Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [mod-ssl]

The Apache Httpd interface to OpenSSL

mod_ssl is a module for the Apache HTTPD webserver which allows it to perform SSL and TLS encryption on connections. Documentation is provided by Apache covering installation and setup for httpd 2.0 and 2.2

This tag should be used for questions around compiling, building, configuring, extending, provisioning, debugging and using mod_ssl.

For questions around building Apache modules on top of mod_ssl, or working on the code, the mod-ssl tag on StackOverflow is likely to be a better place to ask.

272 questions
1
vote
0 answers

How to allow a newly inserted user certificate with Apache 'SSLVerifyClient optional'?

My web users are able to optionally use a Smart Card Certificate to identify themself via Firefox to my web server running Apache httpd 2.4. For this I use SSLVerifyClient optional plus for speed SSLSessionCache and SSLSessionCacheTimeout Sometimes…
Petra Verheim
  • 21
  • 2
1
vote
2 answers

Apache2 URL Rewrite with Reverse Proxy

I've been trying to accomplish a goal of using Apache as a reverse proxy to translate HTTP to HTTPS as well as using mod_rewrite to inject a query string. The reverse proxy works if tested without the rewrite. When adding the rewrite however, Apache…
Suterusu
  • 11
  • 1
  • 2
1
vote
1 answer

How to bypass SSLVerifyClient for specific IP Address

I'm fairly new to HTTPD so I need some insight from the pro's. The previous admins set up HTTPD on a Linux box. It is configured to read Certs by the user accessing a specific DNS (ex: https://cxg-now-test.abc). A reverse proxy is then used to send…
MCM
  • 13
  • 1
  • 3
1
vote
1 answer

Apache 2.4 / SSL certificates error: AH01903: Failed to configure CA certificate chain

I recently had to renew one of my SSL certificates on an Apache 2.4/Mod_ssl server. I have 2 Vhosts, no SNI, each running on a separate NIC. Until now the certificates were both Globalsign OrganizationSSL, one specific to an URL, the other one is a…
IsKor
  • 45
  • 3
  • 10
1
vote
2 answers

Something is regenerate ports.conf

Since the last update of my Raspbian "something" is updating my apache ports.conf file by adding these two lines automatically: Listen 81 And: Listen 443 But I need you to listen to the port 4443 because I'm using…
gokuhs
  • 31
  • 3
1
vote
2 answers

Compiling Apache mod_ssl for different target hardware (hardware capability unsupported SSE2 error)

I am building and packaging the following on one machine (the "build" machine) and attempting to install and use on other machines ("target" machines) some of which have different processors. OpenSSL 0.9.8l Apache 2.2.14 Tomcat Connectors…
cope360
  • 131
  • 1
  • 8
1
vote
1 answer

Apache client authentication: browser not sending certificate when CA name not matching by case?

Using Apache 2.4. We have two valid CA certificates whose distinguished names differ only by the case of one character (say CA1 with dn: cn=MyCA,O=myOrg and CA2 with dn: cn=MyCA,O=MyOrg). These two certificates are both in the file referred by the…
rzabini
  • 11
  • 2
1
vote
1 answer

Apache2.4.25 using system default openssl instead of new version provided during compilation

Trying to compile apache2.4.25 from source on Fedora 15 with dynamically linked mod_ssl. Fedora15 server has a default openssl version (OpenSSL 1.0.0j-fips 10 May 2012) and newer openssl library (OpenSSL 1.0.2g 1 Mar 2016) is installed in…
user2839891
  • 21
  • 1
  • 3
1
vote
1 answer

Apache SNI Issues with SSL Certificates

I'm having issues with my VirtualHost configurations on my server. My server is running Ubuntu 14.04.5 LTS (GNU/Linux 4.4.0-31-generic x86_64), with Apache/2.4.7 (Ubuntu). I've done a lot of reading on Apache and SNI from other threads on here, but…
Dave Hunt
  • 111
  • 3
1
vote
1 answer

Apache HTTP to HTTPS redirect not working

I am trying to set up a default HTTP to HTTPS redirect. Somehow neither mod_rewrite nor Redirect work. Am I missing something obvious? Listen 80 Listen 443 ServerName www.example.com ServerAlias example.com …
randomcoding
  • 11
  • 2
1
vote
0 answers

What's different between 'Using-Default-VirtualHost' and 'Using-Correctly-Named-VirtualHost'?

Conclusion: I believe I mismatched openssl version when I had compiled apache. It works now; and I recompiled it with openssl which is already installed. Thank you for your help, Unbeliever. Additional Information: I figured out another related…
KML
  • 11
  • 3
1
vote
1 answer

Cannot load modules/mod_ssl.so into server: /etc/httpd/modules/mod_ssl.so: undefined symbol: ap_array_str_contains

I am trying to run Apache on Amazon Linux with SSL for my website and I configured all ssl prerequisites. But when I start the Apache it throws the error saying: Starting httpd: httpd: Syntax error on line 58 of /etc/httpd/conf/httpd.conf: Syntax…
Nagarjuna D N
  • 315
  • 1
  • 2
  • 16
1
vote
1 answer

Webmin through apache2 SSL Proxy

I'm trying to make accessible my Webmin through a sub-domain https://webmin.example.com/ I'm using Cloudflare DNS and Cloudflare SSL Certification. Whenever i type the above URL, it's automatically turns to http://webmin.example.com/ This points to…
PRR21
  • 111
  • 3
1
vote
1 answer

bypass apache SSL and use tomcat instead

I don't want my clients to negotiate an SSL connection with Apache web server, I want them to do so with the tomcat server behind it instead. How can I do so? My current httpd.conf configuration is: Listen 443 https SSLProxyEngine On ProxyPass /…
NotGaeL
  • 277
  • 1
  • 3
  • 14
1
vote
0 answers

SSL with Virtual Hosts Using SNI (multiple name based configs) - Need to get working with client certificate

I have the following configuration along with other name based virtual hosts. All others work fine but this one fails when enabling certificate authentication with the following error: Non-default virtual host with SSLVerify set to 'require' and…
Raj
  • 11
  • 2
1 2 3
18 19