Red Hat Bugzilla – Bug 26927
apacheconf + ssl config wackiness
Last modified: 2015-03-04 20:08:53 EST
If you only select listening on port 80 but then enable SSL in the default
virtual host config, apache will fail to start due to missing ssl config
information for the server listening on port 80.
[Sat Feb 10 01:23:46 2001] [error] mod_ssl: Init: Server _default_:80
should be SSL-aware but has no certificate configured [Hint:
Note that this also happens if you add port 443 to the list of listening ports
as the configuration is still set up to enable the SSLEngine on port 80 without
any of the necessary SSL config vars
This defect is considered MUST-FIX for Florence Gold release
You are actually describing 2 "bugs" here, one is sort of a bug, the other not
at all, resp. not fixable.
1) The error message displayed tells you actually that you have neglected to
provide a key file. This is not a 'real' apacheconf problem, but will be fixed
nonetheless (these fields may not be empty if SSL is enabled). Also i might
simply remove the none existing defaults and enclose the SSL enabled vhosts
with a IF_SSL to ensure that they are only running when the user has installed a
mod_ssh enabled apache.
2) According to various manpages/docs apache mod_ssh doesn't care on which
port it runs, therefore the user has to know what he/she does and has to
specifiy the correct address on the first page of the Virtual Host dialog.
This is nearly not fixable as someone could really decide to let a SSH enabled
apache run on port 6789 on www.foo.com, it's really basically all up to the
user/admin. Overwriting the address field when the user turns on SSL is not a
good idea IMHO either.