SSL geht nicht

[squad-aka-l]

hi Jungs,

also ich hab ein Problem. Ich hab frisch SuSE 9.1 installiert mit den notwendigsten Paketen.

Dann über Yast apache2 mit prefork modul.

Dann hab ich mit openssl ein zertifikat erstellt und wenn ich nun den apache starte rcapache startssl und ich die webseiten aufrufe funzt der apache2 ganz normal nur https nicht. Also SSL. WIe bekomm ich SSL am laufen ? Der Port ist auch nicht gesperrt denn ich hab keine Firewall.

Was nun ?

thx
suqad-aka-l

[chris76]

Ohne weitere Infos ist nicht zu helfen.

[squad-aka-l]

naja was soll ich sonst noch posten ? die configs sind normal so wie sie nach ner installation sind. errors and warnings hab ich keine gefunden in den logs.

[Joe User]

/etc/sysconfig/apache2

[squad-aka-l]

@Joe User
was meinst du damit ?

hier ich hab nochmal geguckt und alle sneugemacht jetzt kommen folgende Fehler im error_log:

Code: Select all

[Sun Jul 18 20:26:05 2004] [warn] Init: Session Cache is not configured [hint: SSLSessionCache]
[Sun Jul 18 20:26:05 2004] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec2)
[Sun Jul 18 20:26:05 2004] [notice] Apache/2.0.49 (Linux/SuSE) configured -- resuming normal operations
[Sun Jul 18 20:31:47 2004] [notice] caught SIGTERM, shutting down
[Sun Jul 18 20:31:48 2004] [warn] Init: Session Cache is not configured [hint: SSLSessionCache]
[Sun Jul 18 20:31:48 2004] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec2)
[Sun Jul 18 20:31:49 2004] [notice] Apache/2.0.49 (Linux/SuSE) configured -- resuming normal operations
[Sun Jul 18 20:31:55 2004] [notice] caught SIGTERM, shutting down
[Sun Jul 18 20:32:00 2004] [warn] Init: Session Cache is not configured [hint: SSLSessionCache]
[Sun Jul 18 20:32:00 2004] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec2)
[Sun Jul 18 20:32:01 2004] [notice] Apache/2.0.49 (Linux/SuSE) configured -- resuming normal operations
[Sun Jul 18 20:33:44 2004] [notice] caught SIGTERM, shutting down

was bedeutet das ?

[chris76]

JoeUser meinte das du uns die Config zeigen sollst.

Wie oft soll man dich noch darum bitten?

[squad-aka-l]

ok tschuldigung, also die apache2 datei sieht so aus:

Code: Select all

## Path:	Network/WWW/Apache2
## Description:	Configuration for Apache 2

## Type:	string
## Default:	""
## ServiceRestart: apache2
#
# Which config file do you want to use?
# (if not set, /etc/apache2/httpd.conf is used.)
#
APACHE_HTTPD_CONF=""

## Type:	list(prefork,worker,leader,metuxmpm)
## Default:	""
## Command:	/usr/sbin/apache2-reconfigure-mpm
#
# MPM (multi-processing module) to use.
#
# Needed to determine with which MPM apache will run, as well as
# against which header files modules will be built. 
#
# If not set, the system will simply pick one of the installed MPMs.
#
APACHE_MPM=""

## Type:	string
## Default:	""
## ServiceReload: apache2
#
# email address of the server administrator (ServerAdmin directive)
# This address is added to the server's responses if APACHE_SERVERSIGNATURE 
# is set to "email". 
#
# If empty ("") it defaults to webmaster@$FQHOSTNAME, where FQHOSTNAME is
# taken from /etc/HOSTNAME. 
#
# Note that ServerAdmin directives inside VirtualHost statements are not
# changed, even not the one in the stock SSL virtual host block. 
#
APACHE_SERVERADMIN=""

## Type:	string
## Default:	""
## ServiceReload: apache2
#
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If this is not set to valid DNS name for your host, server-generated
# redirections will not work.  See also the UseCanonicalName directive.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
# You will have to access it by its address anyway, and this will make 
# redirections work in a sensible way.
#
APACHE_SERVERNAME=""

## Type:	string
## Default:	""
## ServiceRestart: apache2
#
# Here you can name files, separated by spaces, that should be Include'd from 
# httpd.conf. 
#
# This allows you to add e.g. VirtualHost statements without touching 
# /etc/httpd/httpd.conf itself, which makes upgrading easier. 
#
APACHE_CONF_INCLUDE_FILES=""

## Type:	string
## Default:	""
## ServiceRestart: apache2
#
# Here you can name directories, separated by spaces, that should be Include'd 
# from httpd.conf. 
#
# All files contained in these directories will be recursively included by apache.
# If a pattern like *.conf is appended, apache will use it.
#
# Examples: "/etc/apache2/my_conf/"
#           "/etc/apache2/virtual_hosts/*.conf"
#           "local/*.conf /srv/www/virtual/"
#
APACHE_CONF_INCLUDE_DIRS=""

## Type:	string
## Default:	"access actions alias auth auth_dbm autoindex cgi dir env expires include log_config mime negotiation setenvif ssl suexec userdir php4"
## ServiceRestart: apache2
#
# [It might look silly to not simply edit httpd.conf for the LoadModule statements.
# However, since the LoadModule statements might need an absolute path to the modules,
# switching between MPMs can be quite a hassle. It's easier to just give the names here.]
#
# * list of all modules shipped with the base distribution: 
#
#    access actions alias asis auth auth_anon auth_dbm auth_digest auth_ldap
#    autoindex cache case_filter case_filter_in cern_meta cgi charset_lite
#    dav dav_fs deflate dir disk_cache echo env expires ext_filter file_cache
#    headers imap include info ldap log_config logio mem_cache mime mime_magic
#    negotiation proxy proxy_connect proxy_ftp proxy_http rewrite setenvif
#    speling ssl status suexec unique_id userdir usertrack vhost_alias 
#
#   see http://httpd.apache.org/docs-2.0/mod/ !
#
# * It pays to use IfDefine statements... like
#    <IfModule mod_xyz.c>
#        ....
#    </IfModule>
#
# * In the APACHE_MODULES variable, you can use mod_xyz or just xyz syntax.
#   You may also name an absolute path if you like.
#
# * NOTE ON MOD_SSL: before you can enable this module, you need a server certificate. 
#   A test certificate can be created by entering 
#   'cd /usr/share/doc/packages/apache2; ./certificate.sh' as root.
#   Also, you need to set the ServerName inside the <VirtualHost _default_:443> 
#   block to the fully qualified domain name (see /etc/HOSTNAME).
#
# * if your server certificate is protected by a passphrase you should increase the
#   APACHE_START_TIMEOUT (see above)
#
# * modules listed here will be ignored if they are not installed
#
#
# EXAMPLES:
#
# fairly minimal
# APACHE_MODULES="access alias auth dir log_config mime setenvif"
#
# apache's default installation
# APACHE_MODULES="access actions alias asis auth autoindex cgi dir imap include log_config mime negotiation setenvif status userdir"
# your settings
APACHE_MODULES="access actions alias auth auth_dbm autoindex cgi dir env expires include log_config mime negotiation setenvif ssl suexec userdir php4"

## Type:	string
## Default:	""
## ServiceRestart: apache2
#
# Additional server flags:
#
# Put here any server flags ("Defines") that you want to hand over to 
# httpd at start time, or other command line flags.
#
# Background: Any directives within an <IfDefine flag>...</IfDefine>
#             section are only processed if the flag is defined.
#
# This could be -D SSL, for example. Or -DSTATUS.
# (it does not matter whether you "-D flag1 -D flag2" or simply "flag1 flag2")
#
# Specifying such flags here is equivalent to giving them on the commandline.
# (e.g. rcapache2 start -DReverseProxy)
#
APACHE_SERVER_FLAGS=""

## Type:	integer
## Default:	2
#
# timeout during server startup (seconds)
# after this time, the start script decides wether the httpd process started without error.
#
# Increase it, if you use mod_ssl and your certificate is passphrase protected!
#
APACHE_START_TIMEOUT="2"

## Type:	list(on,off,email)
## Default:	"on"
## ServiceReload: apache2
#
# Configures the footer on server-generated documents 
# This correlates to the ServerSignature directive. 
#
APACHE_SERVERSIGNATURE="on"

## Type:	list(debug,info,notice,warn,error,crit,alert,emerg)
## Default:	"warn"
## ServiceReload: apache2
#
# LogLevel: Control the number of messages logged to the error_log.
#
APACHE_LOGLEVEL="warn"

## Type:	string
## Default:	"/var/log/apache2/access_log combined"
## ServiceRestart: apache2
#
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here.  Contrarywise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
#
# Simply set it to empty, if you configure it yourself somewhere else.
# 
# Examples:
#
# If you would like to have agent and referer logfiles:
#
# setting it to "/var/log/apache2/referer_log referer, /var/log/apache2/agent_log agent"
#   corresponds to 
# CustomLog /var/log/apache2/referer_log referer
# CustomLog /var/log/apache2/agent_log   agent
#
# If you prefer a single logfile with access, agent, and referer information
# (Combined Logfile Format):
#
# setting it to "/var/log/apache2/access_log combined"
#   corresponds to 
# CustomLog /var/log/apache2/access_log combined
#
APACHE_ACCESS_LOG="/var/log/apache2/access_log combined"

## Type:	list(On,Off,DNS)
## Default:	"Off"
## ServiceReload: apache2
#
# UseCanonicalName: Determines how Apache constructs self-referencing 
# URLs and the SERVER_NAME and SERVER_PORT variables.
# When set "Off", Apache will use the Hostname and Port supplied
# by the client.  When set "On", Apache will use the value of the
# ServerName directive.
#
APACHE_USE_CANONICAL_NAME="off"

## Type:	list(Major,Minor,Minimal,ProductOnly,OS,Full)
## Default:	"OS"
## ServiceReload: apache2
#
# How much information the server response header field contains about the server.
# (installed modules, versions, etc.)
# see http://httpd.apache.org/docs-2.0/mod/core.html#servertokens
#
APACHE_SERVERTOKENS="OS"

## Type:	list(on,off)
## Default:	"off"
## ServiceReload: apache2
#
# If mod_status is used, include extended information about the server, like 
# CPU usage, in the status report. It is a server-wide setting, and it can cost
# some performance!
#
APACHE_EXTENDED_STATUS="off"

## Type:	list(on,off)
## Default:	"off"
## ServiceRestart: apache2
#
# Enable buffered logging
#
APACHE_BUFFERED_LOGS="off"

## Type:	integer
## Default:	300
## ServiceReload: apache2
#
# Timeout: The number of seconds before receives and sends time out.
# It is a server wide setting.
#
APACHE_TIMEOUT="300"

ist da ein Fehler drin ?

[squad-aka-l]

ok schonmal im voraus die anderen beiden configs:
ssl-global.conf:

Code: Select all

##
##  SSL Global Context
##
##  All SSL configuration in this context applies both to
##  the main server and all SSL-enabled virtual hosts.
##

# These are the configuration directives to instruct the server how to
# serve pages over an https connection. For detailing information about these
# directives see <URL:http://httpd.apache.org/docs-2.0/mod/mod_ssl.html>
#
#   For the moment, see <URL:http://www.modssl.org/docs/> for this info.
#   The documents are still being prepared from material donated by the
#   modssl project.
#
# Do NOT simply read the instructions in here without understanding
# what they do.  They're here only as hints or reminders.  If you are unsure
# consult the online docs. You have been warned.

# This global SSL configuration is ignored if 
# "SSL" is not defined, or if "NOSSL" is defined.
<IfDefine SSL>
<IfDefine !NOSSL>
<IfModule mod_ssl.c>

	#
	#   Some MIME-types for downloading Certificates and CRLs
	#
	AddType application/x-x509-ca-cert .crt
	AddType application/x-pkcs7-crl    .crl

	#   Pass Phrase Dialog:
	#   Configure the pass phrase gathering process.
	#   The filtering dialog program (`builtin' is a internal
	#   terminal dialog) has to provide the pass phrase on stdout.
	SSLPassPhraseDialog  builtin

	#   Inter-Process Session Cache:
	#   Configure the SSL Session Cache: First the mechanism 
	#   to use and second the expiring timeout (in seconds).
	#   shm means the same as shmht. 
	#   Note that on most platforms shared memory segments are not allowed to be on 
	#   network-mounted drives, so in that case you need to use the dbm method.
	#SSLSessionCache        none
	#SSLSessionCache         dbm:/var/lib/apache2/ssl_scache
	#SSLSessionCache        shmht:/var/lib/apache2/ssl_scache(512000)
	SSLSessionCache         shmcb:/var/lib/apache2/ssl_scache
	SSLSessionCacheTimeout  600

	#   Semaphore:
	#   Configure the path to the mutual exclusion semaphore the
	#   SSL engine uses internally for inter-process synchronization. 
	#SSLMutex  file:/var/lib/apache2/ssl_mutex
	SSLMutex  sem

	#   Pseudo Random Number Generator (PRNG):
	#   Configure one or more sources to seed the PRNG of the 
	#   SSL library. The seed data should be of good random quality.
	#   WARNING! On some platforms /dev/random blocks if not enough entropy
	#   is available. This means you then cannot use the /dev/random device
	#   because it would lead to very long connection times (as long as
	#   it requires to make more entropy available). But usually those
	#   platforms additionally provide a /dev/urandom device which doesn't
	#   block. So, if available, use this one instead. Read the mod_ssl User
	#   Manual for more details.
	SSLRandomSeed startup builtin
	SSLRandomSeed connect builtin
	#SSLRandomSeed startup file:/dev/random  512
	#SSLRandomSeed connect file:/dev/random  512
	#SSLRandomSeed startup file:/dev/urandom 512
	#SSLRandomSeed connect file:/dev/urandom 512

</IfModule>
</IfDefine>
</IfDefine>

httpd.conf:

Code: Select all

#
# /etc/apache2/httpd.conf 
#
# This is the main Apache server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs-2.0/> for detailed information about
# the directives.

# Based upon the default apache configuration file that ships with apache,
# which is based upon the NCSA server configuration files originally by Rob
# McCool. This file was knocked together by Peter Poeml <poeml+apache@suse.de>.

# If possible, avoid changes to this file. It does mainly contain Include
# statements and global settings that can/should be overridden in the
# configuration of your virtual hosts.


# Overview of include files, chronologically:
#
# httpd.conf
#  | 
#  |-- uid.conf  . . . . . . . . . . . . . .  UserID/GroupID to run under
#  |-- server-tuning.conf  . . . . . . . . .  sizing of the server (how many processes to start, ...)
#  |-- sysconfig.d/loadmodule.conf . . . . .  [*] load these modules
#  |-- listen.conf . . . . . . . . . . . . .  IP adresses / ports to listen on
#  |-- mod_log_config.conf . . . . . . . . .  define logging formats
#  |-- sysconfig.d/global.conf . . . . . . .  [*] server-wide general settings
#  |-- mod_status.conf . . . . . . . . . . .  restrict access to mod_status (server monitoring)
#  |-- mod_info.conf . . . . . . . . . . . .  restrict access to mod_info
#  |-- mod_usertrack.conf  . . . . . . . . .  defaults for cookie-based user tracking
#  |-- mod_autoindex-defaults.conf . . . . .  defaults for displaying of server-generated directory listings
#  |-- mod_mime-defaults.conf  . . . . . . .  defaults for mod_mime configuration
#  |-- errors.conf . . . . . . . . . . . . .  customize error responses
#  |-- ssl-global.conf . . . . . . . . . . .  SSL conf that applies to default server _and all_ virtual hosts
#  |
#  |-- default-server.conf . . . . . . . . .  set up the default server that replies to non-virtual-host requests
#  |    |--mod_userdir.conf  . . . . . . . .  enable UserDir (if mod_userdir is loaded)
#  |    `--conf.d/apache2-manual?conf  . . .  add the docs ('?' = if installed)
#  |
#  |-- sysconfig.d/include.conf  . . . . . .  [*] your include files 
#  |                                             (for each file to be included here, put its name 
#  |                                              into APACHE_INCLUDE_* in /etc/sysconfig/apache2)
#  |
#  `-- vhosts.d/ . . . . . . . . . . . . . .  for each virtual host, place one file here
#       `-- *.conf . . . . . . . . . . . . .     (*.conf is automatically included)
#
#
# Files marked [*] are created from sysconfig upon server restart: instead of
# these files, you edit /etc/sysconfig/apache2



#  Filesystem layout:
#
# /etc/apache2/
#  |-- conf.d/
#  |   |-- apache2-manual.conf . . . . . . .  conf that comes with apache2-doc
#  |   |-- mod_php4.conf . . . . . . . . . .  (example) conf that comes with apache2-mod_php4
#  |   `-- ... . . . . . . . . . . . . . . .  other configuration added by packages
#  |-- default-server.conf
#  |-- errors.conf
#  |-- httpd.conf  . . . . . . . . . . . . .  top level configuration file
#  |-- listen.conf
#  |-- magic
#  |-- mime.types -> ../mime.types
#  |-- mod_autoindex-defaults.conf
#  |-- mod_info.conf
#  |-- mod_log_config.conf
#  |-- mod_mime-defaults.conf
#  |-- mod_perl-startup.pl
#  |-- mod_status.conf
#  |-- mod_userdir.conf
#  |-- mod_usertrack.conf
#  |-- server-tuning.conf
#  |-- ssl-global.conf
#  |-- ssl.crl/  . . . . . . . . . . . . . .  PEM-encoded X.509 Certificate Revocation Lists (CRL)
#  |-- ssl.crt/  . . . . . . . . . . . . . .  PEM-encoded X.509 Certificates
#  |-- ssl.csr/  . . . . . . . . . . . . . .  PEM-encoded X.509 Certificate Signing Requests
#  |-- ssl.key/  . . . . . . . . . . . . . .  PEM-encoded RSA Private Keys
#  |-- ssl.prm/  . . . . . . . . . . . . . .  public DSA Parameter Files
#  |-- sysconfig.d/  . . . . . . . . . . . .  files that are created from /etc/sysconfig/apache2
#  |   |-- global.conf
#  |   |-- include.conf
#  |   `-- loadmodule.conf
#  |-- uid.conf
#  `-- vhosts.d/ . . . . . . . . . . . . . .  put your virtual host configuration (*.conf) here
#      |-- vhost-ssl.template
#      `-- vhost.template



### Global Environment ######################################################
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests.

# run under this user/group id
Include /etc/apache2/uid.conf

# - how many server processes to start (server pool regulation)
# - usage of KeepAlive
Include /etc/apache2/server-tuning.conf

# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here.  If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog /var/log/apache2/error_log

# generated from APACHE_MODULES in /etc/sysconfig/apache2
Include /etc/apache2/sysconfig.d/loadmodule.conf

# IP addresses / ports to listen on
Include /etc/apache2/listen.conf

# predefined logging formats
Include /etc/apache2/mod_log_config.conf

# generated from global settings in /etc/sysconfig/apache2
Include /etc/apache2/sysconfig.d/global.conf

# optional mod_status, mod_info
Include /etc/apache2/mod_status.conf
Include /etc/apache2/mod_info.conf

# optional cookie-based user tracking
# read the documentation before using it!!
Include /etc/apache2/mod_usertrack.conf

# configuration of server-generated directory listings
Include /etc/apache2/mod_autoindex-defaults.conf

# associate MIME types with filename extensions
TypesConfig /etc/apache2/mime.types
DefaultType text/plain
Include /etc/apache2/mod_mime-defaults.conf

# set up (customizable) error responses
Include /etc/apache2/errors.conf

# global (server-wide) SSL configuration, that is not specific to 
# any virtual host
Include /etc/apache2/ssl-global.conf

# forbid access to the entire filesystem by default
<Directory />
    Options None
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

# use .htaccess files for overriding,
AccessFileName .htaccess
# and never show them
<Files ~ "^.ht">
    Order allow,deny
    Deny from all
</Files>

# List of resources to look for when the client requests a directory
DirectoryIndex index.html index.html.var

### 'Main' server configuration #############################################
#
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition.  These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
#
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
#
Include /etc/apache2/default-server.conf


# Another way to include your own files
#
# The file below is generated from /etc/sysconfig/apache2,
# include arbitrary files as named in APACHE_CONF_INCLUDE_FILES and
# APACHE_CONF_INCLUDE_DIRS
Include /etc/apache2/sysconfig.d/include.conf


### Virtual server configuration ############################################
#
# VirtualHost: If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs-2.0/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.
#
Include /etc/apache2/vhosts.d/*.conf


# Note: instead of adding your own configuration here, consider 
#       adding it in your own file (/etc/apache2/httpd.conf.local)
#       putting its name into APACHE_CONF_INCLUDE_FILES in 
#       /etc/sysconfig/apache2 -- this will make system updates 
#       easier :) 

default-server.conf:

Code: Select all

# Global configuration that will be applicable for all virtual hosts, unless
# deleted here, or overriden elswhere.
# 

DocumentRoot "/srv/www/htdocs"

#
# Configure the DocumentRoot
#
<Directory "/srv/www/htdocs">
	# Possible values for the Options directive are "None", "All",
	# or any combination of:
	#   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
	#
	# Note that "MultiViews" must be named *explicitly* --- "Options All"
	# doesn't give it to you.
	#
	# The Options directive is both complicated and important.  Please see
	# http://httpd.apache.org/docs-2.0/mod/core.html#options
	# for more information.
	Options None
	# AllowOverride controls what directives may be placed in .htaccess files.
	# It can be "All", "None", or any combination of the keywords:
	#   Options FileInfo AuthConfig Limit
	AllowOverride None
	# Controls who can get stuff from this server.
	Order allow,deny
	Allow from all
</Directory>

# Aliases: aliases can be added as needed (with no limit). The format is 
# Alias fakename realname
#
# Note that if you include a trailing / on fakename then the server will
# require it to be present in the URL.  So "/icons" isn't aliased in this
# example, only "/icons/".  If the fakename is slash-terminated, then the 
# realname must also be slash terminated, and if the fakename omits the 
# trailing slash, the realname must also omit it.
#
# We include the /icons/ alias for FancyIndexed directory listings.  If you
# do not use FancyIndexing, you may comment this out.
#
Alias /icons/ "/usr/share/apache2/icons/"

<Directory "/usr/share/apache2/icons">
	Options Indexes MultiViews
	AllowOverride None
	Order allow,deny
	Allow from all
</Directory>

# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the realname directory are treated as applications and
# run by the server when requested rather than as documents sent to the client.
# The same rules about trailing "/" apply to ScriptAlias directives as to
# Alias.
#
ScriptAlias /cgi-bin/ "/srv/www/cgi-bin/"

# "/srv/www/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#
<Directory "/srv/www/cgi-bin">
	AllowOverride None
	Options +ExecCGI -Includes
	Order allow,deny
	Allow from all
</Directory>

# UserDir: The name of the directory that is appended onto a user's home
# directory if a ~user request is received.
#
# To disable it, simply remove userdir from the list of modules in APACHE_MODULES 
# in /etc/sysconfig/apache2.
#
<IfModule mod_userdir.c>
	# Note that the name of the user directory ("public_html") cannot simply be
	# changed here, since it is a compile time setting. The apache package
	# would have to be rebuilt. You could work around by deleting
	# /usr/sbin/suexec, but then all scripts from the directories would be
	# executed with the UID of the webserver.
	UserDir public_html
	# The actual configuration of the directory is in
	# /etc/apache2/mod_userdir.conf.
	Include /etc/apache2/mod_userdir.conf
	# You can, however, change the ~ if you find it awkward, by mapping e.g.
	# http://www.example.com/users/karl-heinz/ --> /home/karl-heinz/public_html/ 
	#AliasMatch ^/users/([a-zA-Z0-9-_.]*)/?(.*) /home/$1/public_html/$2
</IfModule>


# Include all *.conf files from /etc/apache2/conf.d/.
#
# This is mostly meant as a place for other RPM packages to drop in their
# configuration snippet.
#
# You can comment this out here if you want those bits include only in a
# certain virtual host, but not here.
#
Include /etc/apache2/conf.d/*.conf

# The manual... if it is installed ('?' means it won't complain)
Include /etc/apache2/conf.d/apache2-manual?conf

[Joe User]

/etc/sysconfig/apache2
<- APACHE_SERVER_FLAGS=""
-> APACHE_SERVER_FLAGS="-D SSL"

/etc/init.d/apache2 stop
/etc/init.d/apache2 start

[squad-aka-l]

das funktioniert auch nicht.

Bei http kommt die Apache Testseite und bei https kommt Seite kann nicht angezeigt werden.

Porbier mal selbst:

http://h7522.serverkompetenz.net

mit SSL:

https://h7522.serverkompetenz.net

obiges geht, unterer nicht

[odysseus]

Sieht aus wie Kraut und Rüben ... das installiert Yast als default? 8O
Ich vermisse in der SSL-Konfiguration eine Einbeziehung der Schlüssel- und der Zertifikatsdatei. Auf meinem System habe ich für SSL einen eigenen vhost Abschnitt definiert. Das finde ich bei den gezeigten Files gar nicht.

Allerdings blicke ich durch die Struktur da noch nicht ganz durch, ich mag gerne schlanke config files. ;)

[squad-aka-l]

naja würdest du mir eine entsprechende konfiguration erstellen ?

ich habs schon versucht mit einem vhost aber der naja hat wohl nicht so hingehauen.

also die zertifikate sind in /etc/apache2/ssl.key und ssl.crt
das documentroot ist /srv/www/htdocs

user: wwwrun
group: www

servernamen siehste ja oben und ip ist 81.169.183.215

Ich bedank mich schonmal im Voraus und wünsche noch einen schönen Tag.