Apache - SSL

Karl-Heinz Schulz karlheinz at khschulz.com
Sun Jan 7 22:44:07 UTC 2007 

I'm trying to accomplish two thing:

-	Enable SSL
-	Re-route automatically from http to https when necessary.
The main problem is that my server doesn't recognize the SSL request.
What am I missing?

The output of my error.log shows nothing
--------------------------------------------------------------------
charlie at mail:/etc/apache2/sites-available$ sudo more
/var/log/apache2/error.log
[Sun Jan 07 17:18:36 2007] [notice] suEXEC mechanism enabled (wrapper:
/usr/lib/apache2/suexec2)
[Sun Jan 07 17:18:39 2007] [notice] Apache/2.0.55 (Ubuntu) PHP/5.1.6
mod_ssl/2.0.55 OpenSSL/0.9.8b configured -- resuming normal ope
rations
[Sun Jan 07 17:35:35 2007] [notice] caught SIGTERM, shutting down
[Sun Jan 07 17:35:36 2007] [notice] suEXEC mechanism enabled (wrapper:
/usr/lib/apache2/suexec2)
[Sun Jan 07 17:35:38 2007] [notice] Apache/2.0.55 (Ubuntu) PHP/5.1.6
mod_ssl/2.0.55 OpenSSL/0.9.8b configured -- resuming normal ope
Rations
--------------------------------------------------------------------

The ports are enabled
--------------------------------------------------------------------
Listen 80
Listen 443
--------------------------------------------------------------------

I created the certificate following the instructions at
http://www.tc.umn.edu/~brams006/selfsign_ubuntu.html

And I specified the server in the default file
--------------------------------------------------------------------

NameVirtualHost 207.59.215.24:80
NameVirtualHost *:443


<VirtualHost wienernaschmarkt:80>
	ServerAdmin webmaster at localhost

	DocumentRoot /var/www/
	<Directory />
		Options FollowSymLinks
		AllowOverride None
	</Directory>
	<Directory /var/www/>
		Options Indexes FollowSymLinks MultiViews
		AllowOverride None
		Order allow,deny
		allow from all
		# Uncomment this directive is you want to see apache2's
		# default start page (in /apache2-default) when you go to /
		#RedirectMatch ^/$ /apache2-default/
	</Directory>

	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
	<Directory "/usr/lib/cgi-bin">
		AllowOverride None
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		Order allow,deny
		Allow from all
	</Directory>

	ErrorLog /var/log/apache2/error.log

	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn

	CustomLog /var/log/apache2/access.log combined
	ServerSignature On

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

</VirtualHost>



Alias /squirrelmail /usr/share/squirrelmail

<Directory /usr/share/squirrelmail>
  php_flag register_globals off
  Options Indexes FollowSymLinks
  <IfModule mod_dir.c>
    DirectoryIndex index.php
  </IfModule>

  # access to configtest is limited by default to prevent information leak
  <Files configtest.php>
    order deny,allow
    deny from all
    allow from 127.0.0.1
  </Files>
</Directory>


<VirtualHost webmail.khschulz-lab.com:80>
DocumentRoot /usr/share/squirrelmail
ServerName webmail.khschulz-lab.com
</VirtualHost>


<VirtualHost webmail.khschulz-lab.com:443>
DocumentRoot /usr/share/squirrelmail
ServerName webmail.khschulz-lab.com

</VirtualHost>

# redirect to https when available (thanks omen at descolada.dartmouth.edu)
#
#  Note: There are multiple ways to do this, and which one is suitable for
#  your site's configuration depends. Consult the apache documentation if
#  you're unsure, as this example might not work everywhere.
#
<IfModule mod_rewrite.c>
  <IfModule mod_ssl.c>
    <Location /squirrelmail>
      RewriteEngine on
      RewriteCond %{HTTPS} !^on$ [NC]
      RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI}  [L]
    </Location>
  </IfModule>
</IfModule>

<Location ~ /webmail>
RewriteEngine   on
RewriteCond     %{HTTPS} !=on
RewriteRule     .* https://%{SERVER_NAME}/webmail/ [R,L]
</Location>
--------------------------------------------------------------------

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070107/c6776ed7/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3660 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070107/c6776ed7/attachment.bin>

More information about the ubuntu-users mailing list