0

I have an Ilias-Installation, which is available through two virtual hosts: the FQDN and the ip-address. The first server is ssl only, the second plain http. Both configuration files look the same except for the SSL-part:

SSLEngine on 
SSLCertificateFile /etc/apache2/ssl/ilias.pem

In the Ilias-Webinterface, I can copy a folder on the plain http. But if I try to copy the same folder on the ssl virtual host, I get the notice, that the copy was started (rough german translation here), but the folder does not show up. There are no errors in the error-logs of php or the webserver and as said, no differences beside the ssl-part. The guys at an ilias-forum did not have an idea, either.

Any ideas in here?

Mircea Vutcovici
  • 17,619
  • 4
  • 56
  • 83
Lars
  • 486
  • 5
  • 21

1 Answers1

1

First make sure that you have both the certificate and the private key in the /etc/apache2/ssl/ilias.pem file or configure the key with SSLCertificateKeyFile directive.

You can use openssl to test the SSL connection:

echo -e "GET /\n\n"|openssl s_client -connect FQDN:443

If the SSL configuration is OK, then do a network capture with tcpdump or dumpcap. Use Wireshark to analyze the capture and decrypt it with the private key. Please note that only RSA based certificates traffic can be decrypted with Wireshark. If you have DSA certificates, then use a proxy like Fiddler, Burp Suite or CharlesProxy or a browser plugin like FireBug.

Mircea Vutcovici
  • 17,619
  • 4
  • 56
  • 83
  • That's a good tip for general problems, but I do not see, how this would help in this situation. As ssl only provides a tunnel for http (and the data send over it is not changed at all), why should there be problems with the ssl? Both keys are configured in the ilias.pem-file. – Lars Nov 29 '11 at 08:40
  • You do not give details about the problem, so I give you a generic approach to isolate it. If you answer with some HTTP problems or with an SSL error, me or someone else could help you better. Don't expect that someone can give you a straight answer with the few information you have provided. When you do not know well why somthing is not working, test layer by layer: network, SSL, HTTP, apache, application, DB. – Mircea Vutcovici Nov 30 '11 at 17:10