• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

How Do I Enable HTTPS (on Port 443)?

E

epretorious

Guest
How do enable HTTPS? `netstat -tan` reveals that Apache is NOT listening on port 443 by default. :confused:
 
FWIW: I found this in /var/log/httpd/error_log:
[Mon Aug 08 09:20:17 2005] [notice] Graceful restart requested, doing restart
[Mon Aug 08 09:20:17 2005] [warn] NameVirtualHost 1.2.3.4:443 has no VirtualHosts
[Mon Aug 08 09:20:17 2005] [warn] NameVirtualHost 1.2.3.5:443 has no VirtualHosts
[Mon Aug 08 09:20:17 2005] [notice] Digest: generating secret for digest authentication ...
[Mon Aug 08 09:20:17 2005] [notice] Digest: done
[Mon Aug 08 09:20:18 2005] [notice] Apache/2.0.46 (CentOS) configured -- resuming normal operations
Click to expand...
 
...and /etc/httpd/conf/httpd.conf contains...
<VirtualHost 1.2.3.4:443 >
ServerName default-1-2-3-4
UseCanonicalName Off
DocumentRoot /home/httpd/vhosts/default/httpsdocs
ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /usr/local/psa/var/certificates/certQLD8906
<Directory "/home/httpd/vhosts/default/cgi-bin/">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
<Directory /home/httpd/vhosts/default/httpsdocs>
SSLRequireSSL
</Directory>
</VirtualHost>

<VirtualHost 1.2.3.5:443 >
ServerName default-1-2-3-5
UseCanonicalName Off
DocumentRoot /home/httpd/vhosts/default/httpsdocs
ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /usr/local/psa/var/certificates/certQLD8906
<Directory "/home/httpd/vhosts/default/cgi-bin/">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
<Directory /home/httpd/vhosts/default/httpsdocs>
SSLRequireSSL
</Directory>
</VirtualHost>
Click to expand...
...and...
<VirtualHost \
1.2.3.4:443 \
1.2.3.5:443 \
>
DocumentRoot /usr/share/psa-horde/
Alias /horde/ /usr/share/psa-horde/
Alias /imp/ /usr/share/psa-horde/imp/
ServerName webmail
ServerAlias webmail.*
UseCanonicalName Off
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /etc/httpd/conf/httpd.pem
<Directory /usr/share/psa-horde>
<IfModule sapi_apache2.c>
php_admin_flag engine on
php_admin_flag magic_quotes_gpc off
php_admin_flag safe_mode off
php_admin_value open_basedir "/usr/share/psa-horde:/etc/psa-horde:/etc/psa:/tmp:/var/log:/usr/share
/doc"
php_admin_value include_path "/usr/share/psa-horde:/usr/share/psa-horde/pear:."
</IfModule>
SSLRequireSSL
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Click to expand...
...which seems kind of strange because both blocks contain DocumentRoot declarations. :confused: Anyhow, further down, there's an entire section of...
Include /home/httpd/vhosts/foobar.com/conf/httpd.include
Click to expand...
...declarations and each of the include files (e.g., /home/httpd/vhosts/foobar.com/conf/httpd.include) contain the appropriate configuration directives...
<VirtualHost 1.2.3.5:443>
ServerName foobar.com:443
ServerAlias www.foobar.com
UseCanonicalName Off
SuexecUserGroup snowtech psacln
ServerAdmin [email protected]
DocumentRoot /home/httpd/vhosts/foobar.com/httpsdocs
CustomLog /home/httpd/vhosts/foobar.com/statistics/logs/access_ssl_log plesklog
ErrorLog /home/httpd/vhosts/foobar.com/statistics/logs/error_ssl_log
<IfModule mod_userdir.c>
UserDir /home/httpd/vhosts/foobar.com/web_users
</IfModule>
ScriptAlias /cgi-bin/ /home/httpd/vhosts/foobar.com/cgi-bin/
Alias /plesk-stat /home/httpd/vhosts/foobar.com/statistics/
Alias /webstat /home/httpd/vhosts/foobar.com/statistics/webstat
Alias /webstat-ssl /home/httpd/vhosts/foobar.com/statistics/webstat-ssl
Alias /ftpstat /home/httpd/vhosts/foobar.com/statistics/ftpstat
Alias /anon_ftpstat /home/httpd/vhosts/foobar.com/statistics/anon_ftpstat
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /usr/local/psa/var/certificates/certQLD8906
<Directory /home/httpd/vhosts/foobar.com/httpsdocs>
<IfModule sapi_apache2.c>
php_admin_flag engine on
php_admin_value open_basedir "/home/httpd/vhosts/foobar.com/httpsdocs:/tmp"
</IfModule>
SSLRequireSSL
Options -Includes +ExecCGI
</Directory>
<Directory "/home/httpd/vhosts/foobar.com/statistics">
AuthType Basic
AuthName "Domain statistics"
AuthUserFile /home/httpd/vhosts/foobar.com/pd/d..plesk-stat
require valid-user
</Directory>
</VirtualHost>
Click to expand...
Any idea what's going wrong?
 
I searched for mod_ssl.c:
[root@www conf]# ls /usr/lib/httpd/modules/
libphp4.so mod_auth.so mod_dir.so mod_imap.so mod_negotiation.so mod_speling.so
mod_access.so mod_autoindex.so mod_disk_cache.so mod_include.so mod_proxy_connect.so mod_status.so
mod_actions.so mod_cache.so mod_env.so mod_info.so mod_proxy_ftp.so mod_suexec.so
mod_alias.so mod_cern_meta.so mod_expires.so mod_log_config.so mod_proxy_http.so mod_unique_id.so
mod_asis.so mod_cgi.so mod_ext_filter.so mod_logio.so mod_proxy.so mod_userdir.so
mod_auth_anon.so mod_dav_fs.so mod_file_cache.so mod_mem_cache.so mod_python.so mod_usertrack.so
mod_auth_dbm.so mod_dav.so mod_frontpage.so mod_mime_magic.so mod_rewrite.so mod_vhost_alias.so
mod_auth_digest.so mod_deflate.so mod_headers.so mod_mime.so mod_setenvif.so mod_webapp.so
Click to expand...
...and realized that it hadn't been installed by default so I installed it...
[root@www conf]# yum install mod_ssl
Gathering header information file(s) from server(s)
Server: CentOS-3 - Addons
Server: CentOS-3 - Base
Server: CentOS-3 - Extras
Server: CentOS-3 - Updates
Finding updated packages
Downloading needed headers
Resolving dependencies
Dependencies resolved
I will do the following:
[install: mod_ssl 1:2.0.46-46.2.ent.centos.1.i386]
Is this ok [y/N]: y
Downloading Packages
Getting mod_ssl-2.0.46-46.2.ent.centos.1.i386.rpm
mod_ssl-2.0.46-46.2.ent.c 100% |=========================| 105 kB 00:01
Running test transaction:
Test transaction complete, Success!
mod_ssl 100 % done 1/1
Installed: mod_ssl 1:2.0.46-46.2.ent.centos.1.i386
Transaction(s) Complete
Click to expand...
At least Apache is accepting connections on port 443 now but it drops the connection after negotiating a secure connection. /home/httpd/vhosts/snowtech.net/statistics/logs/error_ssl_log contains...
[Wed Aug 10 08:25:20 2005] [warn] RSA server certificate CommonName (CN) `plesk' does NOT match server name!?
Click to expand...
Could this be a fatal error (or is it just a warning)?
 
Accessing encrypted doc's causes segmentation faults: (from /var/log/httpd/error_log)
[Wed Aug 10 09:00:22 2005] [notice] child pid 24025 exit signal Segmentation fault (11)
Click to expand...
Any idea where I should begin looking for the cause of these troubles?
 
FWIW: Restarting Apache (after installing mod_ssl) fixed the segmentation problem. :D

IMHO: The autoinstaller script should verify that mod_ssl is installed. :mad:
 
You must log in or register to reply here.

Similar threads

adocsys
Resolved How to add HTTP Security Header on port 80?
Replies
3
Views
361
adocsys
adocsys
J
Question How to hide port in Nginx forwarding / change listening port
Replies
0
Views
942
jasmines
J
Gh()st
Resolved Change port for one domain to allow for express.js server
Replies
1
Views
697
Gh()st
Gh()st
G
Issue Plesk is using Port 443 but Traefik-Container needs it
Replies
1
Views
901
Peter Debik
P
U
Issue cURL error 7: Failed to connect to localhost port 443: Connection refused
Replies
3
Views
14K
scsa20
scsa20
Back
Top