Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [mod-ssl]

The Apache Httpd interface to OpenSSL

mod_ssl is a module for the Apache HTTPD webserver which allows it to perform SSL and TLS encryption on connections. Documentation is provided by Apache covering installation and setup for httpd 2.0 and 2.2

This tag should be used for questions around compiling, building, configuring, extending, provisioning, debugging and using mod_ssl.

For questions around building Apache modules on top of mod_ssl, or working on the code, the mod-ssl tag on StackOverflow is likely to be a better place to ask.

272 questions
5
votes
3 answers

How do I create a custom header from an existing SSL environment variable?

OK I have spent all day on this-- I'm using apache with mod_ssl I'm trying to take an existing environment header, "%{SSL_CLIENT_S_DN_CN}s" which looks like "Lastname Firstname Mi username" and set a new header called USERNAME and set that equal to…
MattPark
  • 303
  • 5
  • 20
5
votes
4 answers

How can I configure Apache to use HTTPS for external access but HTTP for internal access?

I have two servers, one a development server that is accessible internally on our company's local network and the other a public-facing web server. The development server hosts several tools that we use to manage our projects internally but now we…
Tim Wardle
  • 383
  • 1
  • 5
  • 9
5
votes
1 answer

Apache SSL reverse proxy to a Embed Tomcat

I'm trying to put in place a reverse proxy for an application that is running a tomcat embed server over SSL. The application needs to run over SSL on the port 9002 so I have no way of "disabling SSL" for this app. The current setup schema looks…
ggarcia24
  • 151
  • 1
  • 2
5
votes
2 answers

SSL_CLIENT_CERT_CHAIN not being passed to backend server

I have client certificate configured and working in Apache. I want to pass the PEM-encoded X.509 certificates of the client to the backend server. I tried with the SSLOptions +ExportCertData. This does nothing at all, while the documentation states…
nidkil
  • 161
  • 1
  • 5
5
votes
1 answer

Apache sends plain-text response when accessing SSL-enabled site without HTTPS

I've never encountered something such as this before. I was attempting to simply redirect the page to the HTTPS version if it determined that HTTPS was off, but instead it's displaying an HTML page rather than actually redirecting; and even odder,…
animuson
  • 279
  • 1
  • 6
  • 20
5
votes
1 answer

CentOS6 - Apache2 working but when installing / enabling SSL, server won't start because of permissions error

I'm attempting to install Apache with SSL on CentOS6 to use as a development server. I've been following the directions posted here to get SSL working: http://wiki.centos.org/HowTos/Https (Note: Apache was working fine until I attempted to enable…
Frank V
  • 449
  • 4
  • 15
4
votes
1 answer

How to solve Apache-2.4 AH02026: Failed to acquire SSL session cache lock

I've just stood up a new AWS Ubuntu 16.04 server running Apache2.4 with PHP-FPM 5.6 and 7.1 available via different sockets. Everything is working great, but I'm getting the following errors in the Apache error log: [Mon Jun 19 05:48:06.158306 2017]…
e_i_pi
  • 223
  • 1
  • 2
  • 10
4
votes
1 answer

How to check apache for SNI (Server Name Indication ) availability?

I have a centos 7 server. I switched from apache 2.4.6 to apache 2.4.25 using IUS repository (https://ius.io/). My goal is to support multiple SSL certificates with a single IP. I have installed: Apache/2.4.25…
GeorgeKaf
  • 175
  • 1
  • 1
  • 7
4
votes
1 answer

missing mod_ssl.so for lighttpd

I am trying to set up ssl (i.e. https) for my lighttpd web server running Debian 8 (Jessie). The relevant lines in lighttpd.conf are: server.modules = ( "mod_access", "mod_alias", "mod_compress", "mod_redirect", "mod_ssi", …
steffen
  • 157
  • 1
  • 2
  • 8
4
votes
0 answers

mod_ssl client certificates on a reverse proxy

I am trying to add client certificate authentication on a reverse proxy that proxies an oracle application. Before adding, and if i remove the subsequent code, the oracle application is able to start java, load, and function properly. When I add the…
Rory McDonald
  • 61
  • 3
4
votes
1 answer

How apache reverse proxy can be configured without breaking the https tunnel between client & server?

I have configured apache reverse proxy. In that configuration https connection is possible between client to reverse proxy and again reverse proxy to server. But I want https connection between client to server like forward proxy. The https…
user3245862
  • 41
  • 2
4
votes
2 answers

YouTrack on Tomcat 7 using SSL

I have a running YouTrack instance deployed using Tomcat 7 and it works fine on http://example.com:8080/youtrack Apache is already configured to support SSL for the main domain (I have .pem file). Both https://example.com and http://example.com are…
Sfisioza
  • 592
  • 2
  • 8
  • 18
4
votes
4 answers

How to run a virtualhost 443 without an SSL cert?

I have a virtualhost directive that serves up a custom 404 error if invalid subdomain is entered: # the first virtual host ServerName site_not_found RedirectMatch 404 ^/(?!custom_error)
Question Overflow
  • 2,103
  • 7
  • 30
  • 45
4
votes
1 answer

mod_spdy problems and speculations

I'm trying out mod_spdy and I've run into a problem - it seems to be incompatible with AJAX requests and mod_php as in this: https://www.modspdy.com/blog/2012/04/15/using-mod_spdy-with-php/ The solution seems to be to run php scripts through…
donk
  • 163
  • 1
  • 10
4
votes
2 answers

Requiring client certificate issued by a specific intermediate CA in Apache

I have a CA hierarchy like this: Root-CA ________|_____________ | | TEST-CA PRODUCTION-CA _____|_____ ____|____ | | | | TEST-SRV…
moosaka
  • 143
  • 1
  • 5
1 2
3
18 19