Re: Apache with mod_ssl
Are you quite certain that the LoadModule for mod_ssl has been
commented out? The reason I ask: the output from 'apachectl start'
which you provided below shows 'mod_ssl/2.2.4'.
In the log file /opt/apache-2.2.4/logs/error_log, on lines that contain
'Apache/2.2.4' and 'configured -- resuming normal operations', do
you see 'mod_ssl/2.2.4'? If so, it is still being loaded from somewhere
in your configuration.
Saikat Saha wrote:[color=blue]
> Sorry for late response on this one. This is what we have in httpd.conf
> which is generated at compile time. This problem does not go away even
> if I comment out last four lines and restart apache. Could you please
> advise what else could be leading apache to think it is https rather
> than http?
> # Secure (SSL/TLS) connections
> #Include conf/extra/httpd-ssl.conf
> # Note: The following must must be present to support
> # starting without SSL on platforms with no /dev/random equivalent
> # but a statically compiled-in mod_ssl.
> <IfModule ssl_module>
> SSLRandomSeed startup builtin
> SSLRandomSeed connect builtin
> With above commented out, when I try to start apache, I get following
> passphrase prompt and apache does not start even after saying passphrase
> successful, no logs in logs directory although log level is "debug"
> ]# ./apachectl start
> httpd: Could not reliably determine the server's fully qualified domain
> name, using 10.3.110.109 for ServerName
> Apache/2.2.4 mod_ssl/2.2.4 (Pass Phrase Dialog)
> Some of your private key files are encrypted for security reasons.
> In order to read them you have to provide the pass phrases.
> Server 10.3.110.109:443 (RSA)
> Enter pass phrase:
> OK: Pass Phrase Dialog successful.
> [root@rh4_109 bin]#
> Thanks you very much for your help.
> -----Original Message-----
> From: [email]firstname.lastname@example.org[/email]
> [mailto:email@example.com] On Behalf Of Omar W. Hannet
> Sent: Monday, June 18, 2007 8:34 AM
> To: [email]firstname.lastname@example.org[/email]
> Subject: Re: Apache with mod_ssl
> Do you have <IfModule ssl_module> tags surrounding all
> SSL directives in your configuration file? For example:
> <IfModule ssl_module>
> SSLPassPhraseDialog builtin
> # etc.
> Saikat Saha wrote:_module>[color=green]
>> Apache was compiled as below
>> ./configure --with-ldap --enable-mods-shared="all ssl ldap cache proxy
>> authn_alias mem_cache file_cache authnz_ldap charset_lite dav_lock
>> disk_cache" --prefix=/opt/apache-2.2.4
>> Httpd -l gives below
>> [root@rh4_109 bin]# httpd -l
>> Compiled in modules:
>> How do I compile so that it does not load mod_ssl automatically and
>> loads only if httpd.conf is configured.
>> Surprisingly there are no error logs even at debug level.
>> Thank you so very much for the kind help.
>> -----Original Message-----
>> From: [email]email@example.com[/email]
>> [mailto:firstname.lastname@example.org] On Behalf Of Omar W. Hannet
>> Sent: Friday, June 15, 2007 4:13 PM
>> To: [email]email@example.com[/email]
>> Subject: Re: Apache with mod_ssl
>> Saikat Saha wrote:[color=darkred]
>>> We have apache 2.2.4 compiled with all modules but commented out all
>>> load modules. Do not have anything in httpd.conf file to state that[/color]
>>> is https. But when I start apache, it tries to goto https and prompts[/color][/color]
>>> for pass phrase. How does apache determine that this is https whereas[/color][/color]
>>> this is actually a http server.[/color]
>> Perhaps mod_ssl is a compiled-in module. Run 'httpd -l' to check[/color]
>>> After I enter a passphrase, it shows
>>> successful but the server never starts up. Can someone please help?[/color]
>> The reason probably can be found in Apache's error_log file.
>>> Also can apache support both http and https at different ports at the[/color][/color]
>>> same time?[/color]
>> Yes. The defaults are port 80 for http and port 443 for https.[/color][/color]
Apache Interface to OpenSSL (mod_ssl) [url]www.modssl.org[/url]
User Support Mailing List [email]firstname.lastname@example.org[/email]
Automated List Manager [email]email@example.com[/email]