• The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

How Do I Enable HTTPS (on Port 443)?

E

epretorious

Guest
How do enable HTTPS? `netstat -tan` reveals that Apache is NOT listening on port 443 by default. :confused:
 
FWIW: I found this in /var/log/httpd/error_log:
[Mon Aug 08 09:20:17 2005] [notice] Graceful restart requested, doing restart
[Mon Aug 08 09:20:17 2005] [warn] NameVirtualHost 1.2.3.4:443 has no VirtualHosts
[Mon Aug 08 09:20:17 2005] [warn] NameVirtualHost 1.2.3.5:443 has no VirtualHosts
[Mon Aug 08 09:20:17 2005] [notice] Digest: generating secret for digest authentication ...
[Mon Aug 08 09:20:17 2005] [notice] Digest: done
[Mon Aug 08 09:20:18 2005] [notice] Apache/2.0.46 (CentOS) configured -- resuming normal operations
Click to expand...
 
...and /etc/httpd/conf/httpd.conf contains...
<VirtualHost 1.2.3.4:443 >
ServerName default-1-2-3-4
UseCanonicalName Off
DocumentRoot /home/httpd/vhosts/default/httpsdocs
ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /usr/local/psa/var/certificates/certQLD8906
<Directory "/home/httpd/vhosts/default/cgi-bin/">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
<Directory /home/httpd/vhosts/default/httpsdocs>
SSLRequireSSL
</Directory>
</VirtualHost>

<VirtualHost 1.2.3.5:443 >
ServerName default-1-2-3-5
UseCanonicalName Off
DocumentRoot /home/httpd/vhosts/default/httpsdocs
ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /usr/local/psa/var/certificates/certQLD8906
<Directory "/home/httpd/vhosts/default/cgi-bin/">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
<Directory /home/httpd/vhosts/default/httpsdocs>
SSLRequireSSL
</Directory>
</VirtualHost>
Click to expand...
...and...
<VirtualHost \
1.2.3.4:443 \
1.2.3.5:443 \
>
DocumentRoot /usr/share/psa-horde/
Alias /horde/ /usr/share/psa-horde/
Alias /imp/ /usr/share/psa-horde/imp/
ServerName webmail
ServerAlias webmail.*
UseCanonicalName Off
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /etc/httpd/conf/httpd.pem
<Directory /usr/share/psa-horde>
<IfModule sapi_apache2.c>
php_admin_flag engine on
php_admin_flag magic_quotes_gpc off
php_admin_flag safe_mode off
php_admin_value open_basedir "/usr/share/psa-horde:/etc/psa-horde:/etc/psa:/tmp:/var/log:/usr/share
/doc"
php_admin_value include_path "/usr/share/psa-horde:/usr/share/psa-horde/pear:."
</IfModule>
SSLRequireSSL
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Click to expand...
...which seems kind of strange because both blocks contain DocumentRoot declarations. :confused: Anyhow, further down, there's an entire section of...
Include /home/httpd/vhosts/foobar.com/conf/httpd.include
Click to expand...
...declarations and each of the include files (e.g., /home/httpd/vhosts/foobar.com/conf/httpd.include) contain the appropriate configuration directives...
<VirtualHost 1.2.3.5:443>
ServerName foobar.com:443
ServerAlias www.foobar.com
UseCanonicalName Off
SuexecUserGroup snowtech psacln
ServerAdmin [email protected]
DocumentRoot /home/httpd/vhosts/foobar.com/httpsdocs
CustomLog /home/httpd/vhosts/foobar.com/statistics/logs/access_ssl_log plesklog
ErrorLog /home/httpd/vhosts/foobar.com/statistics/logs/error_ssl_log
<IfModule mod_userdir.c>
UserDir /home/httpd/vhosts/foobar.com/web_users
</IfModule>
ScriptAlias /cgi-bin/ /home/httpd/vhosts/foobar.com/cgi-bin/
Alias /plesk-stat /home/httpd/vhosts/foobar.com/statistics/
Alias /webstat /home/httpd/vhosts/foobar.com/statistics/webstat
Alias /webstat-ssl /home/httpd/vhosts/foobar.com/statistics/webstat-ssl
Alias /ftpstat /home/httpd/vhosts/foobar.com/statistics/ftpstat
Alias /anon_ftpstat /home/httpd/vhosts/foobar.com/statistics/anon_ftpstat
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /usr/local/psa/var/certificates/certQLD8906
<Directory /home/httpd/vhosts/foobar.com/httpsdocs>
<IfModule sapi_apache2.c>
php_admin_flag engine on
php_admin_value open_basedir "/home/httpd/vhosts/foobar.com/httpsdocs:/tmp"
</IfModule>
SSLRequireSSL
Options -Includes +ExecCGI
</Directory>
<Directory "/home/httpd/vhosts/foobar.com/statistics">
AuthType Basic
AuthName "Domain statistics"
AuthUserFile /home/httpd/vhosts/foobar.com/pd/d..plesk-stat
require valid-user
</Directory>
</VirtualHost>
Click to expand...
Any idea what's going wrong?
 
I searched for mod_ssl.c:
[root@www conf]# ls /usr/lib/httpd/modules/
libphp4.so mod_auth.so mod_dir.so mod_imap.so mod_negotiation.so mod_speling.so
mod_access.so mod_autoindex.so mod_disk_cache.so mod_include.so mod_proxy_connect.so mod_status.so
mod_actions.so mod_cache.so mod_env.so mod_info.so mod_proxy_ftp.so mod_suexec.so
mod_alias.so mod_cern_meta.so mod_expires.so mod_log_config.so mod_proxy_http.so mod_unique_id.so
mod_asis.so mod_cgi.so mod_ext_filter.so mod_logio.so mod_proxy.so mod_userdir.so
mod_auth_anon.so mod_dav_fs.so mod_file_cache.so mod_mem_cache.so mod_python.so mod_usertrack.so
mod_auth_dbm.so mod_dav.so mod_frontpage.so mod_mime_magic.so mod_rewrite.so mod_vhost_alias.so
mod_auth_digest.so mod_deflate.so mod_headers.so mod_mime.so mod_setenvif.so mod_webapp.so
Click to expand...
...and realized that it hadn't been installed by default so I installed it...
[root@www conf]# yum install mod_ssl
Gathering header information file(s) from server(s)
Server: CentOS-3 - Addons
Server: CentOS-3 - Base
Server: CentOS-3 - Extras
Server: CentOS-3 - Updates
Finding updated packages
Downloading needed headers
Resolving dependencies
Dependencies resolved
I will do the following:
[install: mod_ssl 1:2.0.46-46.2.ent.centos.1.i386]
Is this ok [y/N]: y
Downloading Packages
Getting mod_ssl-2.0.46-46.2.ent.centos.1.i386.rpm
mod_ssl-2.0.46-46.2.ent.c 100% |=========================| 105 kB 00:01
Running test transaction:
Test transaction complete, Success!
mod_ssl 100 % done 1/1
Installed: mod_ssl 1:2.0.46-46.2.ent.centos.1.i386
Transaction(s) Complete
Click to expand...
At least Apache is accepting connections on port 443 now but it drops the connection after negotiating a secure connection. /home/httpd/vhosts/snowtech.net/statistics/logs/error_ssl_log contains...
[Wed Aug 10 08:25:20 2005] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
Click to expand...
Could this be a fatal error (or is it just a warning)?
 
Accessing encrypted doc's causes segmentation faults: (from /var/log/httpd/error_log)
[Wed Aug 10 09:00:22 2005] [notice] child pid 24025 exit signal Segmentation fault (11)
Click to expand...
Any idea where I should begin looking for the cause of these troubles?
 
FWIW: Restarting Apache (after installing mod_ssl) fixed the segmentation problem. :D

IMHO: The autoinstaller script should verify that mod_ssl is installed. :mad:
 
You must log in or register to reply here.

Similar threads

W
Question How can I stop plesk listening on port 443 completely?
Replies
3
Views
659
AYamshanov
AYamshanov
Boas Simon
Resolved Dovecot IMAP issues with Plesk Premium Email (Kolab)
Replies
7
Views
945
Kaspar@Plesk
Kaspar@Plesk
S
Question How can I make my changes to Nginx site config Permanent per site?
Replies
3
Views
203
Raul A.
R
adocsys
Resolved How to add HTTP Security Header on port 80?
Replies
3
Views
2K
adocsys
adocsys
Mario Chamorro
Input Webmail 502 Bad Gateway
Replies
0
Views
1K
Mario Chamorro
Mario Chamorro
Back
Top