Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [mod-ssl]

The Apache Httpd interface to OpenSSL

mod_ssl is a module for the Apache HTTPD webserver which allows it to perform SSL and TLS encryption on connections. Documentation is provided by Apache covering installation and setup for httpd 2.0 and 2.2

This tag should be used for questions around compiling, building, configuring, extending, provisioning, debugging and using mod_ssl.

For questions around building Apache modules on top of mod_ssl, or working on the code, the mod-ssl tag on StackOverflow is likely to be a better place to ask.

272 questions
4
votes
3 answers

SSL URL gives a 404

I have recently created an SSL cert on my server *.key and a *csr file. I then created the *crt and the *.ca-bundle with Comodo. I have 2 current vhosts: vhost for - http://www.example.com NameVirtualHost *:80 ServerAdmin…
terrid25
  • 251
  • 2
  • 5
  • 12
4
votes
2 answers

Installing mod_ssl on CentOS

I am trying to install mod_ssl on my server with: yum install mod_ssl All i get in response is: Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: centosv4-msync-dvd.centos.org * extras:…
Anders
  • 207
  • 1
  • 2
  • 7
4
votes
1 answer

Forcing SSL in Apache without hard-coding the hostname

I think that I have this sorted (thanks mainly to the question How to redirect non-www to www without hardcoding using .htaccess?), but I still don't entirely understand a couple of things. I would like to force all non-SSL connections to my server…
Owen Blacker
  • 631
  • 1
  • 8
  • 20
4
votes
3 answers

apache Client Certificate Authentication errors: Certificate Verification: Error (18): self signed certificate

So I have been following instructions on setting up Client Certificate Authentication in Apache2 w/ mod_ssl. This is solely for the purpose of testing an application against CAA, not for any sort of production use. So far I've followed…
decoy
  • 393
  • 2
  • 3
  • 6
4
votes
1 answer

Can apache use a key agent to store private keys for SSL?

For mod_ssl in apache to work, you need your RSA private key on the server. If the key is passphrase protected, you have to enter the passphrase whenever you restart apache. There is SSLPassPhraseDialog so you can store the key encrypted and have a…
Corey Henderson
  • 194
  • 7
4
votes
3 answers

Problems with multiple SSL on same IP, but only in select clients

I know there are tons of posts about multiple SSL on same IP, but I promise I'm not beating a dead horse. My question is very clear. First, a little background... Our organization has several ecommerce sites. All of these sites are running on the…
Calvin Froedge
  • 538
  • 1
  • 6
  • 16
4
votes
1 answer

Apache ServerName uses AlternativeName instead of CommonName

I have recently purchased an SSL Certificate. The CommonName (CN) of the certificate is www.mydomain.com and has several AlternativeNames such as subdomain1.mydomain.com, subdomain2.mydomain.com etc. I have installed this on a server using Apache…
DanielGibbs
  • 573
  • 5
  • 13
  • 32
4
votes
0 answers

ngnix php curl old SSL session ID is stale, removing

I am making a php curl request from nginx server to apache server It shows old SSL session ID is stale, removing As per the link I have changed the SSLSessionCacheTimeout in bitnami apache server but still the error occurs. I have changed…
DroidDev
  • 141
  • 1
  • 3
3
votes
1 answer

Puzzled by SSLCACertificateFile parameter

there's something I can't understand with the SSLCACertificateFile parameter on Apache SSL conf. Put for example I have a ROOT cert "A" that issued an intermediate cert "B". Then, I produced a couple of leaf certificates using B, say "L1",…
Matteo Palma
  • 31
  • 2
3
votes
1 answer

Apache SSL Handshake Slow

I am running an Apache 2.4.18 server running under Ubuntu 16.04.1 LTS, only with PHP 7 and Exim 4 installed. In the early morning the SSL handshake is extremely fast, about 200ms, but as time passes it increases (about 1 hour later), getting around…
Tom
  • 289
  • 3
  • 13
3
votes
1 answer

mod ssl error during ssl installation

Server Environment AWS EC2, Ubuntu 14.04LTS, LAMP 443 Port is enabled from security group. Server is listening to 443 port. I have purchased SSL from cheapsslsecurity.com and followed following step. step 1 : create a bundle cat…
KuKu
  • 141
  • 6
3
votes
1 answer

How to rename default-ssl.conf in Apache 2.4

I'm running Apache 2.4 on Ubuntu. I'm trying to renamedefault-ssl.conf, but I can't get it to work. Here is what works. If I enable the SSL module a2enmod ssl and the site configuration file a2ensite default-ssl.conf and start httpd service…
lacton
  • 131
  • 4
3
votes
0 answers

Setting up an Apache forward proxy with 2-way SSL with certificate CN check fails

I need to set up a forward proxy with 2-way SSL verification. I got pretty far using Apache 2.4.10 on Debian, but it fails because the certificate CN is compared to the wrong name. I've searched and read every page that remotely mentions something…
hepabolu
  • 159
  • 1
  • 5
3
votes
1 answer

SSL mod_proxy issues in bracket

I am having trouble with getting proxypass to work in apache. My configuration file is as follows: ServerName example.com ServerAlias www.example.org ServerAdmin info@example.org DocumentRoot…
Slava Knyazev
  • 155
  • 1
  • 1
  • 6
3
votes
1 answer

Has SHA256 but why is it not used?

After performing an upgrade on Apache and modssl, I get a security warning in the security logo of the URL bar in Chrome when visiting my website on Apache server: The site is using outdated security settings that may prevent future versions of…
user273867
  • 33
  • 4
1 2 3
18 19