https question - Suse

This is a discussion on https question - Suse ; When I do http://localhost then I get: It works! Should https://localhost also work? In my system it is not. Is this possible? (it could be the solution to other (local) websites where I only get a blank page) Somebody pointed ...

+ Reply to Thread
Results 1 to 16 of 16

Thread: https question

  1. https question

    When I do
    http://localhost
    then I get: It works!


    Should
    https://localhost
    also work?

    In my system it is not.
    Is this possible?

    (it could be the solution to other (local) websites
    where I only get a blank page)

    Somebody pointed me in this direction.

    Tnx
    Henk


  2. Re: https question

    Henk Oegema schrieb:
    > When I do
    > http://localhost
    > then I get: It works!
    >


    You have a web server listening on TCP socket 80

    >
    > Should
    > https://localhost
    > also work?
    >


    only if your web server also listens to TCP socket 443

    > In my system it is not.
    > Is this possible?
    >
    > (it could be the solution to other (local) websites
    > where I only get a blank page)
    >


    You should configure your web server to also support HTTPS

    HTH
    Toni

  3. Re: https question

    Toni Erdmann wrote:
    > You should configure your web server to also support HTTPS


    Thanks very much Toni for your answers.

    Please tell me how I can configure my webserver to support HTTPS.
    (have no idea how to do that)

    Rgds
    Henk

  4. Re: https question

    On Sun, 01 Jul 2007 14:10:01 GMT, Henk Oegema wrote:

    >When I do
    >http://localhost
    >then I get: It works!



    IIRC, that's the default message you get from the Apache web server when
    it's up and running correctly, so congratulations ..

    >Should
    >https://localhost
    >also work?


    Not necessarily. You have to be running a secure web server ..

  5. Re: https question

    George Peatty wrote:

    >>Should
    >>https://localhost
    >>also work?

    >
    > Not necessarily. You have to be running a secure web server ..


    Please give me some clues how to do that.

    Henk


  6. Re: https question

    On Sun, 01 Jul 2007 17:38:39 GMT, Henk Oegema wrote:

    >George Peatty wrote:
    >
    >>>Should
    >>>https://localhost
    >>>also work?


    >> Not necessarily. You have to be running a secure web server ..


    >Please give me some clues how to do that.


    Perhaps others here can help you, but I have limited experience in these
    matters. Sorry ..

  7. Re: https question

    George Peatty wrote:
    >
    > Perhaps others here can help you, but I have limited experience in these
    > matters. Sorry ..


    No problem :-). So have I.


  8. Re: https question

    Henk Oegema wrote:
    > George Peatty wrote:
    >
    >>>Should
    >>>https://localhost
    >>>also work?

    >>
    >> Not necessarily. You have to be running a secure web server ..

    >
    > Please give me some clues how to do that.


    http://en.opensuse.org/Apache_Howto_SSL

    houghi
    --
    How do you ask a man to be the last man to die in Iraq?
    How do you ask a man to be the last man to die for a mistake?

  9. Re: https question

    houghi wrote:
    >> Please give me some clues how to do that.

    >
    > http://en.opensuse.org/Apache_Howto_SSL
    >
    > houghi


    :-)

    Henk


  10. Re: https question

    houghi wrote:

    > Henk Oegema wrote:
    >> George Peatty wrote:
    >>
    >>>>Should
    >>>>https://localhost
    >>>>also work?
    >>>
    >>> Not necessarily. You have to be running a secure web server ..

    >>
    >> Please give me some clues how to do that.

    >
    > http://en.opensuse.org/Apache_Howto_SSL
    >
    > houghi


    Is is possible to install 'mod_ssl' with a command prompt?
    (something like apt-get or yum in other distros)

    Henk



  11. Re: https question

    houghi wrote:

    > http://en.opensuse.org/Apache_Howto_SSL
    >
    > houghi


    In the document above I read:

    ************************************************** ***************************
    How can I create a real SSLv2-only server?
    The following creates an SSL server which speaks only the SSLv2 protocol and
    its ciphers.
    httpd.conf
    SSLProtocol -all +SSLv2
    SSLCipherSuite SSLv2:+HIGH:+MEDIUM:+LOW:+EXP
    ************************************************** ***************************

    The only place where I can find 'httpd' is
    /usr/share/doc/packages/perl-Net-Server/examples.

    I can't believe this is the file I have to edit ???

  12. Re: https question

    Henk Oegema wrote:
    > Is is possible to install 'mod_ssl' with a command prompt?
    > (something like apt-get or yum in other distros)


    On 10.2 it is included in apache2-prefork-2.2.3-20.i586.rpm

    yast -i apache2-prefork
    rug ....
    rpm -Uvh apache2-prefork

    Also you can run YaST on CLI as root

    houghi
    --
    How do you ask a man to be the last man to die in Iraq?
    How do you ask a man to be the last man to die for a mistake?

  13. Re: https question

    Henk Oegema wrote:
    > houghi wrote:
    >
    >> http://en.opensuse.org/Apache_Howto_SSL
    >>
    >> houghi

    >
    > In the document above I read:
    >
    > ************************************************** ***************************
    > How can I create a real SSLv2-only server?
    > The following creates an SSL server which speaks only the SSLv2 protocol and
    > its ciphers.
    > httpd.conf
    > SSLProtocol -all +SSLv2
    > SSLCipherSuite SSLv2:+HIGH:+MEDIUM:+LOW:+EXP
    > ************************************************** ***************************
    >
    > The only place where I can find 'httpd' is
    > /usr/share/doc/packages/perl-Net-Server/examples.
    >
    > I can't believe this is the file I have to edit ???


    What about /etc/apache/httpd.conf ?
    Also note what it says:
    # If possible, avoid changes to this file. It does mainly contain
    # Include
    # statements and global settings that can/should be overridden in the
    # configuration of your virtual hosts.

    The file ponts to several ssh.* directories and to ssl-global.conf in
    /etc/apache/

    houghi
    --
    It's people. Source code is made out of people! They're making our
    source out of people. Next thing they'll be breeding us like cattle
    for code. You've gotta tell them. You've gotta tell them!

  14. Re: https question

    Henk Oegema wrote:

    > When I do
    > http://localhost
    > then I get: It works!
    >
    >
    > Should
    > https://localhost
    > also work?
    >
    > In my system it is not.
    > Is this possible?
    >
    > (it could be the solution to other (local) websites
    > where I only get a blank page)
    >
    > Somebody pointed me in this direction.
    >
    > Tnx
    > Henk


    Not likely you would have a local (Apache) web site that you need https
    unless you intended it that way !! To enable https use Yast -> Network
    Services -> HTTP Server. If the HTTP Server module is not installed you'll
    need to use Yast -> Software -> Package Management. Search for Yast and
    look for "yast2-http-server". In the "HTTP Server" module choose the
    server module tab and enable the 'ssl' module. Click 'Finish' Now you'll
    need a certificate to make this work...

    In Yast -> Security and Users -> CA Management.... (you may need to
    install !)

    You'll have to read up on this before you'll have https working !!

    But I really don't think this is what you want !!!!

    The default index.html page works. So what site is not working ?? Is it a
    folder you placed inside /srv/www/htdocs ? Is it a php page ?? What have
    you got ??



  15. Re: https question

    On Sun, 1 Jul 2007, Henk Oegema wrote:-

    >Toni Erdmann wrote:
    >> You should configure your web server to also support HTTPS

    >
    >Thanks very much Toni for your answers.
    >
    >Please tell me how I can configure my webserver to support HTTPS.
    >(have no idea how to do that)


    Two things you need to do:

    1, create some server certificates[0], or have them issued to you by a
    CA;

    2, create a virtual host configuration.

    After a few minutes reading the page at

    [1]

    I was able to get a working local HTTPS server[2]

    As for the virtual host configuration, for my test server it looks like
    this:

    ===== start secure.davjam.org.conf =====

    ServerName secure.davjam.org
    ServerAdmin webmaster@davjam.org
    DocumentRoot /srv/www/secure.davjam.org
    ErrorLog /var/log/apache2/secure.davjam.org-error_log
    CustomLog /var/log/apache2/secure.davjam.org-access_log combined

    SSLEngine on

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSL v2:+EXP:+eNULL

    SSLCertificateFile /etc/apache2/ssl.crt/secure.davjam.org-server.crt
    SSLCertificateChainFile /etc/apache2/ssl.crt/secure.davjam.org-ca.crt

    SSLCertificateKeyFile /etc/apache2/ssl.key/secure.davjam.org-server.key


    SSLOptions +StdEnvVars


    SSLOptions +StdEnvVars



    Options Indexes +FollowSymLinks +Includes MultiViews
    AllowOverride Limit
    Order allow,deny
    Allow from all

    DAV Off


    Options +FollowSymLinks +Includes +MultiViews


    Order deny,allow
    deny from all
    allow from localhost



    SetEnvIf User-Agent ".*MSIE.*" nokeepalive \
    ssl-unclean-shutdown downgrade-1.0 \
    force-response-1.0


    ===== end secure.davjam.org.conf =====

    You'll want to make adjustments to get it set up properly for your
    server.


    [0] You can create self-signed certificates, but people are going to get
    a warning about them when they visit. Still, it's an easy way for you to
    test your server's working right.

    [1] Thanks houghi. I had HTTPS working with an apache v1 server, but
    hadn't got it working with v2. Hadn't really put any effort into finding
    out what I was doing wrong, but this had it sorted in a few minutes.

    [2] DNS should have propagated so you should be able to see the results
    here[3]:



    [3] Yes, it's self-signed so you will get the certificate warning.

    Regards,
    David Bolt

    --
    Member of Team Acorn checking nodes at 50 Mnodes/s: http://www.distributed.net/
    RISCOS 3.11 | SUSE 10.0 32bit | SUSE 10.1 32bit | openSUSE 10.2 32bit
    RISCOS 3.6 | SUSE 10.0 64bit | SUSE 10.1 64bit | openSUSE 10.2 64bit
    TOS 4.02 | SUSE 9.3 32bit | | openSUSE 10.3a5 32bit

  16. Re: https question

    On Sun, 01 Jul 2007 20:33:04 GMT, Henk Oegema wrote:

    >The only place where I can find 'httpd' is
    >/usr/share/doc/packages/perl-Net-Server/examples.


    Are you sure Apache is installed? If it is, I'd look for a package of doc
    files (there should be quite a bit), and install that also ..

+ Reply to Thread