My ongoing experiences with Ubuntu, and later Mythbuntu, as a media center with MythTV. I'm also using the system for a virtual machine server, a mediawiki server and a general all around home infrastructure base.

Saturday, August 9, 2008

Adding SSL support to Apache2

I wanted to increase security and add https support to my Apache2 install. Poking around I found directions here. Which I basically followed:

# apt-get install ssl-cert
# mkdir /etc/apache2/ssl
# make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
# a2enmod ssl
# cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl
# vi /etc/apache2/sites-available/ssl
# diff /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl
1,2c1,2
< NameVirtualHost *
< <VirtualHost *>
---
> NameVirtualHost *:443
> <VirtualHost *:443>
4a5,7
> SSLEngine On
> SSLCertificateFile /etc/apache2/ssl/apache.pem
>

# a2ensite ssl
# /etc/init.d/apache2 reload
# cp /etc/apache2/sites-available/default /etc/apache2/sites-available/default.orig
# vi /etc/apache2/sites-available/default
# diff /etc/apache2/sites-available/default.orig /etc/apache2/sites-available/default
1,2c1,2
< NameVirtualHost *
< <VirtualHost *>
---
> NameVirtualHost *:80
> <VirtualHost *:80>


But then I ran into this problem:
# /etc/init.d/apache2 start
* Starting web server (apache2)...
[Sat Aug 09 17:28:50 2008] [warn] The Alias directive in /etc/apache2/sites-enabled/001-mediawiki at line 1 will probably never match because it overlaps an earlier Alias.
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs
...fail!


Which I fixed by commenting out the Listen directive in ports.conf:
# vi /etc/apache2/ports.conf
# cat /etc/apache2/ports.conf
#Listen 80


That got things working.

While I was playing with Apache configuration, I went ahead and fixed a warning about a undefined server name:

# vi /etc/apache2/apache2.conf
# grep ServerName /etc/apache2/apache2.conf
ServerName casey.vwelch.com
Post a Comment