| Author | Topic: Apache 2.2.3 - SSL won't give my files | |
|---|---|---|
 | Hubert Brandel | Apache 2.2.3 - SSL won't give my files on Thu, 30 Nov 2006 23:17:16 +0100 Hi, I have a local homeserver with apache 2.0.55 on it. With Phils PDF I made my own SSL Keys/Crts. I could access the HTTPS and HTTP dirs. Now I try to upgrade to 2.2.3 (deleted alle an new install) I put all my spezial values and files to the new location (Servername etc.). The HTTP site is no problem, and the server is listening at 80 and 443. The logfiles show that both ports are working, no error ! When i try to open a HTTPS site, I have to accept, that the selfmade CRT/KEY is not offical. I do grand the use of it and get back the message: Forbidden You don't have permission to access / on this server. Apache/2.2.3 (Win32) mod_ssl/2.2.3 OpenSSL/0.9.8d Server at localhost Port 443 I can't find any helpfull info. The 2.2.3 must need more infos or grants to work like the old 2.0.55 Any hints are welcome ... Bye Hubert ---------------- Ich empfehle: www.xbaseforum.de (in deutsch) Homepage: German - www.familie-brandel.de/index.htm English - www.familie-brandel.de/index_e.htm |
| Hubert Brandel | Re: Apache 2.2.3 - SSL won't give my files on Thu, 30 Nov 2006 23:35:14 +0100 Hi, I should tell you this too ... I do not need a client certificate verify the client. Every PC should access the ssl-root with HTTPS. I do only use this to secure the passwords for login in my programs ---------------- Ich empfehle: www.xbaseforum.de (in deutsch) Homepage: German - www.familie-brandel.de/index.htm English - www.familie-brandel.de/index_e.htm |
| Phil Ide | Re: Apache 2.2.3 - SSL won't give my files on Tue, 05 Dec 2006 09:20:29 +0000 Hubert, You can get the "forbidden" error when you have actually accessed the site (in fact, you can ONLY get it when you have successfully accessed the site). The message comes from the HTTP server (Apache), so your SSL connection is established properly and now you are requesting a resource. In each directory of the host/vhost, you must have a valid index file - index.html, default.html etc, if anyone does a GET on that directory without specifying a vali file name. For example, if you deleted index.html and then sent your browser to http://mydomain.com, Apache would look for an index file (by default, index.html) in the document root directory. If it doesn't find it, it will return the "forbidden" message. You can configure which files Apache will use as indexes in httpd.conf, here's mine: # # DirectoryIndex: sets the file that Apache will serve if a directory # is requested. # <IfModule dir_module> DirectoryIndex index.html index.shtml index.php index.htm default.html </IfModule> Regards, Phil Ide --------------------- www.xbhcl.com www.pbih.eu www.idep.org.uk/xbase --------------------- Sysoping: More fun than using Windoze |
| Hubert Brandel | Re: Apache 2.2.3 - SSL won't give my files on Tue, 05 Dec 2006 20:48:40 +0100 Phil Ide schrieb:
> You can get the "forbidden" error when you have actually accessed the site
> (in fact, you can ONLY get it when you have successfully accessed the
> site).
Hi Phil,
my mistake was ...
<Directory ".../SSL">
...
</Directory>
The new 2.2.3 server need such an entry for the SSL-Root directory.
in the extra/httpd-ssl.conf was only one for the cgi-bin dir.
I found it 2 days ago. I am not shure if my entrys are secure,
what do you think about this options:
SSLOptions +StdEnvVars
Order allow,deny
Allow from all
for a SSL dir, open for every web-browser,
but with https security communication.
It was strange, but I could not find any hint at apache.org to
get this work, all MOD_SSL links pointed on 1.3x versions.
It was try and error that helped me.
Bye
Hubert
---------------- Ich empfehle: www.xbaseforum.de (in deutsch) Homepage: German - www.familie-brandel.de/index.htm English - www.familie-brandel.de/index_e.htm |
| Phil Ide | Re: Apache 2.2.3 - SSL won't give my files on Tue, 05 Dec 2006 21:46:42 +0000 Hubert,
> I found it 2 days ago. I am not shure if my entrys are secure,
> what do you think about this options:
>
> SSLOptions +StdEnvVars
> Order allow,deny
> Allow from all
>
> for a SSL dir, open for every web-browser,
> but with https security communication.
That's good, provided you have the default options setup to something more
restrictive:
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Satisfy all
</Directory>
Then for sub-dirs and specific locations, allow your less restrictive
access.
I suspect that you already have this in your httpd.conf, because it is a
set of restrictions like this that will trigger a "Forbidden" message
rather than "404 Not Found".
Regards,Phil Ide --------------------- www.xbhcl.com www.pbih.eu www.idep.org.uk/xbase --------------------- Don't Touch That Phone...I'm On The Mode+^%$#(*@ |
| Author | Topic: Apache 2.2.3 - SSL won't give my files | |
|---|---|---|
| Hubert Brandel | Apache 2.2.3 - SSL won't give my files on Thu, 30 Nov 2006 23:17:16 +0100 |
| Hubert Brandel | Re: Apache 2.2.3 - SSL won't give my files on Thu, 30 Nov 2006 23:35:14 +0100 |
| Phil Ide | Re: Apache 2.2.3 - SSL won't give my files on Tue, 05 Dec 2006 09:20:29 +0000 |
| Hubert Brandel | Re: Apache 2.2.3 - SSL won't give my files on Tue, 05 Dec 2006 20:48:40 +0100 |
| Phil Ide | Re: Apache 2.2.3 - SSL won't give my files on Tue, 05 Dec 2006 21:46:42 +0000 |