netbsd-users: Re: apache and mod

Subject: Re: apache and mod_ssl
To: Erik Huizing <huizing@cpsc.ucalgary.ca>
From: Justin Heath <justin@bbnow.net>
List: netbsd-users
Date: 02/08/2001 21:11:17
On Wed, Feb 07, 2001 at 08:22:14PM -0700, Erik Huizing wrote:
> Date: Wed, 7 Feb 2001 20:22:14 -0700 (MST)
> From: Erik Huizing <huizing@cpsc.ucalgary.ca>
> X-Sender: huizing@cse
> To: Justin Heath <justin@bbnow.net>
> Subject: Re: apache and mod_ssl
> In-Reply-To: <20010207185014.A5988@bbnow.net>
> 
> Yes, I made the changes to the numbers, and everything's working fine.
> Thanks for the help. I just need to tweak apache a bit so that it doesn't
> use a really wierd port. Do I need to have a virtual host running for SSL
> to work properly? Ideally, I'd like to have the server to serve out pages
> normally on port 80 and use SSL for https (443, right?). Will uncommenting
> the <IfDefine SSL> </Ifdefine> around the default virtual host do the
> trick?
> 
> Thanks agian.
> 
> The first rule of Fight Club is You Do Not Talk About Fight Club.
> 
> // Erik Huizing   huizing@cpsc.ucalgary.ca
> // www.cpsc.ucalgary.ca/~huizing
> 
> On Wed, 7 Feb 2001, Justin Heath wrote:
> 
> > On Sun, Feb 04, 2001 at 07:46:26PM -0700, Erik Huizing wrote:
> > > Date: Sun, 4 Feb 2001 19:46:26 -0700 (MST)
> > > From: Erik Huizing <huizing@cpsc.ucalgary.ca>
> > > X-Sender: huizing@cse
> > > To: netbsd-users@netbsd.org
> > > Subject: apache and mod_ssl
> > > Precedence: list
> > > Delivered-To: netbsd-users@netbsd.org
> > > 
> > > I'm having trouble getting apache running with the ap-ssl module. 
> > > I suppose first I should ask do I need to reconfigure/recompile apache, or
> > > is adding the ap-ssl package good enough? httpd -l doesn't list mod_ssl 
> > > 
> > > I've got these packages installed on a 1.5 system:
> > > apache-1.3.14.1     The Apache web server (http://www.apache.org/)
> > > ap-ssl-2.7.1        Secure Sockets Layer module for Apache
> > > 
> > > Next, when I issue the command apachectl startssl, I get this error:
> > > 
> > > Syntax error on line 212 of /usr/pkg/etc/httpd/httpd.conf:
> > > Cannot load !libcrypto.so.1 into server:Shared object "libcrypto.so.1" not found 
> > > /usr/pkg/sbin/apachectl startssl: httpd could not be started
> > > 
> > > I've tried copying and linking /usr/lib/libcrypto.so to
> > > various places, including /usr/pkg/lib/httpd/libcrypto.so{,.0,.1,.2}
> > > but to no avail. 
> > > 
> > > my httpd.conf has this in it (no changes from the default installation):
> > > 
> > > <IfDefine SSL>
> > > ### Uncomment the following if you wish to use SSL and you need RSAREF:
> > > ###
> > > #LoadFile !librsaref.so.2
> > > LoadFile !libcrypto.so.1
> > > LoadFile !libssl.so.1
> > > LoadModule ssl_module lib/httpd/mod_ssl.so
> > > AddModule mod_ssl.c
> > > </IfDefine>
> > > 
> > > Thanks in advance. 
> > > 
> > > The first rule of Fight Club is You Do Not Talk About Fight Club.
> > > 
> > > // Erik Huizing   huizing@cpsc.ucalgary.ca
> > > // www.cpsc.ucalgary.ca/~huizing
> > > 
> > Did you generate a certificate? I made and installed apache and ap-ssl fine. After generating a bogus certificate I started it usring apachectl startssl with no errors and https seems to be working fine for me.
> > 
> > --Justin Heath
> > 
>
You should just be able to point netscape to http://your.server.ip.address:443 and it should prompt you to accept your bogus cert and all will be good.

--Justin Heath