2

I'm trying to add a secure site to Zend.

When I go to the Zend server site at http://my_IP:10081 I can see, under server extensions, "openssl built-in, ON".

When I add SSLEngine On to the httpd.conf I get ...

Invalid command 'SSLEngine', perhaps misspelled or defined 
by a module not included in the server configuration

Missing this line out gives....

Invalid command 'SSLCertificateChainFile', perhaps misspelled or defined by 
a module not included in the server configuration.

Appendix F at Zend's site says 

Uncomment the following line...
Include conf/extra/httpd-ssl.conf

But that line is not in my conf file and nor is the path indicated.

The directory /usr/lib64/httpd/modules does not have a file called mod_ssl.so or similar.

This is Zend 5.5 on Red Hat

PHP Version 5.3.8-ZS5.5.0 Zend Framework Version 1.11.10

My manager says it was a pretty standard installation. Any help would be great. Thanks.

Tim Fountain
  • 33,093
  • 5
  • 41
  • 69
Pete
  • 1,289
  • 10
  • 18

1 Answers1

2

The SSL module installed on your server may not be enabled. Try: sudo a2enmod ssl

EDIT: Nvm, I guess I skipped over the part you said you were using RedHat. I don't believe there is an a2enmod equivalent in RedHat.

RedHat typically has these includes in httpd.conf where you will find lines like this:

Include conf.d/*.conf

This should corespond to an ssl configuration file located in the /etc/httpd/conf.d directory. Check to make sure there is such a file and if it's configured in your httpd.conf.

Matt K
  • 6,620
  • 3
  • 38
  • 60
  • Thanks Matt. No, a2enmod wasn't recognised. The conf.d directory is there, but the SSL conf file is missing. Maybe I'll try to find a copy and add it. – Pete Feb 24 '12 at 14:43
  • Here are the contents of conf.d /etc/httpd/conf.d/proxy_ajp.conf /etc/httpd/conf.d/README /etc/httpd/conf.d/welcome.conf /etc/httpd/conf.d/zendserver_gui.conf /etc/httpd/conf.d/zendserver_php.conf – Pete Feb 24 '12 at 14:46
  • Brilliant! Why didn't I think of that? I now get "_default_ VirtualHost overlap on port 443, the first has precedence" but I'll soon sort that out. Thanks a million. – Pete Feb 24 '12 at 15:12
  • PS Just in case anyone else follows, it's mod_ssl NB the underscore. – Pete Feb 24 '12 at 15:20
  • good catch. also, the error you're getting about overlap is because you haven't configured apache to use port 443 as a vhost. add this line to your httpd.conf: `NameVirtualHost *:443` – Matt K Feb 24 '12 at 15:36
  • Matt, you're a star. Thanks a lot. I'm only realising now that there's a sister site (?) for this sort of question. Sorry if it was off-topic. – Pete Feb 24 '12 at 15:48