Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [mod-ssl]

The Apache Httpd interface to OpenSSL

mod_ssl is a module for the Apache HTTPD webserver which allows it to perform SSL and TLS encryption on connections. Documentation is provided by Apache covering installation and setup for httpd 2.0 and 2.2

This tag should be used for questions around compiling, building, configuring, extending, provisioning, debugging and using mod_ssl.

For questions around building Apache modules on top of mod_ssl, or working on the code, the mod-ssl tag on StackOverflow is likely to be a better place to ask.

272 questions
2
votes
2 answers

SSL over non-standard port?

I have two different sites in one server: a.com and b.com. If I use named virtualhost on ssl port, IE won't work. So, I decided to use port 444 for SSL for b.com. However, it seems all browsers give error message: Chrome: Error 107 ssl protocol…
Lenik
  • 792
  • 8
  • 13
  • 27
2
votes
1 answer

Apache (mod_ssl) not delivering SSL Certificates when requested

Houston, I have a problem. I have an instance of Apache (httpd) on one machine using mod_ssl with openssl and mod_jk pointing at several tomcat instances on other physical machines. Apache is really the only thing running on this box. It is…
Andy
  • 142
  • 7
2
votes
2 answers

Building an SSL server farm

I'm interested in building the the architecture in the article referenced below. I currently have a modestly-priced layer-4 load balancer and my application servers are the SSL endpoints. I want to put an SSL server farm in between my load balancer…
dan
  • 426
  • 7
  • 21
2
votes
1 answer

centos6 apache2 Invalid Command SSLEngine

Running: CentOS6 x64 When I restart httpd, I get the following error. What am I missing? [root@localhost ~]# service httpd restart Stopping httpd: [ OK ] Starting httpd: Syntax error on line 22 of…
Christian
  • 796
  • 3
  • 13
  • 31
2
votes
1 answer

apache client certificate if-else condition

I have a within a virtualhost that looks like this: SSLVerifyClient require SSLVerifyDepth 2 SSLRequireSSL SSLOptions +OptRenegotiate SSLCipherSuite HIGH SSLRequire %{SSL_CLIENT_S_DN_OU} eq…
zero_r
  • 2,405
  • 3
  • 16
  • 16
2
votes
1 answer

How to install mod_ssl with minimum effect on a running site

I just took over an old Apache httpd site that was maintained by somebody else. It's running httpd 2.2.2-1.3 on Fedora 5. I think the httpd was originally installed from an RPM. I was asked to enable SSL on this site. Now I have the certificate and…
evergreen
  • 121
  • 3
2
votes
1 answer

REMOTE_USER = SSL_CLIENT_S_DN_CN under x509 with +FakeBasicAuth in Apache. Is it possible?

Hi I'm trying to incorporate a software to our intranet services (BackupPc) This Software uses the environment variable REMOTE_USER to get the username. Placed under an Apache 2.2 server with Client certificate Authentication system and…
theist
  • 1,229
  • 2
  • 10
  • 24
2
votes
1 answer

SSLVerifyClient require in .htaccess on shared host—CVE-2009-3555 mitigation woes

After some research I got the idea that I can't use SSLVerifyClient successfully anywhere except within a server context because of current CVE-2009-3555 mitigation efforts. Specifically, because of CVE-2009-3555, various versions of OpenSSL,…
user29502
2
votes
2 answers

Client certificate authentication sslv3 alert handshake failure when Location directive is set

I am trying to setup Client Certificate Authentication for a web service that is running on Rails. The service is running on apache2, passenger, and mod_ssl. I have been able to successfully generate the keys and setup the Client Certificate…
Josh Moore
  • 263
  • 3
  • 6
  • 14
2
votes
1 answer

502: proxy: pass request body failed

Sometimes I get the following error (in apache's error.log) when viewing my site over https: (502)Unknown error 502: proxy: pass request body failed to xxx.xxx.xxx.xxx:443 I'm not entirely sure what this is and why it happens, it's also not…
Andrei Serdeliuc
  • 905
  • 5
  • 14
  • 26
2
votes
1 answer

Apache dynamic paths with SSLRequire and dynamic aliases

I have Apache/2.4.6 (Red Hat Enterprise Linux) serving some content to different customers based on their SSL certificate that we issue out. If the SSL_CLIENT_S_DN_OU matches the OU in client's cert, then they will be allowed access to…
JaneD
  • 65
  • 4
1
vote
1 answer

Apache 2.4 vhosts get redircted (missrouting)

I have a problem with apache config, like this issue (Apache 2.2.22 - Random Vhost misrouting) I have multi domains servered by same apache (using vhosts). sometimes I got response from other domain then the one I'm requesting. Example: Listen…
Med.ZAIRI
  • 11
  • 2
1
vote
1 answer

Disabling Apache client certificate validation on a specific page

I've setup client certificate validation in apache and it's working just fine. However I'd like to disable the client certificate validation on specific page. Here's the config I use so far : # Verify client certificates SSLCACertificateFile…
NaviR
  • 50
  • 1
  • 10
1
vote
0 answers

Server saying no TLS/SSL protocols available even though mod_ssl/openssl installed and enabled

I am trying to add SSL certs to my server but when I connect via a browser it throws an error (ERR_SSL_PROTOCOL_ERROR in Chrome). This is confirmed using testssh (https://testssl.sh/) Testing protocols via sockets except NPN+ALPN SSLv2 not…
williamsdb
  • 493
  • 1
  • 8
  • 18
1
vote
2 answers

Redirect port 8080 to 80

I've a tomcat running along with the apache2 on Amazon AMI. Till now all of my users were accessing my webapp by putting port number 8080 in url and then tomcat does auto-redirection to 8443. But now I want all my users to access my app from 80/443,…
Vishal Pawale
  • 113
  • 5
1 2 3
18 19