unable to start apache with 2 certificates
Hi all,
i have a problem with an apache 2.2.9, maybe this is not the correct
mailing list but i am going to ask, my apologizes if this isn't the
properly place.
I had an instance of apache 2.2.9 with and IP serving contents with the
port 80 and 443, we bought a godaddy certificate and all went pretty
well, but we needed to install another certificate for other domain in
the same machine. I had several domains and all works with vhosts with
http, but when i first tried to use several vhosts for secure
connections the apache seemed to restart well but stop working.
With an only certificate, apache use to ask me the certificate password,
but when i configure a second one, never asked and stop serving content,
even in http. Then i tried to configure the system with 2 IPs, one for
every certificate, but i got the same problem.
The configuration files seems to be well formed (apachectl -t) and i saw
some examples out of there:
http://www.ibm.com/developerworks/opensource/library/wa-mult issl.html
am i doing something wrong? this is the correct mailing list to ask?
thanks, and best regards.
--
;-)
____________________________________
Jorge Martin Cuervo
Outsourcing Emarketplace
deFacto Powered by Standards
email <jorge.martin [at] defactops.com>
voice +34 984 832 659
voice +34 660 026 384
____________________________________
DE FACTO STANDARDS, S.L., le informa que su direcci=C3=B3n de correo electr=
=C3=B3nico, as=C3=AD
como el resto de los datos de car=C3=A1cter personal que nos facilite, ser=
=C3=A1n objeto
de tratamiento automatizado en nuestros ficheros, con la finalidad del env=
=C3=ADo de
informaci=C3=B3n comercial y/o personal por v=C3=ADa electr=C3=B3nica. Vd. =
podr=C3=A1 en cualquier
momento ejercer el derecho de acceso, rectificaci=C3=B3n, cancelaci=C3=B3n =
y oposici=C3=B3n en
los t=C3=A9rminos establecidos en la Ley Org=C3=A1nica de Protecci=C3=B3n d=
e Datos de Car=C3=A1cter
Personal (LOPD. 15/1999), dirigiendo un escrito a C/ Rivero 31 1=C2=BA Izd=
a. - 33402
AVILES (Asturias), o a nuestra direcci=C3=B3n de correo electr=C3=B3nico
(info [at] defactops.com). Tambi=C3=A9n informamos que la informaci=C3=B3n inclu=
ida en este
e-mail es CONFIDENCIAL, siendo para uso exclusivo del destinatario arriba
mencionado. Si Usted lee este mensaje y no es el destinatario indicado, le
informamos que est=C3=A1 totalmente prohibida cualquier utilizaci=C3=B3n, d=
ivulgaci=C3=B3n,
distribuci=C3=B3n y/o reproducci=C3=B3n de esta comunicaci=C3=B3n sin autor=
izaci=C3=B3n expresa en
virtud de la legislaci=C3=B3n vigente. Si ha recibido este mensaje por err=
or, le
rogamos nos lo notifique inmediatamente por esta misma v=C3=ADa y proceda a=
su
eliminaci=C3=B3n.
This e-mail contains information that will be added to our computerised gue=
st
data base and will be trated in the strict confidence. If you wish to acces=
s,
correct, oppose or cancel your details, as specified the Law 15/99, Decembe=
r
13th, please send a certified letter to this effect to DE FACTO STANDARDS,
S.L.., (C/ Rivero 31 1=C2=BA Izda. - 33402 AVILES (Asturias) SPAIN). If you=
read this
message, and is not the destinatary, we informal you that is forbidden anyt=
hing
utility, distribution, divulgation or reproduction of this communication wi=
thout
express authorization, of the present law. If you received this message fo=
r
mistake, we proud in order to the present law, immediate communication to u=
s,
and please erase this e-mail
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users [at] modssl.org
Automated List Manager majordomo [at] modssl.org
Re: unable to start apache with 2 certificates
Hi Cuesta Guilles, thanks for your quickly reply. No i am going to read
the documentation about SSLPassPhraseDialog.
This is my apachectl -S output:
[jmartin [at] protean bin]$ ./apachectl -S
VirtualHost configuration:
213.134.38.66:443 cv.smra.org
(/home/jmartin/apache22/conf/extra/httpd-ssl.conf:266)
213.134.38.54:443 www.smartcv.org
(/home/jmartin/apache22/conf/extra/httpd-ssl.conf:81)
wildcard NameVirtualHosts and _default_ servers:
*:80 is a NameVirtualHost
default server protean.eu
(/home/jmartin/apache22/conf/httpd.conf:490)
port 80 namevhost protean.eu
(/home/jmartin/apache22/conf/httpd.conf:490)
port 80 namevhost madrid.protean.eu
(/home/jmartin/apache22/conf/httpd.conf:506)
port 80 namevhost portal.protean.eu
(/home/jmartin/apache22/conf/httpd.conf:519)
port 80 namevhost uk.protean.eu
(/home/jmartin/apache22/conf/httpd.conf:532)
port 80 namevhost portaldeempleo.curtidora.com
(/home/jmartin/apache22/conf/httpd.conf:545)
port 80 namevhost ofertasdeempleo.curtidora.com
(/home/jmartin/apache22/conf/httpd.conf:557)
port 80 namevhost smra.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:572)
port 80 namevhost gijon.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:580)
port 80 namevhost esapa.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:588)
port 80 namevhost curtidora.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:596)
port 80 namevhost candidato.curtidora.com
(/home/jmartin/apache22/conf/httpd.conf:604)
port 80 namevhost demo.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:617)
port 80 namevhost democv.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:624)
port 80 namevhost fade.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:638)
port 80 namevhost fadecv.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:645)
port 80 namevhost flc.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:659)
port 80 namevhost flccv.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:666)
port 80 namevhost smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:680)
port 80 namevhost coiipa.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:708)
port 80 namevhost coiial.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:715)
port 80 namevhost colegiado.coiial.net
(/home/jmartin/apache22/conf/httpd.conf:724)
port 80 namevhost ofertas.coiial.net
(/home/jmartin/apache22/conf/httpd.conf:736)
port 80 namevhost empleo.coiial.net
(/home/jmartin/apache22/conf/httpd.conf:747)
port 80 namevhost coiil.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:761)
port 80 namevhost coiia.smartcv.org
(/home/jmartin/apache22/conf/httpd.conf:768)
port 80 namevhost smartemployer.org
(/home/jmartin/apache22/conf/httpd.conf:778)
port 80 namevhost asturiasotrabajas.com
(/home/jmartin/apache22/conf/httpd.conf:792)
port 80 namevhost asturiasytrabajas.com
(/home/jmartin/apache22/conf/httpd.conf:806)
port 80 namevhost media.protean.eu
(/home/jmartin/apache22/conf/httpd.conf:820)
port 80 namevhost protean.es
(/home/jmartin/apache22/conf/httpd.conf:832)
port 80 namevhost colegios.protean.es
(/home/jmartin/apache22/conf/httpd.conf:846)
port 80 namevhost opea.protean.es
(/home/jmartin/apache22/conf/httpd.conf:858)
Syntax OK
El lun, 20-10-2008 a las 10:16 +0200, Cuesta Gilles escribi=C3=B3:
> Jorge Mart=C3=ADn Cuervo a =C3=A9crit :
> > Hi all,
> >
> > i have a problem with an apache 2.2.9, maybe this is not the correct
> > mailing list but i am going to ask, my apologizes if this isn't the
> > properly place.
> >
> > I had an instance of apache 2.2.9 with and IP serving contents with the
> > port 80 and 443, we bought a godaddy certificate and all went pretty
> > well, but we needed to install another certificate for other domain in
> > the same machine. I had several domains and all works with vhosts with
> > http, but when i first tried to use several vhosts for secure
> > connections the apache seemed to restart well but stop working.
> >
> Did you try with SSLPassPhraseDialog in each VirtualHost ? or unciphered
> key ?
> Wich is result of httpd -S ?
>
--
;-)
____________________________________
Jorge Martin Cuervo
Outsourcing Emarketplace
deFacto Powered by Standards
email <jorge.martin [at] defactops.com>
voice +34 984 832 659
voice +34 660 026 384
____________________________________
DE FACTO STANDARDS, S.L., le informa que su direcci=C3=B3n de correo electr=
=C3=B3nico, as=C3=AD
como el resto de los datos de car=C3=A1cter personal que nos facilite, ser=
=C3=A1n objeto
de tratamiento automatizado en nuestros ficheros, con la finalidad del env=
=C3=ADo de
informaci=C3=B3n comercial y/o personal por v=C3=ADa electr=C3=B3nica. Vd. =
podr=C3=A1 en cualquier
momento ejercer el derecho de acceso, rectificaci=C3=B3n, cancelaci=C3=B3n =
y oposici=C3=B3n en
los t=C3=A9rminos establecidos en la Ley Org=C3=A1nica de Protecci=C3=B3n d=
e Datos de Car=C3=A1cter
Personal (LOPD. 15/1999), dirigiendo un escrito a C/ Rivero 31 1=C2=BA Izd=
a. - 33402
AVILES (Asturias), o a nuestra direcci=C3=B3n de correo electr=C3=B3nico
(info [at] defactops.com). Tambi=C3=A9n informamos que la informaci=C3=B3n inclu=
ida en este
e-mail es CONFIDENCIAL, siendo para uso exclusivo del destinatario arriba
mencionado. Si Usted lee este mensaje y no es el destinatario indicado, le
informamos que est=C3=A1 totalmente prohibida cualquier utilizaci=C3=B3n, d=
ivulgaci=C3=B3n,
distribuci=C3=B3n y/o reproducci=C3=B3n de esta comunicaci=C3=B3n sin autor=
izaci=C3=B3n expresa en
virtud de la legislaci=C3=B3n vigente. Si ha recibido este mensaje por err=
or, le
rogamos nos lo notifique inmediatamente por esta misma v=C3=ADa y proceda a=
su
eliminaci=C3=B3n.
This e-mail contains information that will be added to our computerised gue=
st
data base and will be trated in the strict confidence. If you wish to acces=
s,
correct, oppose or cancel your details, as specified the Law 15/99, Decembe=
r
13th, please send a certified letter to this effect to DE FACTO STANDARDS,
S.L.., (C/ Rivero 31 1=C2=BA Izda. - 33402 AVILES (Asturias) SPAIN). If you=
read this
message, and is not the destinatary, we informal you that is forbidden anyt=
hing
utility, distribution, divulgation or reproduction of this communication wi=
thout
express authorization, of the present law. If you received this message fo=
r
mistake, we proud in order to the present law, immediate communication to u=
s,
and please erase this e-mail
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users [at] modssl.org
Automated List Manager majordomo [at] modssl.org
Re: unable to start apache with 2 certificates
I tried with an SSLPassPhraseDialog in every VirtualHost and i get this
message:
[jmartin [at] protean bin]$ ./apachectl -S
Syntax error on line 82
of /home/jmartin/apache22/conf/extra/httpd-ssl.conf:
SSLPassPhraseDialog cannot occur within <VirtualHost> section
"or unciphered key ?" how can i do it? do i need to contact with my
certificate provider?
thanks.
El lun, 20-10-2008 a las 10:32 +0200, Jorge Mart=C3=ADn Cuervo escribi=C3=
=B3:
> Did you try with SSLPassPhraseDialog in each VirtualHost ?
--
;-)
____________________________________
Jorge Martin Cuervo
Outsourcing Emarketplace
deFacto Powered by Standards
email <jorge.martin [at] defactops.com>
voice +34 984 832 659
voice +34 660 026 384
____________________________________
DE FACTO STANDARDS, S.L., le informa que su direcci=C3=B3n de correo electr=
=C3=B3nico, as=C3=AD
como el resto de los datos de car=C3=A1cter personal que nos facilite, ser=
=C3=A1n objeto
de tratamiento automatizado en nuestros ficheros, con la finalidad del env=
=C3=ADo de
informaci=C3=B3n comercial y/o personal por v=C3=ADa electr=C3=B3nica. Vd. =
podr=C3=A1 en cualquier
momento ejercer el derecho de acceso, rectificaci=C3=B3n, cancelaci=C3=B3n =
y oposici=C3=B3n en
los t=C3=A9rminos establecidos en la Ley Org=C3=A1nica de Protecci=C3=B3n d=
e Datos de Car=C3=A1cter
Personal (LOPD. 15/1999), dirigiendo un escrito a C/ Rivero 31 1=C2=BA Izd=
a. - 33402
AVILES (Asturias), o a nuestra direcci=C3=B3n de correo electr=C3=B3nico
(info [at] defactops.com). Tambi=C3=A9n informamos que la informaci=C3=B3n inclu=
ida en este
e-mail es CONFIDENCIAL, siendo para uso exclusivo del destinatario arriba
mencionado. Si Usted lee este mensaje y no es el destinatario indicado, le
informamos que est=C3=A1 totalmente prohibida cualquier utilizaci=C3=B3n, d=
ivulgaci=C3=B3n,
distribuci=C3=B3n y/o reproducci=C3=B3n de esta comunicaci=C3=B3n sin autor=
izaci=C3=B3n expresa en
virtud de la legislaci=C3=B3n vigente. Si ha recibido este mensaje por err=
or, le
rogamos nos lo notifique inmediatamente por esta misma v=C3=ADa y proceda a=
su
eliminaci=C3=B3n.
This e-mail contains information that will be added to our computerised gue=
st
data base and will be trated in the strict confidence. If you wish to acces=
s,
correct, oppose or cancel your details, as specified the Law 15/99, Decembe=
r
13th, please send a certified letter to this effect to DE FACTO STANDARDS,
S.L.., (C/ Rivero 31 1=C2=BA Izda. - 33402 AVILES (Asturias) SPAIN). If you=
read this
message, and is not the destinatary, we informal you that is forbidden anyt=
hing
utility, distribution, divulgation or reproduction of this communication wi=
thout
express authorization, of the present law. If you received this message fo=
r
mistake, we proud in order to the present law, immediate communication to u=
s,
and please erase this e-mail
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users [at] modssl.org
Automated List Manager majordomo [at] modssl.org
