Bug 26927 - apacheconf + ssl config wackiness
apacheconf + ssl config wackiness
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: apacheconf (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Phil Knirsch
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-02-10 02:28 EST by Jeremy Katz
Modified: 2015-03-04 20:08 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-02-13 09:50:52 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jeremy Katz 2001-02-10 02:28:30 EST
apacheconf-0.63-1 again...

If you only select listening on port 80 but then enable SSL in the default
virtual host config, apache will fail to start due to missing ssl config
information for the server listening on port 80.

[Sat Feb 10 01:23:46 2001] [error] mod_ssl: Init: Server _default_:80
should be SSL-aware but has no certificate configured [Hint:
SSLCertificateFile]
Comment 1 Jeremy Katz 2001-02-10 02:48:50 EST
Note that this also happens if you add port 443 to the list of listening ports
as the configuration is still set up to enable the SSLEngine on port 80 without
any of the necessary SSL config vars
Comment 2 Glen Foster 2001-02-12 18:10:11 EST
This defect is considered MUST-FIX for Florence Gold release
Comment 3 Phil Knirsch 2001-02-13 12:38:03 EST
You are actually describing 2 "bugs" here, one is sort of a bug, the other not
at all, resp. not fixable.

1) The error message displayed tells you actually that you have neglected to
provide a key file. This is not a 'real' apacheconf problem, but will be fixed
nonetheless (these fields may not be empty if SSL is enabled). Also i might
simply remove the none existing defaults and enclose the SSL enabled vhosts
with a IF_SSL to ensure that they are only running when the user has installed a
mod_ssh enabled apache.

2) According to various manpages/docs apache mod_ssh doesn't care on which
port it runs, therefore the user has to know what he/she does and has to
specifiy the correct address on the first page of the Virtual Host dialog.
This is nearly not fixable as someone could really decide to let a SSH enabled
apache run on port 6789 on www.foo.com, it's really basically all up to the
user/admin. Overwriting the address field when the user turns on SSL is not a
good idea IMHO either.

Note You need to log in before you can comment on or make changes to this bug.