:strip_icc():strip_exif()/u/46676/audi_v6.jpg?f=community)
Hoi,
Ik wil https draaien op mijn server. Ik heb al verschillende documenten gelezen, maar het lukt me niet om het aan de praat te krijgen. De module lijkt perfect te werken, maar als ik via IE naar de https site ga dan doet ie het niet (page not found)
Server version: Apache/1.3.26 (Unix) Debian GNU/Linux
Ik weet niet wat ik verkeerd doe..... ik heb verschillende domeinen draaien en mijn ssl config ziet er zo uit:
Als ik apache start, moet ik eerst dat wachtwoord invoeren en dan zegt mijn ssl_engine.log dit:
Als ik dan connect naar https://admin.blabla.com dan krijg ik dit in de ssl_engine.log:
Dus het lijkt erop dat het allemaal goed gaat, maar de verbinding wordt meteen weer gesloten en ik krijg in IE "kan de server niet vinden" foutmelding
Wat doe ik fout of zie ik over het hoofd?
Ik wil https draaien op mijn server. Ik heb al verschillende documenten gelezen, maar het lukt me niet om het aan de praat te krijgen. De module lijkt perfect te werken, maar als ik via IE naar de https site ga dan doet ie het niet (page not found)
Server version: Apache/1.3.26 (Unix) Debian GNU/Linux
Ik weet niet wat ik verkeerd doe..... ik heb verschillende domeinen draaien en mijn ssl config ziet er zo uit:
code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
| <IfModule mod_ssl.c>
Listen 80
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/run/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/var/run/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLLog /var/log/apache/ssl_engine.log
SSLLogLevel trace
</IfModule>
<VirtualHost _default_:443>
ServerName admin.blabla.com
DocumentRoot /var/domains/blabla/admin/
ServerAdmin admin@blabla.com
#ErrorLog logs/ssl-error_log
#TransferLog logs/ssl-access_log
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
SSLEngine on
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
#SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /etc/apache/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache/ssl.key/server.key
SSLVerifyClient none
SSLVerifyDepth 10
SSLProtocol all -SSLv3
</VirtualHost> |
Als ik apache start, moet ik eerst dat wachtwoord invoeren en dan zegt mijn ssl_engine.log dit:
code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| [19/Sep/2003 19:45:02 06769] [info] Server: Apache/1.3.26, Interface: mod_ssl/2.8.9, Library: OpenSSL/0.9.6g [19/Sep/2003 19:45:02 06769] [info] Init: 1st startup round (still not detached) [19/Sep/2003 19:45:02 06769] [info] Init: Initializing OpenSSL library [19/Sep/2003 19:45:02 06769] [info] Init: Loading certificate & private key of SSL-aware server admin.blabla.com:443 [19/Sep/2003 19:45:02 06769] [info] Init: Requesting pass phrase via builtin terminal dialog [19/Sep/2003 19:45:05 06769] [trace] Init: (admin.blabla.com:443) encrypted RSA private key - pass phrase requested [19/Sep/2003 19:45:05 06769] [info] Init: Wiped out the queried pass phrases from memory [19/Sep/2003 19:45:05 06769] [info] Init: Seeding PRNG with 136 bytes of entropy [19/Sep/2003 19:45:05 06769] [info] Init: Generating temporary RSA private keys (512/1024 bits) [19/Sep/2003 19:45:05 06769] [info] Init: Configuring temporary DH parameters (512/1024 bits) [19/Sep/2003 19:45:06 06770] [info] Init: 2nd startup round (already detached) [19/Sep/2003 19:45:06 06770] [info] Init: Reinitializing OpenSSL library [19/Sep/2003 19:45:06 06770] [trace] Inter-Process Session Cache (DBM) Expiry: old: 0, new: 0, removed: 0 [19/Sep/2003 19:45:06 06770] [info] Init: Seeding PRNG with 136 bytes of entropy [19/Sep/2003 19:45:06 06770] [info] Init: Configuring temporary RSA private keys (512/1024 bits) [19/Sep/2003 19:45:06 06770] [info] Init: Configuring temporary DH parameters (512/1024 bits) [19/Sep/2003 19:45:06 06770] [info] Init: Initializing (virtual) servers for SSL [19/Sep/2003 19:45:06 06770] [info] Init: Configuring server admin.blabla.com:443 for SSL protocol [19/Sep/2003 19:45:06 06770] [trace] Init: (admin.blabla.com:443) Creating new SSL context (protocols: SSLv2, TLSv1) [19/Sep/2003 19:45:06 06770] [trace] Init: (admin.blabla.com:443) Configuring permitted SSL ciphers [ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL] [19/Sep/2003 19:45:06 06770] [trace] Init: (admin.blabla.com:443) Configuring RSA server certificate [19/Sep/2003 19:45:06 06770] [trace] Init: (admin.blabla.com:443) Configuring RSA server private key |
Als ik dan connect naar https://admin.blabla.com dan krijg ik dit in de ssl_engine.log:
code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
| [19/Sep/2003 19:50:02 06771] [info] Connection to child 0 established (server admin.blabla.com:443, client 192.168.1.3) [19/Sep/2003 19:50:02 06771] [info] Seeding PRNG with 23177 bytes of entropy [19/Sep/2003 19:50:02 06771] [trace] OpenSSL: Handshake: start [19/Sep/2003 19:50:02 06771] [trace] OpenSSL: Loop: before/accept initialization [19/Sep/2003 19:50:02 06771] [trace] OpenSSL: Loop: SSLv2 read client hello A [19/Sep/2003 19:50:02 06771] [trace] OpenSSL: Loop: SSLv2 write server hello A [19/Sep/2003 19:50:02 06771] [trace] OpenSSL: Loop: SSLv2 read client master key A [19/Sep/2003 19:50:02 06771] [trace] OpenSSL: Loop: SSLv2 server start encryption [19/Sep/2003 19:50:02 06771] [trace] OpenSSL: Loop: SSLv2 write server verify A [19/Sep/2003 19:50:02 06771] [trace] OpenSSL: Loop: SSLv2 read client finished A [19/Sep/2003 19:50:02 06771] [trace] OpenSSL: Loop: SSLv2 write request certificate A [19/Sep/2003 19:50:02 06771] [trace] OpenSSL: Loop: SSLv2 write server finished A [19/Sep/2003 19:50:02 06771] [trace] Inter-Process Session Cache: request=SET status=OK id=97786CD16F79C6ABA956148904B2CBFA timeout=300s (session caching) [19/Sep/2003 19:50:02 06771] [trace] OpenSSL: Handshake: done [19/Sep/2003 19:50:02 06771] [info] Connection: Client IP: 192.168.1.3, Protocol: SSLv2, Cipher: RC4-MD5 (128/128 bits) [19/Sep/2003 19:50:02 06771] [info] Connection to child 0 closed with standard shutdown (server admin.blabla.com:443, client 192.168.1.3) [19/Sep/2003 19:50:02 06772] [info] Connection to child 1 established (server admin.blabla.com:443, client 192.168.1.3) [19/Sep/2003 19:50:02 06772] [info] Seeding PRNG with 23177 bytes of entropy [19/Sep/2003 19:50:02 06772] [trace] OpenSSL: Handshake: start [19/Sep/2003 19:50:02 06772] [trace] OpenSSL: Loop: before/accept initialization [19/Sep/2003 19:50:02 06772] [trace] Inter-Process Session Cache: request=GET status=FOUND id=97786CD16F79C6ABA956148904B2CBFA (session reuse) [19/Sep/2003 19:50:02 06772] [trace] OpenSSL: Loop: SSLv2 read client hello A [19/Sep/2003 19:50:02 06772] [trace] OpenSSL: Loop: SSLv2 write server hello A [19/Sep/2003 19:50:02 06772] [trace] OpenSSL: Loop: SSLv2 server start encryption [19/Sep/2003 19:50:02 06772] [trace] OpenSSL: Loop: SSLv2 write server verify A [19/Sep/2003 19:50:02 06772] [trace] OpenSSL: Loop: SSLv2 write server verify C [19/Sep/2003 19:50:02 06772] [trace] OpenSSL: Loop: SSLv2 read client finished A [19/Sep/2003 19:50:02 06772] [trace] OpenSSL: Loop: SSLv2 write request certificate A [19/Sep/2003 19:50:02 06772] [trace] OpenSSL: Loop: SSLv2 write server finished A [19/Sep/2003 19:50:02 06772] [trace] OpenSSL: Handshake: done [19/Sep/2003 19:50:02 06772] [info] Connection: Client IP: 192.168.1.3, Protocol: SSLv2, Cipher: RC4-MD5 (128/128 bits) [19/Sep/2003 19:50:02 06772] [info] Connection to child 1 closed with standard shutdown (server admin.blabla.com:443, client 192.168.1.3) |
Dus het lijkt erop dat het allemaal goed gaat, maar de verbinding wordt meteen weer gesloten en ik krijg in IE "kan de server niet vinden" foutmelding
Wat doe ik fout of zie ik over het hoofd?