Configuring ssl on apache and Leopard Mac OS 10.5.1

Configuring ssl on apache and Leopard Mac OS 10.5.1

am 17.12.2007 21:14:25 von Ben assis

------=_Part_10539_4793543.1197922465975
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi, On an imac intel dual core, I recently migrated to Leopard from Tiger
10.4.10. On my Tiger client I had installed my own web server using openssl
and mod_ssl with Apache 1.3 server; https was working fine. On Leopard with
apache 2.2.6 and OpenSSL 0.9.7, configuration files have significantly
changed; so, I cannot set my own web server to work with openssl under https
protocol. Here are relevant informations about my settings and error
messages : When I comment out this line in my http.conf : Include
/private/etc/apache2/extra/httpd-ssl.confI get this error message in my
Console and apache does'nt restart : 07-12-12 10:41:00 org.apache.httpd[48677]
Syntax error on line 60 of /private/etc/apache2/extra/httpd-ssl.conf:
07-12-12 10:41:00 org.apache.httpd[48677] Invalid command
'SSLPassPhraseDialog', perhaps misspelled or defined by a module not
included in the server configuration So, I comment line 60 in
httpd-ssl.conflike this : #SSLPassPhraseDialog builtin After an
'apachectl restart',
apache does'nt restart and I receive this new error message in my consol
log: 07-12-12 10:44:04 org.apache.httpd[48720] Syntax error on line 66 of
/private/etc/apache2/extra/httpd-ssl.conf: 07-12-12 10:44:04
org.apache.httpd[48720] Invalid command 'SSLSessionCache', perhaps
misspelled or defined by a module not included in the server configuration
and so on with the next directives... There is no other module or file which
could interfere with my two conf files and I would be surprised that
original conf files contain such a number of syntax errors !
Other relevant information :

- In httpd-vhosts.conf I have declared 2 virtual hosts which works fine
without httpd-ssl.conf.
- Phpinfo() tells me that openssl 0.97l is enabled (I do not see any enabled
mod_ssl module)
- As my ISP blocks my port 443, I use port 8080.
- If I send this command in a terminal window :


bash-3.2# openssl s_client -connect localhost:8083 -state -debug
- I receive :

CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 0040BD60 [00139000] (118 bytes => 118 (0x76))
0000 - 80 74 01 03 01 00 4b 00-00 00 20 00 00 39 00 00 .t....K... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5............
0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 05 00 ..3..2../.......
0030 - 00 04 01 00 80 00 00 15-00 00 12 00 00 09 06 00 ................
0040 - 40 00 00 14 00 00 11 00-00 08 00 00 06 04 00 80 @...............
0050 - 00 00 03 02 00 80 ad fc-38 5b aa e4 8a c8 16 6f ........8[.....o
0060 - 85 6e 96 be ca 41 2f ef-51 1d f1 17 a2 7b f1 d3 .n...A/.Q....{..
0070 - 7e 9f 21 18 cc 7b ~.!..{
SSL_connect:SSLv2/v3 write client hello A
read from 0040BD60 [0013F000] (7 bytes => 7 (0x7))
0000 - 3c 21 44 4f 43 54 59 SSL_connect:error in SSLv2/v3 read server hello A
1721:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol:s23_clnt.c:601:

- Following are my includes conf files : # Virtual hosts Include
/private/etc/apache2/extra/httpd-vhosts.conf
# Real-time info on requests and configuration #Include
/private/etc/apache2/extra/httpd-info.conf # Local access to the Apache HTTP
Server Manual Include /private/etc/apache2/extra/httpd-manual.conf #
Distributed authoring and versioning (WebDAV) #Include
/private/etc/apache2/extra/httpd-dav.conf # Various default settings
#Include /private/etc/apache2/extra/httpd-default.conf # Secure (SSL/TLS)
connections Include /private/etc/apache2/extra/httpd-ssl.conf # AddType
application/x-httpd-php .php AddType application/x-httpd-php-source .phps
DirectoryIndex index.html index.php #Include
/private/etc/apache2/other/*.conf Any idea ? Thanks for helping me

------=_Part_10539_4793543.1197922465975
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi,
On an imac intel dual core, I recently migrated to Leopard from Tiger 10.4.10. On my Tiger client I had installed my own web server using openssl and mod_ssl with Apache 1.3 server; https was working fine.
On Leopard with apache 2.2.6 and OpenSSL 0.9.7, configuration files have significantly changed; so, I cannot set my own web server to work with openssl under https protocol.
Here are relevant informations about my settings and error messages :

When I comment out this line in my http.conf :
Include /private/etc/apache2/extra/httpd-ssl.conf

I get this error message in my Console and apache does'nt restart :
07-12-12 10:41:00 org.apache.httpd[48677] Syntax error on line 60 of /private/etc/apache2/extra/httpd-ssl.conf:
07-12-12 10:41:00 org.apache.httpd[48677] Invalid command 'SSLPassPhraseDialog', perhaps misspelled or defined by a module not included in the server configuration


So, I comment line 60 in httpd-ssl.conf like this :
#SSLPassPhraseDialog builtin
After an 'apachectl restart', apache does'nt restart and I receive this new error message in my consol log:
07-12-12 10:44:04 org.apache.httpd[48720] Syntax error on line 66 of /private/etc/apache2/extra/httpd-ssl.conf:
07-12-12 10:44:04 org.apache.httpd[48720] Invalid command 'SSLSessionCache', perhaps misspelled or defined by a module not included in the server configuration

and so on with the next directives...
There is no other module or file which could interfere with my two conf files and I would be surprised that original conf files contain such a number of syntax errors !

Other relevant information :



- In httpd-vhosts.conf I have declared 2 virtual hosts which works fine without httpd-ssl.conf.

- Phpinfo() tells me that openssl 0.97l is enabled (I do not see any enabled mod_ssl module)

- As my ISP blocks my port 443, I use port 8080.
- If I send this command in a terminal window :

 
bash-3.2# openssl s_client -connect localhost:8083 -state -debug

- I receive :

CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 0040BD60 [00139000] (118 bytes => 118 (0x76))

0000 - 80 74 01 03 01 00 4b 00-00 00 20 00 00 39 00 00   .t....K... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0   8..5............
0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 05 00   ..3..2../.......
0030 - 00 04 01 00 80 00 00 15-00 00 12 00 00 09 06 00   ................
0040 - 40 00 00 14 00 00 11 00-00 08 00 00 06 04 00 80   @...............
0050 - 00 00 03 02 00 80 ad fc-38 5b aa e4 8a c8 16 6f   ........8[.....o
0060 - 85 6e 96 be ca 41 2f ef-51 1d f1 17 a2 7b f1 d3   .n...A/.Q....{..
0070 - 7e 9f 21 18 cc 7b                                 ~.!..{
SSL_connect:SSLv2/v3 write client hello A

read from 0040BD60 [0013F000] (7 bytes => 7 (0x7))
0000 - 3c 21 44 4f 43 54 59                              <!DOCTY
SSL_connect:error in SSLv2/v3 read server hello A
1721:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:601:

- Following are my includes conf files :
# Virtual hosts
Include /private/etc/apache2/extra/httpd-vhosts.conf

# Real-time info on requests and configuration
#Include /private/etc/apache2/extra/httpd-info.conf

# Local access to the Apache HTTP Server Manual
Include /private/etc/apache2/extra/httpd-manual.conf

# Distributed authoring and versioning (WebDAV)
#Include /private/etc/apache2/extra/httpd-dav.conf
# Various default settings
#Include /private/etc/apache2/extra/httpd-default.conf
# Secure (SSL/TLS) connections
Include /private/etc/apache2/extra/httpd-ssl.conf
#
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
DirectoryIndex index.html index.php

#Include /private/etc/apache2/other/*.conf

Any idea ? Thanks for helping me



------=_Part_10539_4793543.1197922465975--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org