This week's book giveaway is in the JavaScript forum.
We're giving away four copies of Svelte and Sapper in Action and have Mark Volkmann on-line!
See this thread for details.
Win a copy of Svelte and Sapper in Action this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Bear Bibeault
  • Junilu Lacar
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • salvin francis
  • Frits Walraven
Bartenders:
  • Scott Selikoff
  • Piet Souris
  • Carey Brown

configuring ssl for apache+openssl+tomcat

 
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i have apache 4 and tomcat 2 installed, which work perfectly fine through mod_jk2. i've been trying to set up a SSL secure server
by using mod_ssl, but after hours of working through it, i still haven't been able to make it work. in order to install mod_ssl, i enabled this
while configuring apache as below:
./configure --enable-ssl --with-ssl=/usr/openssl
before calling make and make install.
i can see that mod_ssl.c has been installed by typing ./bin/httpd -l, which shows a list of modules installed. at this point, i proceeded
to make the certificate key and a corresponding self-signed certificate using openssl. i made sure that the key and the certificate matched by
checking the modulus portion as instructed on mod_ssl.org. i didn't change anything in httpd.conf because it already had the include directive
for ssl.conf in the case of <IfDefine SSL>. I kept ssl.conf as it was when first installed, except changing the path for the certificate key and the
certificate file, as well as the Server Name within the SSL-enabled <VirtualHost>, because apache complained that the server name of the key/certificate
didn't match its 'Server Name'. Below is the portion that i've changed, as well as the error msg that prompted me to change the server name.
ssl.conf:
<VirtualHost 63.251.x.x:443>
# General setup for the virtual host
#DocumentRoot "/usr/local/apache2/htdocs"
DocumentRoot "/usr/local/apache2/temp"
#ServerName new.host.name:443
ServerName 63.251.x.x:443
#ServerAdmin you@your.address
ErrorLog logs/error_log
TransferLog logs/access_log
error msg:
[Wed Sep 10 16:47:55 2003] [warn] RSA server certificate CommonName (CN) `john doe' does NOT match server name!?
(so after this i changed the common name of the crt to [my ip address]:443)

starting apache is fine w/o any errors, but when i tried to access the page by going to https://63.251.x.x, i get 'cannot find server - the page cannot
be displayed' error. i understand that sometimes apache+openssl+mod_ssl has problems with IE, but all the fixes recommended on mod_ssl.org has
already been included in the .conf files that i have. is there something else i'm missing here? any help would be appreciated. thanks in advance.
    Bookmark Topic Watch Topic
  • New Topic