Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [mod-ssl]

The Apache Httpd interface to OpenSSL

mod_ssl is a module for the Apache HTTPD webserver which allows it to perform SSL and TLS encryption on connections. Documentation is provided by Apache covering installation and setup for httpd 2.0 and 2.2

This tag should be used for questions around compiling, building, configuring, extending, provisioning, debugging and using mod_ssl.

For questions around building Apache modules on top of mod_ssl, or working on the code, the mod-ssl tag on StackOverflow is likely to be a better place to ask.

272 questions
2
votes
2 answers

Apache and mod_ssl working with multiple remote CA for client certs

Generating client certificates by becoming your own CA with an Apache web server is trivial work and there's plenty of documentation out there on how to achieve this. My problem is slightly different. I have several clients out there that want to…
imaginative
  • 1,971
  • 10
  • 32
  • 48
2
votes
3 answers

Can't update Apache SSL Protocols or Ciphers

I’ve been searching and testing for a couple of days now and have run out of things to try. Here’s my problem. I have an Apache Lounge 2.4.18 (Win32) VC14 web server running on a Microsoft Windows 2008 R2 server using OpenSSL 1.0.2g. Our…
Ron
  • 31
  • 4
2
votes
0 answers

Apache2:Unable to read server certificate from file

Cannot start apache2 server. error info is below. Looking into similar questions (SSL Error - unable to read server certificate from file, Apache cannot read certificate file, and so on), still stuck in this problem. Any help is welcome.…
BAE
  • 121
  • 8
2
votes
2 answers

Integrating Apache with PKCS#11 device via engine_pkcs11 and OpenSSL

I have problem with mod_ssl exactly with SSLCryptoDevice directive. When I run command "openssl engine" returns all available engines including pkcs11 (libengine-pkcs11-openssl), but When I set SSLCryptoDevice pkcs11 in mod_ssl configuration and I…
t4nk566
  • 23
  • 4
2
votes
2 answers

Unable to turn off SSLv3 on Apache 2.4.9 without losing TLS 1.1 and 1.2

I have an interesting problem with two Linux servers with Apache 2.4.9: i'm trying to disable SSL v3 and RC4 in order to block POODLE and keep SSL Labs happy. However, whenever i turn off SSL v3, i also lose TLS 1.1 and 1.2 (keeping only TLS…
theglauber
  • 143
  • 7
2
votes
1 answer

Do not use Client Cert Auth when on local network apache2

I'm hoping someone could help me with this question... I am running an Apache 2.4.7 server on my Ubuntu 14.04 box with some public facing sites. For some of those sites I've implemented a Client Cert Authentication using self signed certs. I am…
dimaj
  • 63
  • 7
2
votes
0 answers

Windows 8 IE 10 TLS Handshake Errors to Apache 2.2 on Centos 6.6

We are really stumped on this. During an upgrade to a newer Apache environment running on CentOS 6.6 we encountered weird problems with TLS connections from Windows 8 machines. The first hint at the error was users of IE10 complaining as well as…
JonathanT
  • 121
  • 3
2
votes
2 answers

Apache redirect user if they are using SSLv3

I'd like to redirect any users on our site if they try to use SSLv3 (if I just disable SSLv3 and a browser like IE6 comes along, I couldn't seem to properly redirect it to an http version of our site with an error message - so I'd like to allow…
Jarrett
  • 261
  • 1
  • 2
  • 7
2
votes
2 answers

Apache SSL Port Redirection (8443 to 443)

I've got a Tomcat server (JIRA) working behind an Apache reverse proxy server (took a while but I got there). I'm upgrading my old server and adding Apache to give me some extra functionality and security. The old server was accessed on…
Eddy555
  • 31
  • 1
  • 1
  • 3
2
votes
1 answer

How can I troubleshoot an Apache Server reverse proxy dropped connection?

We are suddenly seeing an intermittent, but very frequent, error while POSTing files to a Tomcat servlet over https via an Apache Server reverse proxy. The error only seems to occur while POSTing files of 20 MB or more (videos). We have not seen the…
dgvid
  • 121
  • 1
  • 5
2
votes
1 answer

Apache passphrase working sometimes

On one of my servers I observe the following problem with SSL passphrase: some certs are passing it without asking for a password, while some others keep asking for it. I have set it up globally: SSLPassPhraseDialog exec:/path/to/passphrase but…
nonus25
  • 261
  • 1
  • 4
  • 9
2
votes
1 answer

How to log both HTTP and HTTPS requests to the same file

Using recent Apache on Linux. It's inconvenient to have the two different kinds of requests sent to two different log files since I like to watch the log file scroll by live via the shell. I also use less a lot. Also, is there a reason why logging…
AlJo
  • 91
  • 8
2
votes
1 answer

Web Server with PKCS11 support for server certificates?

I have a PKCS#11-compatible smart card with either a private key, or a combination of a certificate and a private key on it (I can have both). I want to present the certificate from the smart card to visitors, or use a regular certificate file on…
rix0rrr
  • 246
  • 1
  • 4
2
votes
2 answers

Disabling Apache Directives That Don't Have an "Off" Value

I want certain Apache directives, like SSLCACertificateFile, to be enabled in some Locations, but disabled in others. For example, # Require client certificates for http://example.com/secure SSLCACertificateFile…
Ian Dunn
  • 194
  • 13
2
votes
1 answer

Apache certificates for some urls not working

We are having a rather strange problem with a Apache-installation. Here is a short summary: Currently I'm setting up Apache with https, and server-certificates. This is fairly easy and works straight out of the box - as expected. This is the…
vegaasen
  • 131
  • 1
  • 6
1 2 3
18 19