Displaying 20 results from an estimated 53 matches for "sslcertificatekeyfile".
2016 Nov 20
3
CentOS 6, Apache 2.2.15 and SNI?
...st ipaddr:443>
ServerAdmin webmaster at domain#.com
ServerName vhost.domain#.com:443
ServerAlias box.domain#.com:443
ServerAlias calcbox.domain#.com:443
ServerAlias proxybox.domain#.com:443
...
SSLEngine on
SSLStrictSNIVHostCheck on
SSLCertificateFile /etc/httpd/conf/ssl.crt/domain#-host.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/domain#-host.key
SSLCertificateChainFile /etc/httpd/conf/ssl.crt/server-chain.crt
...
</VirtualHost>
only
https://domain1.com/...
works
https://domain2.com/...
results in a certificate CN mismatch ...
what is missing in my config.?
Thanks,
Walter
2017 May 05
6
tabs ignored in here document
...<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:443>
SSLEngine On
SSLCertificateFile /etc/pki/tls/certs/$your_host_tld.crt
SSLCertificateKeyFile /etc/pki/tls/private/$your_host_tld.key
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
EOF
thanks
2006 Jan 23
1
Self-signed certificates
...the certificate is not the problem. I used cacert.org to complete it. When
I made the certificate, it was for the sub-domain but the certificate for
the top-level domain is the certificate that appears. In the <VirtualHost>
section for the sub-domain, I have pointed to the sub-domain key:
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/subdomain.key.
This is how I made the key: openssl req -nodes -keyout private.key -out
subdomain.key
Any help would be greatly appreciated.
2009 Feb 09
1
puppet + mongrel + host_cert/key owner
...ongrel it
says that hostkey/cert must be owned by puppet:puppet.
I tried to keep original path (and also owner) of both files and seems
to puppet still works...
what problems could it cause to my conf?
# grep lib mongrel.conf
SSLCertificateFile /var/lib/puppet/ssl/certs/gridinstall.pic.es.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/gridinstall.pic.es.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
TIA,
Arnau
--~--~---------~--~----~------...
2009 Sep 20
2
SSL and virtual hosts?
...h /etc/certs
total 12K
-rw-r--r-- 1 root root 981 sep 20 11:06 microlinux.crt
-rw-r--r-- 1 root root 716 sep 20 11:04 microlinux.csr
-rw-r--r-- 1 root root 887 sep 20 11:11 microlinux.key
I'm not sure about the correct syntax to use SSL on this one. Where do I
configure SSLCertificateFile and SSLCertificateKeyFile? In the virtual
host stanza? Before trying various haphazard configurations, I thought
I'd better ask here.
Niki
2007 Jan 17
2
mongrel cluster (+ Apache 2.2.4 + proxy balancer) not redirecting correctly
...RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://mongrel_cluster%{REQUEST_URI}
[P,QSA,L]
CustomLog logs/desq-access.log common
ErrorLog logs/desq-error.log
SSLEngine on
SSLCertificateFile /home/user/ssl.crt
SSLCertificateKeyFile /home/user/ssl.key
</VirtualHost>
<VirtualHost *:80>
ServerName server.domain.com
Redirect permanent / https://server.domain.com
</VirtualHost>
Also, the cluster YML file:
---
port: 3000
pid_file: log/mongrel.pid
servers: 2
address: 127.0.0.1
cwd: /home/user/de...
2017 May 05
2
tabs ignored in here document
...dexes FollowSymLinks
>> AllowOverride None
>> Require all granted
>> </Directory>
>> </VirtualHost>
>> <VirtualHost *:443>
>> SSLEngine On
>> SSLCertificateFile /etc/pki/tls/certs/$your_host_tld.crt
>> SSLCertificateKeyFile /etc/pki/tls/private/$your_host_tld.key
>> <Directory "/var/www/html">
>> Options Indexes FollowSymLinks
>> AllowOverride None
>> Require all granted
>> </Directory>
>> </VirtualHost>
>> EOF
>&g...
2005 Apr 28
3
vsftp 500 OOPS: SSL: cannot load RSA key
...ng:
rsa_cert_file=/usr/share/ssl/certs/inet06cert.pem
which is the public certificate and this:
rsa_cert_file=/usr/share/ssl/private/inet06key.pem
which is the server private key. Both these are in use by the
apache web server as :
SSLCertificateFile /usr/share/ssl/certs/inet06cert.pem
and
SSLCertificateKeyFile /usr/share/ssl/private/inet06key.pem
respectively and I have no trouble using ssl with that service. As
far as I can tell the certificates are in the right places and do
the right things for apache but vsftpd chokes. Since vsftpd does
not deign to log what is going on I cannot tell what it fi...
2006 Jan 05
1
Apache reverse proxy authentication problem on RHEL based distribs only
...efer not to introduce a different one just
for this purpose.
Here is my virtual host configuration for this:
==================================
<VirtualHost xxx.xxx.xxx.xxx:443>
ServerName testproxy.domain.com
SSLEngine On
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
RequestHeader set Front-End-Https "On"
ProxyRequests Off
ProxyPreserveHost On
LogLevel debug
<Location /exchange>
ProxyPass http://yyy.yyy.yyy.yyy/exchange
ProxyPassReverse http://yyy.yyy.yyy.yyy/exchange
SSLRequir...
2017 Apr 26
4
Apache + SSL: default configuration rated "C" by Qualys Labs
...n
/etc/httpd/conf.d/ssl.conf. I kept the default options for everything else.
--8<------------------------------------------------
...
DocumentRoot "/var/www/html/default/html"
ServerName sd-41893.dedibox.fr:443
...
SSLCertificateFile /etc/letsencrypt/live/sd-41893.dedibox.fr/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/sd-41893.dedibox.fr/privkey.pem
SSLCertificateChainFile
/etc/letsencrypt/live/sd-41893.dedibox.fr/fullchain.pem
--8<------------------------------------------------
After restarting Apache, the website shows up correctly.
https://sd-41893.dedibox.fr/
But when I test it u...
2016 Feb 29
4
Problems with ProxyPass to a local ip (using SSL)
..._request.log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
LogLevel info
SSLEngine on
SSLProxyEngine On
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!ADH:!EXPORT56:!EXP:!eNULL:!aNULL:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2
SSLCertificateFile /etc/httpd/certs/server.crt
SSLCertificateKeyFile /etc/httpd/certs/server.key
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://192.168.1.5:5100/
ProxyPassReverse / http://192.168.1.5:5100/
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "444"
RewriteEngine On
RewriteRule ^/(.*) ht...
2012 Feb 06
1
Puppet / Passenger SSL Problems with DRBD
...usr/bin/ruby
CustomLog "/var/log/httpd/puppet_access_log" common
ErrorLog "/var/log/httpd/puppet_error_log"
SSLEngine on
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
SSLCertificateFile /drbd01/puppet/var/lib/puppet/ssl/certs/
puppetmaster.foo.bar.pem
SSLCertificateKeyFile /drbd01/puppet/var/lib/puppet/ssl/
private_keys/puppetmaster.foo.bar.pem
SSLCertificateChainFile /drbd01/puppet/var/lib/puppet/ssl/ca/
ca_crt.pem
SSLCACertificateFile /drbd01/puppet/var/lib/puppet/ssl/ca/
ca_crt.pem
# CRL checking should be enabled; if you have problems with Apache...
2013 Jul 23
3
Debugging Puppetmaster with Apache/Rack/Passenger
...On
# Only allow high security cryptography. Alter if needed for
compatibility.
SSLProtocol All -SSLv2
SSLCipherSuite HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP
SSLCertificateFile /var/lib/puppet/ssl/certs/<puppetmaster>.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/
<puppetmaster>.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional...
2013 May 30
4
Could not request certificate: Error 405 on SERVER
...ome relevant apache config info:
# Only allow high security cryptography. Alter if needed for
compatibility.
SSLProtocol All -SSLv2
SSLCipherSuite HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP
SSLCertificateFile
/var/lib/puppet/ssl/certs/pmaster.localdomain.pem
SSLCertificateKeyFile
/var/lib/puppet/ssl/private_keys/pmaster.localdomain.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDep...
2008 Oct 07
6
https problems
I''m having a problem but don''t know what is causing it so I don''t know
exactly where to post, please bear with me.
I''m trying to set up https access however whenever I go to https://url_for_site
the root route renders but the url is rewritten to http://url_for_site.
The ssl request shows in the apache logs but obviously no further ssl
requests show up.
2008 Jan 17
6
Apache22+mod_proxy+mongrel+ssl
...ualHost 69.1.254.101:443>
ServerName new.identry.com
ErrorLog "/var/log/www/new.identry.com-error.log"
CustomLog "/var/log/www/new.identry.com-access.log" combined
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:
+SSLv2:+EXP:+eNULL
SSLCertificateKeyFile "/usr/local/etc/apache22/certs/
new.identry.com/server.key"
SSLCertificateFile "/usr/local/etc/apache22/certs/new.identry.com/
server.crt"
#DocumentRoot "/home/identry/public_html"
RequestHeader set X_FORWARDED_PROTO ''https''
ProxyPass /...
2010 Dec 22
3
Using Puppet's client certificates for Apache, SSLVerifyClient
...uppet master''s key store.
Here''s that Apache configuration I was talking about:
<VirtualHost 10.1.0.165:443>
SSLEngine On
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
SSLCertificateFile
/var/lib/puppet/ssl/certs/puppet01.ops.az.domain.local.pem
SSLCertificateKeyFile
/var/lib/puppet/ssl/private_keys/puppet01.ops.az.domain.local.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLVerifyClient require
SSLVerifyDepth 1
SSLOptions +StdEnvVars
ErrorLog /var/log/httpd/ssltest-error.log
CustomLog /var/log/httpd...
2012 Apr 22
2
centos 6.2 - puppet 2.7.13 - SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: tlsv1 alert protocol version
...IFY
My apache vhost is configured like this:
<VirtualHost 192.168.1.60:8140>
SSLEngine on
SSLProtocol -all +SSLv3 +TLSv1
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
SSLCertificateFile
/var/lib/puppet/ssl/certs/medion.chatillon.betrancourt.net.pem
SSLCertificateKeyFile
/var/lib/puppet/ssl/private_keys/medion.chatillon.betrancourt.net.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
# CRL checking should be enabled; if you have problems with Apache
complaining about the CRL, dis...
2010 Aug 20
5
puppet dashboard gui looks odd from apache2
...AutoDetect Off
RailsAutoDetect Off
Listen 8140
<VirtualHost *:8140>
SSLEngine on
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
SSLCertificateFile
/var/lib/puppet/ssl/certs/sys-ubuntu.arl.qwestip.net.pem
SSLCertificateKeyFile
/var/lib/puppet/ssl/private_keys/sys-ubuntu.arl.qwestip.net.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
# If Apache complains about invalid signatures on the CRL, you
can try disabling
# CRL...
2010 Jun 09
12
Foreman -- Reporting
Hello All,
I don''t seem to be able to get reports to display on the foreman
interface. I copied extras/puppet/foreman/files/foreman-report.rb to /
usr/lib/ruby/site_ruby/1.8/puppet/reportsforeman.rb, instead of /usr/
lib/ruby/1.8/puppet/reports/foreman.rb. Config: Centos5.4, Apache/
Passenger, Puppet 0.25.4.
The reports are coming from the clients, because I can see them
in