Hallo, also ich hab mir ein zertifikat etc. erstellt aber das https://domain.xy funz einfach net.
Ich habe auch Webmin drauf wo SSL funkt.
Nur die normale page funz nicht (http port 80 https 443) mit ssl (webmin hat port 10000)
Die config müßte eigentlich ja net so falsch sein da ja webmin auch mit ssl funz.
Server Daten>
Suse 9.1
apache2 2.0.49-27.24.3
mod_ssl 2.8.22-0.1
openssl 0.9.7d-15
mit confixx 3.0.8
zertifikate hab ich schon eingefügt und signiert und apache startet auch ohne probleme. Nur warum geht die https seite nicht?
Die Url> http://www.webserver4user.de funz problemlos
HTTPS net> https://www.webserver4user.de
THX
:roll: :roll: :roll:
ssl funz nur halb
Re: ssl funz nur halb
Config vom betreffendem vhost? logs
Gruß Christian
BofH excuses: YOU HAVE AN I/O ERROR -> Incompetent Operator error
BofH excuses: YOU HAVE AN I/O ERROR -> Incompetent Operator error
Re: ssl funz nur halb
Also hier die configs datein>
==#
# /etc/apache2/httpd.conf
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs-2.0/> for detailed information about
# the directives.
# Based upon the default apache configuration file that ships with apache,
# which is based upon the NCSA server configuration files originally by Rob
# McCool. This file was knocked together by Peter Poeml <poeml+apache@suse.de>.
# If possible, avoid changes to this file. It does mainly contain Include
# statements and global settings that can/should be overridden in the
# configuration of your virtual hosts.
# Overview of include files, chronologically:
#
# httpd.conf
# |
# |-- uid.conf . . . . . . . . . . . . . . UserID/GroupID to run under
# |-- server-tuning.conf . . . . . . . . . sizing of the server (how many processes to start, ...)
# |-- sysconfig.d/loadmodule.conf . . . . . [*] load these modules
# |-- listen.conf . . . . . . . . . . . . . IP adresses / ports to listen on
# |-- mod_log_config.conf . . . . . . . . . define logging formats
# |-- sysconfig.d/global.conf . . . . . . . [*] server-wide general settings
# |-- mod_status.conf . . . . . . . . . . . restrict access to mod_status (server monitoring)
# |-- mod_info.conf . . . . . . . . . . . . restrict access to mod_info
# |-- mod_usertrack.conf . . . . . . . . . defaults for cookie-based user tracking
# |-- mod_autoindex-defaults.conf . . . . . defaults for displaying of server-generated directory listings
# |-- mod_mime-defaults.conf . . . . . . . defaults for mod_mime configuration
# |-- errors.conf . . . . . . . . . . . . . customize error responses
# |-- ssl-global.conf . . . . . . . . . . . SSL conf that applies to default server _and all_ virtual hosts
# |
# |-- default-server.conf . . . . . . . . . set up the default server that replies to non-virtual-host requests
# | |--mod_userdir.conf . . . . . . . . enable UserDir (if mod_userdir is loaded)
# | `--conf.d/apache2-manual?conf . . . add the docs ('?' = if installed)
# |
# |-- sysconfig.d/include.conf . . . . . . [*] your include files
# | (for each file to be included here, put its name
# | into APACHE_INCLUDE_* in /etc/sysconfig/apache2)
# |
# `-- vhosts.d/ . . . . . . . . . . . . . . for each virtual host, place one file here
# `-- *.conf . . . . . . . . . . . . . (*.conf is automatically included)
#
#
# Files marked [*] are created from sysconfig upon server restart: instead of
# these files, you edit /etc/sysconfig/apache2
# Filesystem layout:
#
# /etc/apache2/
# |-- conf.d/
# | |-- apache2-manual.conf . . . . . . . conf that comes with apache2-doc
# | |-- mod_php4.conf . . . . . . . . . . (example) conf that comes with apache2-mod_php4
# | `-- ... . . . . . . . . . . . . . . . other configuration added by packages
# |-- default-server.conf
# |-- errors.conf
# |-- httpd.conf . . . . . . . . . . . . . top level configuration file
# |-- listen.conf
# |-- magic
# |-- mime.types -> ../mime.types
# |-- mod_autoindex-defaults.conf
# |-- mod_info.conf
# |-- mod_log_config.conf
# |-- mod_mime-defaults.conf
# |-- mod_perl-startup.pl
# |-- mod_status.conf
# |-- mod_userdir.conf
# |-- mod_usertrack.conf
# |-- server-tuning.conf
# |-- ssl-global.conf
# |-- ssl.crl/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificate Revocation Lists (CRL)
# |-- ssl.crt/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificates
# |-- ssl.csr/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificate Signing Requests
# |-- ssl.key/ . . . . . . . . . . . . . . PEM-encoded RSA Private Keys
# |-- ssl.prm/ . . . . . . . . . . . . . . public DSA Parameter Files
# |-- sysconfig.d/ . . . . . . . . . . . . files that are created from /etc/sysconfig/apache2
# | |-- global.conf
# | |-- include.conf
# | `-- loadmodule.conf
# |-- uid.conf
# `-- vhosts.d/ . . . . . . . . . . . . . . put your virtual host configuration (*.conf) here
# |-- vhost-ssl.template
# `-- vhost.template
### Global Environment ######################################################
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests.
# run under this user/group id
Include /etc/apache2/uid.conf
# - how many server processes to start (server pool regulation)
# - usage of KeepAlive
Include /etc/apache2/server-tuning.conf
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog /var/log/apache2/error_log
# generated from APACHE_MODULES in /etc/sysconfig/apache2
Include /etc/apache2/sysconfig.d/loadmodule.conf
# IP addresses / ports to listen on
Include /etc/apache2/listen.conf
# predefined logging formats
Include /etc/apache2/mod_log_config.conf
# generated from global settings in /etc/sysconfig/apache2
Include /etc/apache2/sysconfig.d/global.conf
# optional mod_status, mod_info
Include /etc/apache2/mod_status.conf
Include /etc/apache2/mod_info.conf
# optional cookie-based user tracking
# read the documentation before using it!!
Include /etc/apache2/mod_usertrack.conf
# configuration of server-generated directory listings
Include /etc/apache2/mod_autoindex-defaults.conf
# associate MIME types with filename extensions
TypesConfig /etc/apache2/mime.types
DefaultType text/plain
Include /etc/apache2/mod_mime-defaults.conf
# set up (customizable) error responses
Include /etc/apache2/errors.conf
# global (server-wide) SSL configuration, that is not specific to
# any virtual host
Include /etc/apache2/ssl-global.conf
# forbid access to the entire filesystem by default
<Directory />
Options None
AllowOverride None
Order deny,allow
Deny from all
</Directory>
# use .htaccess files for overriding,
AccessFileName .htaccess
# and never show them
<Files ~ "^.ht">
Order allow,deny
Deny from all
</Files>
# List of resources to look for when the client requests a directory
DirectoryIndex index.html index.html.var
### 'Main' server configuration #############################################
#
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
#
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
#
Include /etc/apache2/default-server.conf
# Another way to include your own files
#
# The file below is generated from /etc/sysconfig/apache2,
# include arbitrary files as named in APACHE_CONF_INCLUDE_FILES and
# APACHE_CONF_INCLUDE_DIRS
Include /etc/apache2/sysconfig.d/include.conf
### Virtual server configuration ############################################
#
# VirtualHost: If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs-2.0/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.
#
Include /etc/apache2/vhosts.d/*.conf
# Note: instead of adding your own configuration here, consider
# adding it in your own file (/etc/apache2/httpd.conf.local)
# putting its name into APACHE_CONF_INCLUDE_FILES in
# /etc/sysconfig/apache2 -- this will make system updates
# easier :)
#Listen 80
#Listen 443
#LoadModule ssl_module /usr/lib/apache2-prefix/mod_ssl.so
#SSLMutex sem
#SSLRandomSeed startup builtin
#SSLSessionCache none
#SSLLog los/SSL.log
#SSLLogLevel warn
#<VirtualHost 192.168.0.1:443>
#ServerName localhost
#DocumentRoot /usr/local/ssl
#SSLEngine On
#SSLCertificateFile /etc/httpd/ssl.crt/server.crt
#SSLCertificateKeyFile /etc/httpd/ssl.key/server.key
#</VirtualHost>
#NameVirtualHost 88.133.81.53:443
#<VirtualHost 88.133.81.53:443>
# ServerName webserver4user.de
#User confixx
#Group users
# DocumentRoot /home/www/confixx/html
#DocumentRoot /srv/www/htdocs/confixx/html
# php_admin_value safe_mode_exec_dir /home/www/confixx/bin
# php_admin_value upload_tmp_dir /home/www/confixx/tmp
#ScriptAlias /cgi-bin/ /home/www/confixx/html/cgi-bin/
#Alias /hosting/ /home/www/confixx/html/
#</VirtualHost>
## CONFIXX
Include /etc/apache2/confixx_mhost.conf
# Dieser Eintrag sollte unbedingt am Ende der Datei bleiben
## /CONFIXX
################### CONFIXX APACHE MAIN CONFIG FILE ######################
# created at Tue Apr 12 12:59:53 2005
#
# !!! Do not make any changes in this file !!!
#
# 1. We cannot guarantee that the software will work properly, if
# the contents of this file are modified.
# 2. This file would be rewritten after each Confixx software update and
# in some other cases. Thus all your changes would be lost unless you made
# a backup of the file.
#
# If you need to modify this file, you can insert some custom "Include"
# directives. E.g.
# Include /path/to/your/file
# Includes inserted directly after <VirtualHost> tag would keep their
# location inchanged after the file is updated. Other includes would
# be moved to be inserted before the </VirtualHost> tag.
##########################################################################
php_admin_value open_basedir /srv/www/htdocs
php_admin_value include_path .
<Directory "/srv/www/htdocs/confixx/html">
AllowOverride all
<IfModule mod_access.c>
Allow from all
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
Options +FollowSymlinks
RewriteRule ^reseller/res[0-9]+/(.*)$ reseller/$1 [L]
RewriteRule ^user/[a-zA-Z][-a-zA-Z0-9_]{0,4}[0-9]+/(.*)$ user/$1 [L]
RewriteRule ^ftplogin/[a-zA-Z][-a-zA-Z0-9_]{0,4}[0-9]+/(.*)$ ftplogin/$1 [L]
RewriteRule ^ftplogin/[a-zA-Z][-a-zA-Z0-9_]{0,4}[0-9]+f[0-9]+/(.*)$ ftplogin/$1 [L]
RewriteRule ^poplogin/[a-zA-Z][-a-zA-Z0-9_]{0,4}[0-9]+p[0-9]+/(.*)$ poplogin/$1 [L]
</IfModule>
AddDefaultCharset off
</Directory>
NameVirtualHost 83.133.81.53:80
<VirtualHost 83.133.81.53:80>
ServerName webserver4user.de
#User confixx
#Group confixx
DocumentRoot /srv/www/htdocs/confixx/html
Options FollowSymLinks
php_admin_flag safe_mode Off
php_admin_flag file_uploads On
php_admin_flag track_vars On
php_admin_flag magic_quotes_runtime Off
php_admin_flag magic_quotes_gpc Off
php_admin_value upload_tmp_dir /srv/www/htdocs/confixx/tmp
php_admin_value include_path ".:/srv/www/htdocs/confixx/html/include:/srv/www/htdocs/confixx/html"
php_admin_value default_charset none
php_admin_value open_basedir /srv/www/htdocs/confixx
php_admin_value session.cookie_path /
php_admin_value session.auto_start 0
php_admin_value session.gc_maxlifetime 1800
php_admin_value session.use_cookies 1
php_admin_value session.cookie_lifetime 0
php_admin_value session.cookie_secure Off
php_admin_value session.use_trans_sid 0
ScriptAlias /cgi-bin/ /srv/www/htdocs/confixx/html/cgi-bin/
<IfModule mod_dir.c>
DirectoryIndex index.html index.htm index.shtml index.cgi index.php
</IfModule>
CustomLog /var/log/apache2/webserver4user.de_access.log "%h %l %u %t "%r" %s %b "%{Referer}i" "%{User-agent}i""
ErrorLog /var/log/apache2/webserver4user.de_error.log
</VirtualHost>
NameVirtualHost 83.133.81.53:443
<VirtualHost 83.133.81.53:443>
ServerName webserver4user.de
#User confixx
#Group confixx
DocumentRoot /srv/www/htdocs/confixx/html
Options FollowSymLinks
php_admin_flag safe_mode Off
php_admin_flag file_uploads On
php_admin_flag track_vars On
php_admin_flag magic_quotes_runtime Off
php_admin_flag magic_quotes_gpc Off
php_admin_value upload_tmp_dir /srv/www/htdocs/confixx/tmp
php_admin_value include_path ".:/srv/www/htdocs/confixx/html/include:/srv/www/htdocs/confixx/html"
php_admin_value default_charset none
php_admin_value open_basedir /srv/www/htdocs/confixx
php_admin_value session.cookie_path /
php_admin_value session.auto_start 0
php_admin_value session.gc_maxlifetime 1800
php_admin_value session.use_cookies 1
php_admin_value session.cookie_lifetime 0
php_admin_value session.cookie_secure Off
php_admin_value session.use_trans_sid 0
ScriptAlias /cgi-bin/ /srv/www/htdocs/confixx/html/cgi-bin/
<IfModule mod_dir.c>
DirectoryIndex index.html index.htm index.shtml index.cgi index.php
</IfModule>
<IfModule mod_ssl.c>
SSLEngine on
SetEnvIf User-Agent ".*MSIE.*"
nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
<Files ~ ".(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/srv/www/htdocs/confixx/html/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
</IfModule>
CustomLog /var/log/apache2/webserver4user.de_access.ssl.log "%h %l %u %t "%r" %s %b "%{Referer}i" "%{User-agent}i""
ErrorLog /var/log/apache2/webserver4user.de_error.ssl.log
#SSLCertificateFile /etc/apache2/ssl.csr/webserver4user.de.scr
SSLCertificateFile /home/ssl/server.cert.cert
SSLCertificateKeyFile /home/ssl/server.cert.key
SSLVerifyClient require
##SSLCertificateFile /home/ssl/cert.csr
##SSLCertificateKeyFile /home/ssl/privkey.pem
</VirtualHost>
Include /etc/apache2/confixx_vhost.conf
# ^- Dieser Eintrag sollte unbedingt am Ende der Datei bleiben
## /CONFIXX
Re: ssl funz nur halb
Port 443 freigeschaltet?
Listen Direktive für den Port?
was sagt "netstat -antp"
Listen Direktive für den Port?
was sagt "netstat -antp"
Re: ssl funz nur halb
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program namegeo wrote:
was sagt "netstat -antp"
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 5507/xinetd
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 5507/xinetd
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 5574/mysqld
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 5507/xinetd
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 5507/xinetd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 5286/portmap
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 14693/perl
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 12174/master
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 5507/xinetd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 12174/master
tcp 0 0 :::80 :::* LISTEN 1966/httpd2-prefork
tcp 0 0 :::465 :::* LISTEN 12174/master
tcp 0 0 :::22 :::* LISTEN 5521/sshd
tcp 0 0 :::25 :::* LISTEN 12174/master
tcp 0 1272 83.133.81.53:22 84.150.22.222:35761 ESTABLISHED 2537/0
Re: ssl funz nur halb
Da lauscht keiner auf Port 443.
Schonmal "Listen 443" eingebaut?
Schonmal "Listen 443" eingebaut?
Re: ssl funz nur halb
stimmt, danke!
Re: ssl funz nur halb
ich habe folgendes problem:
listen 443 steht, allerdings funktioniert https://www.domain.tld nicht, sondern nur http://www.domain.tld:443
über google finde ich überall nur, dass https automatisch auf port 443 geleitet wird, aber nirgends finde ich eine anleitung, wie https verstanden wird. was muss ich aktivieren? :?:
listen 443 steht, allerdings funktioniert https://www.domain.tld nicht, sondern nur http://www.domain.tld:443
über google finde ich überall nur, dass https automatisch auf port 443 geleitet wird, aber nirgends finde ich eine anleitung, wie https verstanden wird. was muss ich aktivieren? :?: