netbsd-users: Re: apache and mod

Subject: Re: apache and mod_ssl
To: Kevin P. Neal <kpneal@pobox.com>
From: Erik Huizing <huizing@cpsc.ucalgary.ca>
List: netbsd-users
Date: 02/09/2001 10:01:40
My httpd.conf file has this junk in it (pretty much at the end), which is
probably the source of my woes. 

<IfDefine SSL>
Listen 8080
Listen 8443
</IfDefine>

...

<IfDefine SSL>

##
# SSL Virtual Host Context
##

<VirtualHost _default_:8443>

#  General setup for the virtual host
DocumentRoot "/usr/pkg/share/httpd/htdocs"
ServerName colwyn.zhadum.de
ServerAdmin tron@colwyn.zhadum.de
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log

#   SSL Engine Switch:
#   Enable/Disable SSL for this virtual host.
SSLEngine on
...<snip>
</VirtualHost>

</IfDefine>

I port scanned my machine and these came up when I'm running ssl:
8080/tcp   open        http-proxy
8443/tcp   open        unknown

If I just change the 8080 and 8443 to their 'proper' values in the
<IfDefine> above, should eveything be hunky dory?

The first rule of Fight Club is You Do Not Talk About Fight Club.

// Erik Huizing   huizing@cpsc.ucalgary.ca
// www.cpsc.ucalgary.ca/~huizing

On Fri, 9 Feb 2001, Kevin P. Neal wrote:

> On Thu, Feb 08, 2001 at 09:11:17PM +0000, Justin Heath wrote:
> > On Wed, Feb 07, 2001 at 08:22:14PM -0700, Erik Huizing wrote:
> > > Thanks for the help. I just need to tweak apache a bit so that it doesn't
> > > use a really wierd port. Do I need to have a virtual host running for SSL
> > > to work properly? Ideally, I'd like to have the server to serve out pages
> > > normally on port 80 and use SSL for https (443, right?). Will uncommenting
> > > the <IfDefine SSL> </Ifdefine> around the default virtual host do the
> > > trick?
> 
> You mean it doesn't work like that anyway? IE, http://your.server/ goes
> to port 80 and https://your.server/ goes to port 443 (the SSL port)?
> 
> Doesn't it take some work to get Apache to not behave the standard way?
> What do your Listen and Bind (Bind?) directives look like?
> 
> As for virtual hosts, you can use them with SSL but do not have to. The
> <IfDefine SSL> goop simply allows you to use the same config files with
> a non-SSL Apache and an SSL Apache.
> -- 
> Kevin P. Neal                                http://www.pobox.com/~kpn/
>            On the community of supercomputer fans:
> "But what we lack in size we make up for in eccentricity." 
>   from Steve Gombosi, comp.sys.super, 31 Jul 2000 11:22:43 -0600
>