# httpd.conf + ssl is making me lose my cool



## jsanc623 (Nov 16, 2010)

I'm having a bit of a difficult time with my httpd.conf file and ssl...something is going, well, not my way shall we say  

I'm pretty sure its an issue with the httpd conf file as the IT department verified ports 443 is open on the firewall, etc. The prior admin left recently without having configured SSL on the server correctly. I've since gotten the correct certs but can't get https to return anything but a Error 102 (net::ERR_CONNECTION_REFUSED): Unknown error.

I've uploaded the httpd conf file here http://www.xtremeillusionz.com/httpdconf.txt and have changed the domain name for security's sake I guess 

Any and all help or hints would be greatly appreciated - after two days of googling and looking at other httpd conf files (including the one on my personal server - which I had no trouble getting it to work) I'm at the end of my rope over here.

Thank you all


----------



## Terry_Kennedy (Nov 17, 2010)

jsanc623 said:
			
		

> Any and all help or hints would be greatly appreciated - after two days of googling and looking at other httpd conf files (including the one on my personal server - which I had no trouble getting it to work) I'm at the end of my rope over here.


Anything useful in your /usr/local/apache/logs/ssl_engine_log or /usr/local/apache/logs/error_log files? My experience has been that Apache will generally say _something_ in the log files that will help lead you to the problem.

By the way, what version of Apache is this? My Apache 2.2 configuration uses lines like 
	
	



```
<IfModule ssl_module>
```
where you have 
	
	



```
<IfModule mod_ssl.c>
```
That might be from you using an older version, or might indicate a problem.


----------



## DutchDaemon (Nov 17, 2010)

/usr/local/apache/logs/ doesn't sound like the default location of Apache logging. I think it's:

/var/log/httpd-ssl-access.log
/var/log/httpd-ssl-error.log
/var/log/httpd-ssl_request.log


----------



## jsanc623 (Nov 17, 2010)

Terry_Kennedy said:
			
		

> Anything useful in your /usr/local/apache/logs/ssl_engine_log or /usr/local/apache/logs/error_log files? My experience has been that Apache will generally say _something_ in the log files that will help lead you to the problem.
> 
> By the way, what version of Apache is this? My Apache 2.2 configuration uses lines like
> 
> ...



Apache 1.3.41 

I'm going to check the error logs now - error_log is 334mb haha...oi


----------



## jsanc623 (Nov 17, 2010)

DutchDaemon said:
			
		

> /usr/local/apache/logs/ doesn't sound like the default location of Apache logging. I think it's:
> 
> /var/log/httpd-ssl-access.log
> /var/log/httpd-ssl-error.log
> /var/log/httpd-ssl_request.log




negative ghost rider, /usr/local/apache/logs/ is the location


----------



## jsanc623 (Nov 17, 2010)

Just to update (triple posting...yay):

I got apache to recognize incoming connections to port 443 and 304 (SSL ports) by adding the Listen xxx.xxx.xxx.xxx:304/443 line whose existence I apparently overlooked. Now a browser will recognize that port 304/443 is open, however, I get an SSL Connection Error ("Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have.") which means progress! Thank you all that have responded thus far


----------



## chavez243ca (Nov 19, 2010)

Hi Jsanc:

It's likely worth your while to take a look at cronolog to do some log rotation / retention work for you.  (sysutils/cronolog)

As previously mentioned - you logs should indicate what is failing.  Have you tried starting Apache with:

[cmd=]apachectl startssl[/cmd]

Do you know if your SSL files are all in order?


----------

