Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [mod-ssl]

The Apache Httpd interface to OpenSSL

mod_ssl is a module for the Apache HTTPD webserver which allows it to perform SSL and TLS encryption on connections. Documentation is provided by Apache covering installation and setup for httpd 2.0 and 2.2

This tag should be used for questions around compiling, building, configuring, extending, provisioning, debugging and using mod_ssl.

For questions around building Apache modules on top of mod_ssl, or working on the code, the mod-ssl tag on StackOverflow is likely to be a better place to ask.

272 questions
1
vote
2 answers

Apache: Assign SSL server / client certs to directories

I have multiple directories on my system, e.g., /var/www/dir1 /var/www/dir2 /var/www/dir3 And what I'd like to do is to generate a server/client SSL certificate for each directory, and then set up each directory such that the client cert must match…
Daniel Amaya
  • 21
  • 3
1
vote
1 answer

Trouble configuring apache server to proxy an SSL connection

I'm running an application on Tomcat7 with Apache Portable Runtime, I bought an SSL certificate and configured it correctly - when I try to connect through the ip:port combination, it connects fine but warns me the certificate is issued to the…
vivri
  • 203
  • 2
  • 10
1
vote
1 answer

OpenSSL response 404 issue on centOS 6

I followed this tutorial (though it's for 5.2, I figured I'd be alright). The changes I had to make that seemed to have worked: Rename ca.csr to ca.cslr (that's the one the command generated) List it in the ssl.conf as ca.cslr instead of ca.csr I…
dsp_099
  • 43
  • 1
  • 1
  • 8
1
vote
1 answer

Minimum Key Length for Apache SSL

I'm trying to figure out the minimum key/cipher bit length that my Apache mod_ssl configuration will accept for client connections. I ran openssl ciphers -v and saw ciphers of all lengths (40, 56, etc.). How can I find out or configure the minimum…
Kevin Meredith
  • 1,269
  • 2
  • 15
  • 21
1
vote
2 answers

SSL Certificate Performance

Is it possible that a cheap security certificate could inhibit the performance of a website when serving pages over https? Background: I have built an e-commerce website using Drupal 7 and Drupal Commerce. The site runs on an m3.xlarge Amazon EC2…
williamsowen
  • 1,167
  • 3
  • 16
  • 25
1
vote
1 answer

SSL Error 107 - Apache2 SSL config

I'm trying to configure a new web server to host a website/php application. All web traffic to this server is supposed to be through https. I've read numerous tutorials as well as the Apache docs and wiki about how to set this up. I also recently…
eljaydub
  • 117
  • 3
  • 6
1
vote
1 answer

Apache 500 error, I dont fully understand the error log

I'm trying to connect a backend server(gitorious running in https) to my frontend apache2 server running on ubuntu server. I believe that I have the vhost file and proxy config setup right but it still does not work as I am getting a 500 internal…
user83438
  • 41
  • 3
1
vote
0 answers

Reverse SSL_CLIENT_S_DN order in Apache?

For some odd reason, mod_nss makes the client DN look like this: SSL_CLIENT_S_DN=C=SE,DC=FOO,serialNumber=123456789012,CN=BAR BAZ Mod_ssl however makes it look like this: SSL_CLIENT_S_DN=/CN=BAR BAZ/serialNumber=123456789012/DC=FOO/C=SE I think…
Mjau
  • 11
  • 3
1
vote
1 answer

HTTPS via a floating IP

I ran in what seems to see a case with little to no documentation. I'm trying to serve content sitting behind Apache 2.2 via HTTPS. This Apache server is listening on two IP addresses, one static assigned to the node and a second "floating" IP used…
Benjamin
  • 21
  • 4
1
vote
4 answers

Apache2 ssl with ecc

Is it possible to configure Apache2 to use elliptic curve crypto (ecc) with SSL? This bug https://issues.apache.org/bugzilla/show_bug.cgi?id=40132 appears (to me) to indicate that this is supported, but I can't find any instructions anywhere.
ykaganovich
  • 149
  • 3
  • 8
1
vote
0 answers

Apache SSL x509 authentication timeout

I have setup a location to enable client authentication based on x509 certificates: SSLRequireSSL SSLVerifyClient require SSLVerifyDepth 10 The authentication is done by unlocking the smartcard with a PIN.…
rthill
  • 31
  • 4
1
vote
2 answers

Is it possible to run an Apache VirtualHost on port 443 with SSL off?

I am running a site completely over SSL using a load balancer in front of Apache doing all the certificate handling and decryption. I let HTTP traffic through the load balancer so Apache can handle doing redirects. When the traffic is redirected to…
Jesse
  • 21
  • 1
  • 5
1
vote
1 answer

Load balancing based on client certificate with Apache mod_proxy_ajp and Tomcat

Currently, I am using mod_proxy_ajp to load balance requests to multiple Tomcat servers. Callers are authenticated using client certificates and an ACL. This has been working fine, callers are routed to either server at an even rate. Now I want to…
John in MD
  • 221
  • 2
  • 9
1
vote
0 answers

How can I relax SSL requirements inside a specific folder?

I have a root folder that is protected by a SSLRequire rule; say: SSLRequire %{SSL_CLIENT_S_DN_Email} =~ m/^.+@foobar\.com$/ However, I'd like a subfolder of this root folder to be protected by a completely different one, like this: SSLRequire…
zneak
  • 328
  • 2
  • 14
1
vote
1 answer

Self signed Apache cert error: asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag

Can anyone see where I went wrong on these steps (on Windows XP + Apache 2.2)? I tried to create my own self signed SSL certificate with my own CA and when its all done my Apache server wont start and my log file says: [info] Init: Seeding PRNG with…
djangofan
  • 4,182
  • 10
  • 46
  • 59
1 2 3
18 19