Bug 26927

Summary: apacheconf + ssl config wackiness
Product: [Retired] Red Hat Linux Reporter: Jeremy Katz <katzj>
Component: apacheconfAssignee: Phil Knirsch <pknirsch>
Status: CLOSED RAWHIDE QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.1CC: jrb, rvokal
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-02-13 14:50:52 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jeremy Katz 2001-02-10 07:28:30 UTC 
apacheconf-0.63-1 again...

If you only select listening on port 80 but then enable SSL in the default
virtual host config, apache will fail to start due to missing ssl config
information for the server listening on port 80.

[Sat Feb 10 01:23:46 2001] [error] mod_ssl: Init: Server _default_:80
should be SSL-aware but has no certificate configured [Hint:
SSLCertificateFile]
Comment 1 Jeremy Katz 2001-02-10 07:48:50 UTC 
Note that this also happens if you add port 443 to the list of listening ports
as the configuration is still set up to enable the SSLEngine on port 80 without
any of the necessary SSL config vars
Comment 2 Glen Foster 2001-02-12 23:10:11 UTC 
This defect is considered MUST-FIX for Florence Gold release
Comment 3 Phil Knirsch 2001-02-13 17:38:03 UTC 
You are actually describing 2 "bugs" here, one is sort of a bug, the other not
at all, resp. not fixable.

1) The error message displayed tells you actually that you have neglected to
provide a key file. This is not a 'real' apacheconf problem, but will be fixed
nonetheless (these fields may not be empty if SSL is enabled). Also i might
simply remove the none existing defaults and enclose the SSL enabled vhosts
with a IF_SSL to ensure that they are only running when the user has installed a
mod_ssh enabled apache.

2) According to various manpages/docs apache mod_ssh doesn't care on which
port it runs, therefore the user has to know what he/she does and has to
specifiy the correct address on the first page of the Virtual Host dialog.
This is nearly not fixable as someone could really decide to let a SSH enabled
apache run on port 6789 on www.foo.com, it's really basically all up to the
user/admin. Overwriting the address field when the user turns on SSL is not a
good idea IMHO either.