Bug 26927 - apacheconf + ssl config wackiness
Summary: apacheconf + ssl config wackiness
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: apacheconf   
(Show other bugs)
Version: 7.1
Hardware: i386 Linux
medium
medium
Target Milestone: ---
Assignee: Phil Knirsch
QA Contact: David Lawrence
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-02-10 07:28 UTC by Jeremy Katz
Modified: 2015-03-05 01:08 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-02-13 14:50:52 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Jeremy Katz 2001-02-10 07:28:30 UTC
apacheconf-0.63-1 again...

If you only select listening on port 80 but then enable SSL in the default
virtual host config, apache will fail to start due to missing ssl config
information for the server listening on port 80.

[Sat Feb 10 01:23:46 2001] [error] mod_ssl: Init: Server _default_:80
should be SSL-aware but has no certificate configured [Hint:
SSLCertificateFile]

Comment 1 Jeremy Katz 2001-02-10 07:48:50 UTC
Note that this also happens if you add port 443 to the list of listening ports
as the configuration is still set up to enable the SSLEngine on port 80 without
any of the necessary SSL config vars

Comment 2 Glen Foster 2001-02-12 23:10:11 UTC
This defect is considered MUST-FIX for Florence Gold release

Comment 3 Phil Knirsch 2001-02-13 17:38:03 UTC
You are actually describing 2 "bugs" here, one is sort of a bug, the other not
at all, resp. not fixable.

1) The error message displayed tells you actually that you have neglected to
provide a key file. This is not a 'real' apacheconf problem, but will be fixed
nonetheless (these fields may not be empty if SSL is enabled). Also i might
simply remove the none existing defaults and enclose the SSL enabled vhosts
with a IF_SSL to ensure that they are only running when the user has installed a
mod_ssh enabled apache.

2) According to various manpages/docs apache mod_ssh doesn't care on which
port it runs, therefore the user has to know what he/she does and has to
specifiy the correct address on the first page of the Virtual Host dialog.
This is nearly not fixable as someone could really decide to let a SSH enabled
apache run on port 6789 on www.foo.com, it's really basically all up to the
user/admin. Overwriting the address field when the user turns on SSL is not a
good idea IMHO either.



Note You need to log in before you can comment on or make changes to this bug.