a box doing NAT, check to make
sure you're allowing both UDP & TCP for named ports.

On the second problem: if Apache doesn't recognise the directive, odds are
you're not loading the mod_ssl module like you think you are. Comment out the
Load/AddModule for the unused modules (why waste the memory?) and encapsulate
any module-specific directives in conditional blocks like:

<IfModule mod_ssl.c>
  SSLPassPhraseDialog builtin
  SSLSessionCache dbm:/home/apache/logs/ssl_scache
  SSLSessionCacheTimeout 300
  SSLMutex file:/home/apache/logs/ssl_mutex
  SSLRandomSeed startup builtin
  SSLRandomSeed connect builtin
  SSLLog /home/apache/logs/ssl_engine_log
  SSLLogLevel info
</IfModule>

        --Arthur Corliss
          Bolverk's Lair -- http://arthur.corlissfamily.org/
          Digital Mages -- http://www.digitalmages.com/
          "Live Free or Die, the Only Way to Live" -- NH State Motto

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.



This archive was generated by hypermail 2a23 : Fri Sep 27 2002 - 07:21:34 AKDT