SSL Bug with Apache SSL.conf ?

Impossible to get a SECURED HTTPS Server


Dear Madam and Sir,

Ever had the problem to implement a secured https server ?

We've been fighting for hours to try to implement an https access to A
Unix/Linux/Fedora Server.

FIRST : Get the CERT

We get the certificate from http://cert.startcom.org/?lang=en&app=115


SECOND : Flollowed the exact procedure

We followed several times the exact procedure mentionned by these
gentlemen from startcom (espacilly pointing out ssl.conf to
SSLCertificateFile, SSLCertificateKeyFile, SSLCertificateChainFile)
We did not corrupt the given ssl.crt, ssl.key, ssl.csr files

AS A CONSEQUENCE : HTTPS server is not working at all

As a result, Trying to reach a URL replacing http by https leads to an
error.
http://tinyurl.com/2nktv8

Do you have, from your expertise and background experience, an
operating solution that might work ?

Bobby

Re: SSL Bug with Apache SSL.conf ?

schreef in bericht
news:1192632356.001506.49650@v23g2000prn.googlegroups.com...
> AS A CONSEQUENCE : HTTPS server is not working at all
>
> As a result, Trying to reach a URL replacing http by https leads to an
> error.
> http://tinyurl.com/2nktv8
To the extend of the limited information provided, it's hard to blame Apache
or a certificate for a file-not-found.

When alternating between https://www.yourdomain.tld and
https://cimg.yourdomain.tld the warnings shown by FireFox2 are quite
informative and ODD:
the crossnaming conflict reported alternates the names too.

In so many words your Apache 2.0.50 on Fedora is working fine, but your
certificate has a flaw.

If you plan to do HTTPS for multiple sites -using ServerAliases rather than
multiple vhosts-, you probably need a wildcard certificate.



HansH