[FX.php List] [OFF] Apache 2.2 SSL setup difficulties

Derrick Fogle derrick at fogles.net
Mon Sep 8 20:14:25 MDT 2008 

I've got a Mac Mini doing SSL, but it's still running Panther (Apache  
1.x). I followed the instructions on the Entropy website, but I tell  
ya, I've had lots of problems with the SSL cert on this thing. Apache  
does a log roll and soft restart every Sat. AM, and every few months,  
the thing just dies on the soft restart - complaining that there's no  
valid SSL cert. The cause is supposed to be the fact that the key file  
is password protected, and it can't be re-read on a soft restart.

I can't tell you how many times I've reinstalled the cert, created a  
non-password key file for it, etc., but I always end up with the same  
problem: far before the cert is due to expire, it just stops working  
on the soft restart. A hard restart always works though.

My personal opinion is that Mac Mini's are crap. I've got 10 times  
more problems with Mac Minis locking up and crashing than I do any  
other Mac I see deployed. Not that the poor quality of Mac Minis are  
your problem, but I just had to throw that out there. They are NOT  
even in the ballpark of server-level quality. If you use them as a  
server, you're in for a lot of trouble.

On Sep 8, 2008, at 9:02 PM, Dale Bengston wrote:

> Hi Troy,
>
> In the past, Apple has provided very detailed instructions for  
> generating KEYs, CSRs and CRTs and all that SSL good stuff. I don't  
> know if they've continued with Apache 2.0, but here's what I used  
> years ago:
>
> http://developer.apple.com/internet/serverside/modssl.html
>
> Dale
>
> On Sep 8, 2008, at 6:58 PM, Troy Meyers wrote:
>
>> A few days ago I mentioned that we got a Mac Mini (Leopard) with  
>> Apache 2.2 preinstalled (they just ship that way) and have managed  
>> to install (with help from here) PHP 5.2.5 with GD, which I had to  
>> do because there's no GD in the PHP installation that ships with  
>> Leopard. That appears to be working.
>>
>> The end goal is getting a secure server set up, and I had thought  
>> that enabling SSL in the Apache 2.2 would be easy, since (at least  
>> I think) all the modules needed are preinstalled and just need to  
>> be turned on. I also had thought that the instructions were in the  
>> Apache docs... but now I realize that I don't understand enough.  
>> Maybe they the instructions tell me how to set up different flavors  
>> of SSL, but not the basic on/off. The variations I've tried in  
>> httpd.config have just made Apache stop working. Glad I made  
>> backups first.
>>
>> What I want to do is have this one machine be my Apache server  
>> doing both http and https, and also have the WPE on that machine.  
>> Another is the database server.
>>
>> I've studied a number of forum archives for several days now, but  
>> can't find the answer, so I thought I'd finally ask here -- how do  
>> I do it -- or where's the best place to ask?
>>
>> Thanks for any help!
>>
>> -Troy
>>
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list


Derrick

More information about the FX.php_List mailing list