This is my first experience with SSL. I have done the
Google thing and searched Apache FAQ etc but found
nothing regarding my problem.

In a nutshell, I have the following file structure:

/var/ssl/www/index.html
/var/ssl/www/budget/index.html

Everything in both paths is owned by root and either
755 or 644 as appropriate for directories and files.

I have the server working for /var/ssl/www/index.html
but I get a "HTTP Error 403 - Forbidden" error trying
to view /var/ssl/www/budget/index.html

The logs are uninformative as to WHY access to
/var/ssl/www/budget/index.html is being forbidden.

My impression was that subdirectories should inherit
the access rights of their parent if I do nothing to
override that behavior.

I have an http server configured similarly running in
the same instance of Apache 2.2.6 (on port 2080 so as
to not conflict with my production web site running on
port 80). It works as expected, including acces to
subdirectories.

The URLs are
https://daniel.ameriroots.com
and
http://daniel.ameriroots.com:2080

I have reduced the httpd.conf file to the following
essentials (this is what is presently running on the
above URLs):


################################################## ###############################
# Main Server Configuration
################################################## ###############################
ServerRoot /usr/daniel/apache2
ServerName danniel.ameriroots.com
ServerAdmin www@daniel.ameriroots.com

Listen 64.249.12.251:2080
Listen 64.249.12.251:443

User www
Group www


Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all


DirectoryIndex index.html


Order allow,deny
Deny from all
Satisfy All


LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
\"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common

ErrorLog /var/log/apache_error_log2
LogLevel info
CustomLog /var/log/apache_access_log2 combined

################################################## ###############################
# HTTP SERVER ON PORT 2080
################################################## ###############################

ErrorLog /var/log/http_error_log2
LogLevel info
CustomLog /var/log/http_access_log2 combined

DocumentRoot /var/www


Allow from all



################################################## ###############################
# HTTPS SERVER ON PORT 443
################################################## ###############################
SSLCertificateFile /var/ssl/conf/daniel.crt
SSLCertificateKeyFile /var/ssl/conf/daniel.key


SSLEngine On

CustomLog /var/log/https_access_log2 combined
ErrorLog /var/log/https_error_log2
LogLevel info

BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

DocumentRoot /var/ssl/www


Allow from all



The log files are unenlightening, even at debug level
where I get lots of detail on SSL calculations, but a
simple access denied message on the file itself.

What am I missing here?


__________________________________________________ __________________________________
Never miss a thing. Make Yahoo your home page.
http://www.yahoo.com/r/hs

__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org