kerosin

Well-Known Member
Aug 27, 2002
83
0
156
Since I've reported this bug in bugzilla at 2002-09-01 and still nobody even assigned the bug and it's not fixed in 5.0.0build 59 I'm posting it here:

When I enable SSL by installing SSL certs on certain domain with cgi-bin
enabled then lines like this are added to httpd.conf and ssl is actually working:

---------------------------------------------------------------------
&IfDefine SSL&
&VirtualHost 192.168.0.30:443&
ServerAdmin [email protected]
DocumentRoot /home/weeds/public_html
ServerName www.weeds-nantucket.com
CustomLog /usr/local/apache/domlogs/www.weeds-nantucket.com-ssl_log &%t %{version}c %{cipher}c %{clientcert}c&
SSLEnable
SSLCertificateFile /usr/share/ssl/certs/www.weeds-nantucket.com.crt
SSLCertificateKeyFile /usr/share/ssl/private/www.weeds-nantucket.com.key
SSLLogFile /var/log/www.weeds-nantucket.com
UserDir public_html

ScriptAlias /cgi-bin/ /home/weeds/public_html/cgi-bin/

SetEnvIf User-Agent &.*MSIE.*& nokeepalive ssl-unclean-shutdown
&/VirtualHost&
&/IfDefine&
---------------------------------------------------------------------


!!! But lines :

--------------
User weeds
Group weeds
--------------

in this SSL virtualhost section are missing. So IS IMPOSSIBLE TO RUN scripts same way like on non ssl host (with suExec) . Doesn't it seems like bug ?



Thanks

MichaL
 

kerosin

Well-Known Member
Aug 27, 2002
83
0
156
So, this really doesn't seems like bug to anybody ??????



Developers ? No comment? ;)



Michal
 

jsteel

Well-Known Member
Jul 4, 2002
646
0
166
Atlanta, GA
I have the following entry in my httpd.conf (IPs, Domains and Usernames have been masked below), but it causes Apache to fail loading. any ideas? The SSLCACertificateFile must be there as the bundle that CPanel has does not have the latest entry for InstantSSL.

Jaz
---------------------------------------------
&IfDefine SSL&
&VirtualHost ###.###.###.###:443&
ServerAdmin [email protected]
DocumentRoot /home/domain/public_html
ServerName secure.domain.com
CustomLog /usr/local/apache/domlogs/domain.com-ssl_log &%t %{version}c %{cipher}c %{clientcert}c&
User username
Group username
SSLEnable
SSLCertificateFile /usr/share/ssl/certs/secure.domain.com.crt
SSLCertificateKeyFile /usr/share/ssl/private/secure.domain.com.key
SSLCACertificateFile /usr/share/ssl/certs/secure.domain.com.cabundle
SSLLogFile /var/log/secure.domain.com
UserDir public_html
ScriptAlias /cgi-bin/ /home/username/public_html/cgi-bin/
SetEnvIf User-Agent &.*MSIE.*& nokeepalive ssl-unclean-shutdown

&/VirtualHost&
&/IfDefine&
---------------------------------------------------------------------
 

jsteel

Well-Known Member
Jul 4, 2002
646
0
166
Atlanta, GA
I've got it loading now, however, I can't access the URL. I have an A record in the domain's zone file. Any ideas?
 

DaveUsedToWorkHere

Well-Known Member
Dec 28, 2001
689
1
318
[quote:f62eddf2f1][i:f62eddf2f1]Originally posted by jsteel[/i:f62eddf2f1]

I have the following entry in my httpd.conf (IPs, Domains and Usernames have been masked below), but it causes Apache to fail loading. any ideas? The SSLCACertificateFile must be there as the bundle that CPanel has does not have the latest entry for InstantSSL.

Jaz
---------------------------------------------
&IfDefine SSL&
&VirtualHost ###.###.###.###:443&
ServerAdmin [email protected]
DocumentRoot /home/domain/public_html
ServerName secure.domain.com
CustomLog /usr/local/apache/domlogs/domain.com-ssl_log &%t %{version}c %{cipher}c %{clientcert}c&
User username
Group username
SSLEnable
SSLCertificateFile /usr/share/ssl/certs/secure.domain.com.crt
SSLCertificateKeyFile /usr/share/ssl/private/secure.domain.com.key
SSLCACertificateFile /usr/share/ssl/certs/secure.domain.com.cabundle
SSLLogFile /var/log/secure.domain.com
UserDir public_html
ScriptAlias /cgi-bin/ /home/username/public_html/cgi-bin/
SetEnvIf User-Agent &.*MSIE.*& nokeepalive ssl-unclean-shutdown

&/VirtualHost&
&/IfDefine&
---------------------------------------------------------------------
[/quote:f62eddf2f1]

Shouldn't there be a serveralias entry in the virtual host?
 

jsteel

Well-Known Member
Jul 4, 2002
646
0
166
Atlanta, GA
No, the ServerAlias is not required when it is exactly the same as the ServerName. It simply defines aliases to the server name.

The problem in this case was the lack of a NameVirtualHost parameter for port 43 just after the IfDefine tag.

Jaz