I just recently switched my server from windows to Linux to provide the extra security. I am trying to install apache with mod_ssl but I am having some difficulties. Here is what I have done so far:
Install Redhat 9.0 with apache httpd
added LoadModule ssl_module modules/mod_ssl.so
added Listen 443
added the following:
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache none
SSLSessionCacheTimeout 300
SSLMutex file:/etc/httpd/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
<VirtualHost *:443>
ServerAdmin admin@mydomain.com
DocumentRoot /mnt/Web/
#DocumentRoot /var/ DirectoryIndex index.php
ServerName mydomain.com
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
SSLCACertificateFile /etc/httpd/conf/ssl.crt/ca.crt
SSLCipherSuite ALL:!ADH:!EXPORTS56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLOptions +StdEnvVars
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
</VirtualHost>
Next, I made the appropriate certificates like this:
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl genrsa -des3 -out ca.key 1024
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
./sign.sh server.csr
this produces the certs ca.crt, server.crt (signed by ca.crt) and the server.key file.
Next I copied these to to appropriate locations.
Apache starts just fine like this (no errors or warnings).
When I type in I get an error message in mozilla: The connection to 127.0.0.1 terminated unexpectedly. Some data may have been transferred.
When I use IE from a different machine, I simply get server not found error.
I thought perhaps it was the firewall, but it is not turned on (for root or the running user).
What am I doing wrong?
Install Redhat 9.0 with apache httpd
added LoadModule ssl_module modules/mod_ssl.so
added Listen 443
added the following:
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache none
SSLSessionCacheTimeout 300
SSLMutex file:/etc/httpd/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
<VirtualHost *:443>
ServerAdmin admin@mydomain.com
DocumentRoot /mnt/Web/
#DocumentRoot /var/ DirectoryIndex index.php
ServerName mydomain.com
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
SSLCACertificateFile /etc/httpd/conf/ssl.crt/ca.crt
SSLCipherSuite ALL:!ADH:!EXPORTS56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLOptions +StdEnvVars
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
</VirtualHost>
Next, I made the appropriate certificates like this:
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl genrsa -des3 -out ca.key 1024
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
./sign.sh server.csr
this produces the certs ca.crt, server.crt (signed by ca.crt) and the server.key file.
Next I copied these to to appropriate locations.
Apache starts just fine like this (no errors or warnings).
When I type in I get an error message in mozilla: The connection to 127.0.0.1 terminated unexpectedly. Some data may have been transferred.
When I use IE from a different machine, I simply get server not found error.
I thought perhaps it was the firewall, but it is not turned on (for root or the running user).
What am I doing wrong?