We are having an issue with our site. Port 80 works fine but port 443 does not connect and I wonder if it is an issue with the apache config file. Someone please help. We are using Apache 1.3 on FreeBSD 6.2 I have copied and pasted our httpd.conf file below for someone to see if there are any errors. Thanks. ## httpd.conf -- Apache HTTP server configuration file ServerType standalone ServerRoot "/usr/local" #LockFile /var/run/httpd.lock PidFile /var/run/httpd.pid ScoreBoardFile /var/run/httpd.scoreboard ResourceConfig /dev/null AccessConfig /dev/null Timeout 300 KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 15 MinSpareServers 5 MaxSpareServers 10 StartServers 256 MaxClients 256 MaxRequestsPerChild 10000 #Listen 3000 #Listen 12.34.56.78:80 #BindAddress * LoadModule mmap_static_module libexec/apache/mod_mmap_static.so LoadModule vhost_alias_module libexec/apache/mod_vhost_alias.so LoadModule env_module libexec/apache/mod_env.so LoadModule define_module libexec/apache/mod_define.so LoadModule config_log_module libexec/apache/mod_log_config.so LoadModule mime_magic_module libexec/apache/mod_mime_magic.so LoadModule mime_module libexec/apache/mod_mime.so LoadModule negotiation_module libexec/apache/mod_negotiation.so LoadModule status_module libexec/apache/mod_status.so LoadModule info_module libexec/apache/mod_info.so LoadModule includes_module libexec/apache/mod_include.so LoadModule autoindex_module libexec/apache/mod_autoindex.so LoadModule dir_module libexec/apache/mod_dir.so LoadModule cgi_module libexec/apache/mod_cgi.so LoadModule asis_module libexec/apache/mod_asis.so LoadModule imap_module libexec/apache/mod_imap.so LoadModule action_module libexec/apache/mod_actions.so LoadModule speling_module libexec/apache/mod_speling.so LoadModule userdir_module libexec/apache/mod_userdir.so LoadModule alias_module libexec/apache/mod_alias.so LoadModule rewrite_module libexec/apache/mod_rewrite.so LoadModule access_module libexec/apache/mod_access.so LoadModule auth_module libexec/apache/mod_auth.so LoadModule anon_auth_module libexec/apache/mod_auth_anon.so LoadModule db_auth_module libexec/apache/mod_auth_db.so LoadModule digest_module libexec/apache/mod_digest.so LoadModule proxy_module libexec/apache/libproxy.so LoadModule cern_meta_module libexec/apache/mod_cern_meta.so LoadModule expires_module libexec/apache/mod_expires.so LoadModule headers_module libexec/apache/mod_headers.so LoadModule usertrack_module libexec/apache/mod_usertrack.so LoadModule log_forensic_module libexec/apache/mod_log_forensic.so LoadModule unique_id_module libexec/apache/mod_unique_id.so LoadModule setenvif_module libexec/apache/mod_setenvif.so <IfDefine SSL> LoadModule ssl_module libexec/apache/libssl.so </IfDefine> LoadModule php4_module libexec/apache/libphp4.so ClearModuleList AddModule mod_mmap_static.c AddModule mod_vhost_alias.c AddModule mod_env.c AddModule mod_define.c AddModule mod_log_config.c AddModule mod_mime_magic.c AddModule mod_mime.c AddModule mod_negotiation.c AddModule mod_status.c AddModule mod_info.c AddModule mod_include.c AddModule mod_autoindex.c AddModule mod_dir.c AddModule mod_cgi.c AddModule mod_asis.c AddModule mod_imap.c AddModule mod_actions.c AddModule mod_speling.c AddModule mod_userdir.c AddModule mod_alias.c AddModule mod_rewrite.c AddModule mod_access.c AddModule mod_auth.c AddModule mod_auth_anon.c AddModule mod_auth_db.c AddModule mod_digest.c AddModule mod_proxy.c AddModule mod_cern_meta.c AddModule mod_expires.c AddModule mod_headers.c AddModule mod_usertrack.c AddModule mod_log_forensic.c AddModule mod_unique_id.c AddModule mod_so.c AddModule mod_setenvif.c <IfDefine SSL> AddModule mod_ssl.c </IfDefine> AddModule mod_php4.c #ExtendedStatus On Port 80 <IfDefine SSL> Listen 80 Listen 443 </IfDefine> User www Group www ServerAdmin estore@warehousepoint.com ServerName www.warehousepoint.com DocumentRoot "/usr/local/www/data-dist/warehousepoint" <Directory /> Options FollowSymLinks AllowOverride All </Directory> <Directory "/usr/local/www/data-dist/warehousepoint"> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from all </Directory> <IfModule mod_userdir.c> UserDir public_html </IfModule> #<Directory /home/*/public_html> # AllowOverride FileInfo AuthConfig Limit # Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec # <Limit GET POST OPTIONS PROPFIND> # Order allow,deny # Allow from all # </Limit> # <LimitExcept GET POST OPTIONS PROPFIND> # Order deny,allow # Deny from all # </LimitExcept> #</Directory> <IfModule mod_dir.c> <IfModule mod_php3.c> <IfModule mod_php4.c> DirectoryIndex index.php index.php3 index.html merchant.mv? </IfModule> <IfModule !mod_php4.c> DirectoryIndex index.php3 index.html merchant.mv? </IfModule> </IfModule> <IfModule !mod_php3.c> <IfModule mod_php4.c> DirectoryIndex index.php index.html merchant.mv? </IfModule> <IfModule !mod_php4.c> DirectoryIndex index.html merchant.mv? </IfModule> </IfModule> </IfModule> AccessFileName .htaccess <Files ~ "^\.ht"> Order allow,deny Deny from all Satisfy All </Files> #CacheNegotiatedDocs UseCanonicalName On <IfModule mod_mime.c> TypesConfig /usr/local/etc/apache/mime.types </IfModule> DefaultType text/plain <IfModule mod_mime_magic.c> MIMEMagicFile /usr/local/etc/apache/magic </IfModule> HostnameLookups Off ErrorLog "|/usr/local/sbin/cronolog /usr/local/www/httpd/error_log.%d" LogLevel warn LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent #CustomLog /var/log/httpd-access.log common #CustomLog /var/log/httpd-referer.log referer #CustomLog /var/log/httpd-agent.log agent CustomLog "|/usr/local/sbin/cronolog /usr/local/www/httpd/access_log.%d" combined ServerSignature On # > AddType text/html .ahtml # > EBCDICConvert Off=InOut .ahtml # # EBCDICConvertByType On=InOut text/* message/* multipart/* # EBCDICConvertByType On=In application/x-www-form-urlencoded # EBCDICConvertByType On=InOut application/postscript model/vrml # EBCDICConvertByType Off=InOut */* <IfModule mod_alias.c> Alias /icons/ "/usr/local/www/icons/" <Directory "/usr/local/www/icons"> Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all </Directory> Alias /manual/ "/usr/local/share/doc/apache/" <Directory "/usr/local/share/doc/apache"> Options Indexes FollowSymlinks MultiViews AllowOverride None Order allow,deny Allow from all </Directory> ScriptAlias /cgi-bin/ "/usr/local/www/cgi-bin/" <Directory "/usr/local/www/cgi-bin"> AllowOverride None Options None Order allow,deny Allow from all </Directory> </IfModule> <IfModule mod_autoindex.c> IndexOptions FancyIndexing AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip AddIconByType (TXT,/icons/text.gif) text/* AddIconByType (IMG,/icons/image2.gif) image/* AddIconByType (SND,/icons/sound2.gif) audio/* AddIconByType (VID,/icons/movie.gif) video/* AddIcon /icons/binary.gif .bin .exe AddIcon /icons/binhex.gif .hqx AddIcon /icons/tar.gif .tar AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip AddIcon /icons/a.gif .ps .ai .eps AddIcon /icons/layout.gif .html .shtml .htm .pdf AddIcon /icons/text.gif .txt AddIcon /icons/c.gif .c AddIcon /icons/p.gif .pl .py AddIcon /icons/f.gif .for AddIcon /icons/dvi.gif .dvi AddIcon /icons/uuencoded.gif .uu AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl AddIcon /icons/tex.gif .tex AddIcon /icons/bomb.gif core AddIcon /icons/back.gif .. AddIcon /icons/hand.right.gif README AddIcon /icons/folder.gif ^^DIRECTORY^^ AddIcon /icons/blank.gif ^^BLANKICON^^ DefaultIcon /icons/unknown.gif #AddDescription "GZIP compressed document" .gz #AddDescription "tar archive" .tar #AddDescription "GZIP compressed tar archive" .tgz ReadmeName README.html HeaderName HEADER.html IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t </IfModule> <IfModule mod_mime.c> AddLanguage da .dk AddLanguage nl .nl AddLanguage en .en AddLanguage et .ee AddLanguage fr .fr AddLanguage de .de AddLanguage el .el AddLanguage he .he AddCharset ISO-8859-8 .iso8859-8 AddLanguage it .it AddLanguage ja .ja AddCharset ISO-2022-JP .jis AddLanguage kr .kr AddCharset ISO-2022-KR .iso-kr AddLanguage nn .nn AddLanguage no .no AddLanguage pl .po AddCharset ISO-8859-2 .iso-pl AddLanguage pt .pt AddLanguage pt-br .pt-br AddLanguage ltz .lu AddLanguage ca .ca AddLanguage es .es AddLanguage sv .sv AddLanguage cs .cz .cs AddLanguage ru .ru AddLanguage zh-TW .zh-tw AddCharset Big5 .Big5 .big5 AddCharset WINDOWS-1251 .cp-1251 AddCharset CP866 .cp866 AddCharset ISO-8859-5 .iso-ru AddCharset KOI8-R .koi8-r AddCharset UCS-2 .ucs2 AddCharset UCS-4 .ucs4 AddCharset UTF-8 .utf8 <IfModule mod_negotiation.c> LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ru ltz ca es sv tw </IfModule> AddType application/x-tar .tgz AddEncoding x-compress .Z AddEncoding x-gzip .gz .tgz #AddType application/x-compress .Z #AddType application/x-gzip .gz .tgz #AddHandler cgi-script .cgi #AddType text/html .shtml #AddHandler server-parsed .shtml #AddHandler send-as-is asis #AddHandler imap-file map #AddHandler type-map var </IfModule> #MetaDir .web #MetaSuffix .meta # # Customizable error response (Apache style) # these come in three flavors # # 1) plain text #ErrorDocument 500 "The server made a boo boo. # n.b. the single leading (") marks it as text, it does not get output # # 2) local redirects #ErrorDocument 404 /missing.html # to redirect to local URL /missing.html #ErrorDocument 404 /cgi-bin/missing_handler.pl # N.B.: You can redirect to a script or a document using server-side-includes. # # 3) external redirects #ErrorDocument 402 http://www.example.com/subscription_info.html # N.B.: Many of the environment variables associated with the original # request will *not* be available to such a script. <IfModule mod_setenvif.c> BrowserMatch "Mozilla/2" nokeepalive BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 BrowserMatch "RealPlayer 4\.0" force-response-1.0 BrowserMatch "Java/1\.0" force-response-1.0 BrowserMatch "JDK/1\.0" force-response-1.0 </IfModule> # End of browser customization directives #<Location /server-status> # SetHandler server-status # Order deny,allow # Deny from all # Allow from .example.com #</Location> #<Location /server-info> # SetHandler server-info # Order deny,allow # Deny from all # Allow from .example.com #</Location> #<Location /cgi-bin/phf*> # Deny from all # ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi #</Location> ### Section 3: Virtual Hosts # Use name-based virtual hosting. #NameVirtualHost *:80 #<VirtualHost *:80> # ServerAdmin webmaster@dummy-host.example.com # DocumentRoot /www/docs/dummy-host.example.com # ServerName dummy-host.example.com # ErrorLog logs/dummy-host.example.com-error_log # CustomLog logs/dummy-host.example.com-access_log common #</VirtualHost> #<VirtualHost _default_:*> #</VirtualHost> ## ## SSL Global Context <IfDefine SSL> AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl </IfDefine> <IfModule mod_ssl.c> SSLPassPhraseDialog builtin #SSLSessionCache none #SSLSessionCache shmht:/var/run/ssl_scache(512000) #SSLSessionCache shmcb:/var/run/ssl_scache(512000) SSLSessionCache dbm:/var/run/ssl_scache SSLSessionCacheTimeout 300 SSLMutex file:/var/run/ssl_mutex SSLRandomSeed startup builtin SSLRandomSeed connect builtin #SSLRandomSeed startup file:/dev/random 512 #SSLRandomSeed startup file:/dev/urandom 512 #SSLRandomSeed connect file:/dev/random 512 #SSLRandomSeed connect file:/dev/urandom 512 SSLLog /var/log/ssl_engine_log SSLLogLevel info </IfModule> <IfDefine SSL> <VirtualHost *:443> DocumentRoot "/usr/local/www/data-dist/warehousepoint" ServerName www.warehousepoint.com ServerAdmin estore@warehousepoint.com ErrorLog /var/log/httpd-error.log TransferLog /var/log/httpd-access.log SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSL v2:+EXP:+eNULL SSLCertificateFile /usr/local/etc/apache/ssl.crt/warehousepoint_com.crt SSLCertificateKeyFile /usr/local/etc/apache/ssl.key/server.key #SSLCertificateChainFile /usr/local/etc/apache/ssl.crt/ca.crt #SSLCACertificatePath /usr/local/etc/apache/ssl.crt #SSLCACertificateFile /usr/local/etc/apache/ssl.crt/ca-bundle.crt #SSLCARevocationPath /usr/local/etc/apache/ssl.crl #SSLCARevocationFile /usr/local/etc/apache/ssl.crl/ca-bundle.crl #SSLVerifyClient require #SSLVerifyDepth 10 #<Location /> #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ #</Location> #SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> <Directory "/usr/local/www/cgi-bin"> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog /var/log/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> </IfDefine> # Miva Empresa #SetEnv MvCONFIG_LIBRARY /usr/local/miva/lib/config/env.so SetEnv MvCONFIG_DIR_MIVA /usr/local/www/data-dist/warehousepoint #(path to MivaScript files, usually the same as the DocumentRoot on server) SetEnv MvCONFIG_DIR_DATA /usr/local/miva/mivadata #(path to Miva Merchant Data files) SetEnv MvCONFIG_DIR_BUILTIN /usr/local/miva/lib/builtins #(path to built-in libraries, these are not Commerce Libraries SetEnv MvCONFIG_DIR_CA /usr/local/miva/certs #(path to SSL certificate files) #SetEnv MvCONFIG_SSL_OPENSSL /usr/local/miva/lib/libssl.so #(path and file name to the OpenSSL library file, libssl.so) #SetEnv MvCONFIG_SSL_CRYPTO /usr/local/miva/lib/libcrypto.so #(path and file name to the OpenSSL library file) #SetEnv MvCONFIG_COMMERCE_<method> /home/user/lib/commerce/library.so #(method, path, and file name for each installed commerce library) #SetEnv MvCONFIG_DATABASE_<method> /path/to/lib/ #(method, path, and file name for mivasql or mysql) SetEnv MvCONFIG_DATABASE_MySQL /usr/local/miva/lib/databases/mysql5.so SetEnv MvCONFIG_DATABASE_MivaSQL /usr/local/miva/lib/databases/mivasql.so SetEnv MvCONFIG_MAX_DOCACHE 10 AddType application/x-miva-compiled .mvc Action application/x-miva-compiled /cgi-bin/mivavm
Hi, we can take a look at the server, if you like to shell out some bucks. Extensive experience with apache and server administration, We can fix the issue for you.
Port 443 is open through the firewall. We had it working before but our secure cert. expired so we updated our httpd.conf with the new key info and now it doesn't work. I have asked out server admin. to upgrade apache but they will not do it.
Hello, The problem here is key matching then..First delete all the files CSR and Key file of the expired SSL certificate and then re-install SSL.. that should help. Normally what happens while we update SSL it does not replaces new Key file at the location specified in http.conf.