Re: [Hampshire] Apache2 SSL Install/Config on Ubuntu

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Graham Bleach at <-
MMVic at ->

Reply to this message
Author: Richard Mace
Date:  
To: Hampshire LUG Discussion List
Subject: Re: [Hampshire] Apache2 SSL Install/Config on Ubuntu
> I don't really know what's going wrong here, as I'm lacking some key
> information, such as how many vhosts you have.

Just the one at the moment, and I am not even sure if I "need" to
configure virtual hosts.

> which ones don't work
> and what you want to achieve using SSL. My suspicion is that you are
> using vhosts and these vhosts have not been configured to accept
> connections on port 443.

I have a Joomla installation, and I would like to secure the user
login screen (for obvious reasons) but I am really not sure where to
start.

Eventually, this box will live out on the Internet, and could well
have multiple ip addresses pointing at it, so maby vhosts are the way
to go?

> In a vanilla apache install I'd do something like this, but maybe
> there's a better way if using the standard Debian config:
>
> Listen IP:443
> <VirtualHost IP:443>
>
> </VirtualHost>

My /etc/apache2/sites-available/ssl contains the following, does this help: 

NameVirtualHost *:443
<VirtualHost *:443>
        ServerAdmin webmaster@localhost


        DocumentRoot /var/www/opendoorit.co.uk/
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/opendoorit.co.uk/administrator>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
                # Uncomment this directive is you want to see apache2's
                # default start page (in /apache2-default) when you go to /
                #RedirectMatch ^/$ /apache2-default/
        </Directory>


        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
        <Directory "/usr/lib/cgi-bin">
                AllowOverride None
                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all
        </Directory>


        ErrorLog /var/log/apache2/error.log


        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn


        CustomLog /var/log/apache2/access.log combined
        ServerSignature On


SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem 

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>


</VirtualHost>


This message was posted to the following mailing lists:
Hampshire LUG
Mailing List Info | Nearby Messages		<-Re: [Hampshire] RAID advice pleaseRe: [Hampshire] Apache2 SSL Install/Config on Ubuntu->
Hampshire LUG Mailing List Archive administrated by WebmasterLurker (version 2.3)