(Hopefully) easy SSL question

I have openssl and mod_ssl on a server running Apache.
On independent IPs, I have three websites. One is listening *only* on port
443, and works just fine. The other two need to listen on both 80 and 443,
but I have only been able to get them to listen on one port at a time. If I
add the directive: SSLEngine on, then port 80 stops listening (more
accuarately, it complains that I didn't type in https:). If I remove that
directive, then port 443 stops listening. Page cannot be found. Is there
some other directive I need to use? Thanks!!

Justin

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: (Hopefully) easy SSL question

under the directive, list each port to listen on with the:
Listen domain.com:80
Listen domain.com:443
....


see if that corrects matters for you.

Thanks,

Ron DuFresne

On Tue, 3 Dec 2002, Justin Williams wrote:

> I have openssl and mod_ssl on a server running Apache.
> On independent IPs, I have three websites. One is listening *only* on port
> 443, and works just fine. The other two need to listen on both 80 and 443,
> but I have only been able to get them to listen on one port at a time. If I
> add the directive: SSLEngine on, then port 80 stops listening (more
> accuarately, it complains that I didn't type in https:). If I remove that
> directive, then port 443 stops listening. Page cannot be found. Is there
> some other directive I need to use? Thanks!!
>
> Justin
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com

"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart

testing, only testing, and damn good at it too!

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: (Hopefully) easy SSL question

Is this directive the same thing as ?
Thanks!
----- Original Message -----
From: "R. DuFresne"
To: "Justin Williams"
Cc:
Sent: Tuesday, December 03, 2002 2:19 PM
Subject: Re: (Hopefully) easy SSL question


>
>
> under the directive, list each port to listen on with the:
> Listen domain.com:80
> Listen domain.com:443
> ...
>
>
> see if that corrects matters for you.
>
> Thanks,
>
> Ron DuFresne
>
> On Tue, 3 Dec 2002, Justin Williams wrote:
>
> > I have openssl and mod_ssl on a server running Apache.
> > On independent IPs, I have three websites. One is listening *only* on
port
> > 443, and works just fine. The other two need to listen on both 80 and
443,
> > but I have only been able to get them to listen on one port at a time.
If I
> > add the directive: SSLEngine on, then port 80 stops listening (more
> > accuarately, it complains that I didn't type in https:). If I remove
that
> > directive, then port 443 stops listening. Page cannot be found. Is
there
> > some other directive I need to use? Thanks!!
> >
> > Justin
> >
> > ____________________________________________________________ __________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List modssl-users@modssl.org
> > Automated List Manager majordomo@modssl.org
> >
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> admin & senior security consultant: sysinfo.com
> http://sysinfo.com
>
> "Cutting the space budget really restores my faith in humanity. It
> eliminates dreams, goals, and ideals and lets us get straight to the
> business of hate, debauchery, and self-annihilation."
> -- Johnny Hart
>
> testing, only testing, and damn good at it too!
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: (Hopefully) easy SSL question

I have that statement coming after the directive
(meaning it's defined within that /).
Of course, and I dont't state my conf file is the cleanest of meanest, I
have 3 such openings and closings of like this:









This happens to be the first such set if directives:


Listen domain.com:80
Listen domain.com:443
...



Damn, now I have to go cleanup things one of these days .

Thanks,

Ron DuFresne


On Tue, 3 Dec 2002, Justin Williams wrote:

> Is this directive the same thing as ?
> Thanks!
> ----- Original Message -----
> From: "R. DuFresne"
> To: "Justin Williams"
> Cc:
> Sent: Tuesday, December 03, 2002 2:19 PM
> Subject: Re: (Hopefully) easy SSL question
>
>
> >
> >
> > under the directive, list each port to listen on with the:
> > Listen domain.com:80
> > Listen domain.com:443
> > ...
> >
> >
> > see if that corrects matters for you.
> >
> > Thanks,
> >
> > Ron DuFresne
> >
> > On Tue, 3 Dec 2002, Justin Williams wrote:
> >
> > > I have openssl and mod_ssl on a server running Apache.
> > > On independent IPs, I have three websites. One is listening *only* on
> port
> > > 443, and works just fine. The other two need to listen on both 80 and
> 443,
> > > but I have only been able to get them to listen on one port at a time.
> If I
> > > add the directive: SSLEngine on, then port 80 stops listening (more
> > > accuarately, it complains that I didn't type in https:). If I remove
> that
> > > directive, then port 443 stops listening. Page cannot be found. Is
> there
> > > some other directive I need to use? Thanks!!
> > >
> > > Justin
> > >
> > > ____________________________________________________________ __________
> > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > > User Support Mailing List modssl-users@modssl.org
> > > Automated List Manager majordomo@modssl.org
> > >
> >
> > --
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > admin & senior security consultant: sysinfo.com
> > http://sysinfo.com
> >
> > "Cutting the space budget really restores my faith in humanity. It
> > eliminates dreams, goals, and ideals and lets us get straight to the
> > business of hate, debauchery, and self-annihilation."
> > -- Johnny Hart
> >
> > testing, only testing, and damn good at it too!
> >
> > ____________________________________________________________ __________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List modssl-users@modssl.org
> > Automated List Manager majordomo@modssl.org
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com

"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart

testing, only testing, and damn good at it too!

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: (Hopefully) easy SSL question

In the if mod_ssl.c, I spotted more than a couple of "Listen" statements.
Any time I added IP:443 in there, Apache pitched a hissy fit.
So, I ended up taking a slightly different route.
I set up two entries in the .conf:
IP1:80
no SSL info
IP1:443
SSL info

IP2:80
no SSL info
IP2:443
SSL info

Apache stopped complaining, and the domains are listening on both ports...
----- Original Message -----
From: "R. DuFresne"
To: "Justin Williams"
Cc:
Sent: Tuesday, December 03, 2002 3:43 PM
Subject: Re: (Hopefully) easy SSL question


>
> I have that statement coming after the directive
> (meaning it's defined within that /).
> Of course, and I dont't state my conf file is the cleanest of meanest, I
> have 3 such openings and closings of like this:
>
>
>
>
>
>
>
>
>
> This happens to be the first such set if directives:
>
>
> Listen domain.com:80
> Listen domain.com:443
> ...
>
>
>
> Damn, now I have to go cleanup things one of these days .
>
> Thanks,
>
> Ron DuFresne
>
>
> On Tue, 3 Dec 2002, Justin Williams wrote:
>
> > Is this directive the same thing as ?
> > Thanks!
> > ----- Original Message -----
> > From: "R. DuFresne"
> > To: "Justin Williams"
> > Cc:
> > Sent: Tuesday, December 03, 2002 2:19 PM
> > Subject: Re: (Hopefully) easy SSL question
> >
> >
> > >
> > >
> > > under the directive, list each port to listen on with
the:
> > > Listen domain.com:80
> > > Listen domain.com:443
> > > ...
> > >
> > >
> > > see if that corrects matters for you.
> > >
> > > Thanks,
> > >
> > > Ron DuFresne
> > >
> > > On Tue, 3 Dec 2002, Justin Williams wrote:
> > >
> > > > I have openssl and mod_ssl on a server running Apache.
> > > > On independent IPs, I have three websites. One is listening *only*
on
> > port
> > > > 443, and works just fine. The other two need to listen on both 80
and
> > 443,
> > > > but I have only been able to get them to listen on one port at a
time.
> > If I
> > > > add the directive: SSLEngine on, then port 80 stops listening (more
> > > > accuarately, it complains that I didn't type in https:). If I
remove
> > that
> > > > directive, then port 443 stops listening. Page cannot be found. Is
> > there
> > > > some other directive I need to use? Thanks!!
> > > >
> > > > Justin
> > > >
> > > >
____________________________________________________________ __________
> > > > Apache Interface to OpenSSL (mod_ssl)
www.modssl.org
> > > > User Support Mailing List
modssl-users@modssl.org
> > > > Automated List Manager
majordomo@modssl.org
> > > >
> > >
> > > --
> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > > admin & senior security consultant: sysinfo.com
> > > http://sysinfo.com
> > >
> > > "Cutting the space budget really restores my faith in humanity. It
> > > eliminates dreams, goals, and ideals and lets us get straight to the
> > > business of hate, debauchery, and self-annihilation."
> > > -- Johnny Hart
> > >
> > > testing, only testing, and damn good at it too!
> > >
> > > ____________________________________________________________ __________
> > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > > User Support Mailing List modssl-users@modssl.org
> > > Automated List Manager majordomo@modssl.org
> >
> > ____________________________________________________________ __________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List modssl-users@modssl.org
> > Automated List Manager majordomo@modssl.org
> >
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> admin & senior security consultant: sysinfo.com
> http://sysinfo.com
>
> "Cutting the space budget really restores my faith in humanity. It
> eliminates dreams, goals, and ideals and lets us get straight to the
> business of hate, debauchery, and self-annihilation."
> -- Johnny Hart
>
> testing, only testing, and damn good at it too!
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org