Weeeeeeeee're BACK!
David Kramer
david at thekramers.net
Tue Apr 10 01:18:28 EDT 2001
So the DNS issues are resolved now. My domain name DID NOT change, but
my IP is now 24.91.178.175 for both kramer.ne.mediaone.net and
thekramers.net.
I used Apache Toolbox to completely redownload/compile/install
Apache/mysql/imap/php/mod_* yadayada
The end result was nice, but I *STILL* can't get to my server though
SSL, even on the same box. It seems like httpd understands it should be
doing SSL, but isn't listening.
/server-info includes:
Server Version: Apache/1.3.19 (Unix) PHP/4.0.4pl1 AuthMySQL/2.20
mod_gzip/1.3.19.1a
mod_fastcgi/2.2.10 mod_perl/1.25 mod_ssl/2.8.2 OpenSSL/0.9.6
......
Current Configuration:
conf/httpd.conf
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/usr/local/apache/logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/usr/local/apache/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLLog /usr/local/apache/logs/ssl_engine_log
SSLLogLevel debug
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
httpd.conf includes:
VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot "/usr/local/apache/shtdocs"
ServerName kramer.ne.mediaone.net
ServerAdmin root at kramer.ne.mediaone.net
ErrorLog /usr/local/apache/logs/error_log
TransferLog /usr/local/apache/logs/access_log
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
......
ssl_engine_log contains:
[09/Apr/2001 20:25:29 13234] [info] Init: Initializing (virtual)
servers for SSL
[09/Apr/2001 22:23:24 13234] [info] Init: 1st restart round (already
detached)
[09/Apr/2001 22:23:24 13234] [trace] Inter-Process Session Cache (DBM)
Expiry: old: 0, new: 0, removed: 0
[09/Apr/2001 22:23:24 13234] [info] Init: Seeding PRNG with 1160 bytes
of entropy
[09/Apr/2001 22:23:24 13234] [info] Init: Configuring temporary RSA
private keys (512/1024 bits)
[09/Apr/2001 22:23:24 13234] [info] Init: Configuring temporary DH
parameters (512/1024 bits)
[09/Apr/2001 22:23:24 13234] [info] Init: Initializing (virtual)
servers for SSL
[09/Apr/2001 23:45:15 13234] [info] Init: 2nd restart round (already
detached)
[09/Apr/2001 23:45:15 13234] [trace] Inter-Process Session Cache (DBM)
Expiry: old: 0, new: 0, removed: 0
[09/Apr/2001 23:45:15 13234] [info] Init: Seeding PRNG with 1160 bytes
of entropy
[09/Apr/2001 23:45:15 13234] [info] Init: Configuring temporary RSA
private keys (512/1024 bits)
[09/Apr/2001 23:45:15 13234] [info] Init: Configuring temporary DH
parameters (512/1024 bits)
[09/Apr/2001 23:45:15 13234] [info] Init: Initializing (virtual)
servers for SSL
[10/Apr/2001 01:00:07 13234] [info] Init: 3nd restart round (already
detached)
[10/Apr/2001 01:00:07 13234] [trace] Inter-Process Session Cache (DBM)
Expiry: old: 0, new: 0, removed: 0
[10/Apr/2001 01:00:07 13234] [info] Init: Seeding PRNG with 1160 bytes
of entropy
[10/Apr/2001 01:00:07 13234] [info] Init: Configuring temporary RSA
private keys (512/1024 bits)
[10/Apr/2001 01:00:07 13234] [info] Init: Configuring temporary DH
parameters (512/1024 bits)
[10/Apr/2001 01:00:07 13234] [info] Init: Initializing (virtual)
servers for SSL
------------------------------------------------------------------------------------------------
[root at kramer logs]# telnet thekramers.net 443
Trying 24.91.178.175...
telnet: Unable to connect to remote host: Connection refused
------------------------------------------------------------------------------------------------
Note no https or 443 mentioned here
[root at kramer logs]# netstat -l -p
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address
State PID/Program name
tcp 0 0 *:www *:*
LISTEN 13234/httpd
tcp 0 0 *:X *:*
LISTEN 10449/X
tcp 0 0 *:587 *:*
LISTEN 10223/sendmail: acc
tcp 0 0 *:smtp *:*
LISTEN 10223/sendmail: acc
tcp 0 0 *:mysql *:*
LISTEN 1163/mysqld
tcp 0 0 *:printer *:*
LISTEN 818/
tcp 0 0 *:ssh *:*
LISTEN 797/
tcp 0 0 *:finger *:*
LISTEN 782/xinetd
tcp 0 0 *:imap2 *:*
LISTEN 782/xinetd
tcp 0 0 *:pop3 *:*
LISTEN 782/xinetd
tcp 0 0 *:login *:*
LISTEN 782/xinetd
tcp 0 0 *:shell *:*
LISTEN 782/xinetd
tcp 0 0 *:ftp *:*
LISTEN 782/xinetd
tcp 0 0 *:auth *:*
LISTEN 732/identd
tcp 0 0 *:1024 *:*
LISTEN 663/
tcp 0 0 *:sunrpc *:*
LISTEN 636/portmap
udp 0 0 *:1025
*:* 663/
udp 0 0 *:839
*:* 663/
udp 0 0 *:1024
*:* -
udp 0 0 *:sunrpc
*:* 636/portmap
raw 0 0 *:icmp *:*
7 -
raw 0 0 *:tcp *:*
7 -
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program
name Path
unix 0 [ ACC ] STREAM LISTENING 347
285/ /var/run/pump.sock
unix 0 [ ACC ] STREAM LISTENING 1129
878/gpm /dev/gpmctl
unix 0 [ ACC ] STREAM LISTENING 39150
10500/kfm /tmp//kio_0_10500kramer.ne.mediaone.net_0
unix 0 [ ACC ] STREAM LISTENING 39152
10500/kfm /tmp//kfm_0_10500kramer.ne.mediaone.net_0
unix 0 [ ACC ] STREAM LISTENING 1810
1163/mysqld /var/lib/mysql/mysql.sock
unix 0 [ ACC ] STREAM LISTENING 39069
10449/X /tmp/.X11-unix/X0
unix 0 [ ACC ] STREAM LISTENING 1736
1082/xfs /tmp/.font-unix/fs7100
[root at kramer logs]#
------------------------------------------------------------------------------------------------
Can anyone give me some more tests to run, or can someone lend me their
magic sand and voodoo doll?
Thanks in advance.
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
More information about the Discuss
mailing list