[Gllug] simple https troubleshooting?

Avi Greenbury avismailinglistaccount at googlemail.com
Fri May 9 15:11:03 UTC 2008


The webserver I look after has recently suddenly stopped serving https requests. It's got DTC Admin on it, which relies on https.

I've been trying to work out why, but I don't know where to look first - I've never really used https for anything before. It's a Debian box, everything (aside from DTC) has been installed from repositories.

On restarting Apache, error.log says

[Fri May 09 15:19:44 2008] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch10 mod_ssl/2.2.3 OpenSSL/0.9.8c configured -- resuming normal operations

Which implies (to me at least) that it is loading mod_ssl. I've not touched /etc/apache2/mods-enabled/ssl.conf since installing, but I've appended it to the email anyway.

Other modules are loading and working as expected (php5, userdir, rewrite).

Any ideas?



ssl.conf:

shrek:/var/log/apache2# cat /etc/apache2/mods-enabled/ssl.conf 
<IfModule mod_ssl.c>
#
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the SSL library.
# The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn't
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
#
SSLRandomSeed startup builtin
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect builtin
SSLRandomSeed connect file:/dev/urandom 512

##
##  SSL Global Context
##
##  All SSL configuration in this context applies both to
##  the main server and all SSL-enabled virtual hosts.
##

#
#   Some MIME-types for downloading Certificates and CRLs
#
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

#   Pass Phrase Dialog:
#   Configure the pass phrase gathering process.
#   The filtering dialog program (`builtin' is a internal
#   terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog  builtin

#   Inter-Process Session Cache:
#   Configure the SSL Session Cache: First the mechanism 
#   to use and second the expiring timeout (in seconds).
#SSLSessionCache         dbm:/var/run/apache2/ssl_scache
SSLSessionCache        shmcb:/var/run/apache2/ssl_scache(512000)
SSLSessionCacheTimeout  300

#   Semaphore:
#   Configure the path to the mutual exclusion semaphore the
#   SSL engine uses internally for inter-process synchronization. 
SSLMutex  file:/var/run/apache2/ssl_mutex
</IfModule>

-- 
Avi Greenbury
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list