[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] SSL and PHP3

Subject: Re: [cobalt-users] SSL and PHP3
From: Kevin Murphy <kevin@xxxxxxxxxxxxx>
Date: Thu Mar 9 06:06:52 2000
Organization: Glen Group
With reverence to the great Charles Schulz, I just have this to say:

AAARRRRRRRRRGGGGGGGHHHHHHHHHHH!!!!!!

First, I just answered my own question - the httpsd server DOES give
feedback - when you get the passphrase RIGHT.  If you get it wrong (more
accurately, it doesn't match), it just exits without telling you.  Such
a helpful little app.

I wound up having to UNcomment the line in httpsd.conf that I commented
out yesterday, and set the DEFAULT cert for the server to the cert that
I just got for my virtual host.  Weird, weird, weird.

Anybody care to hazard a guess as to why?  Also, what will happen when I
go to add a new virtual host?  Will it try to use the other host's cert?
 

Cobalt - are you listening?  You need to update your KB file about
setting up VirtualHosts - if you don't get a default cert for the
server, or generate a test cert to go in the default location, you need
to put 'whatever.crt' in place of 'server.crt' on the the
SSLCertificateFile line in httpsd.conf.  Probably better for us newbies
out here that you TELL US to create the test cert, and put in in there,
and leave it in there, in order to get virtual hosts working.

Now, on to my other question.  Please, Please, PLEASE - if ANYBODY has
successfully gotten PHP to run under httpsd, PLEASE pass that
information along!  I can't use this lovely secure server without it!

Thanks again.

-Kevin

> Robert Davis wrote:
> >
> > Ahoy
> >
> > On the RaQ3, SSL runs as a module, and starts with the httpd server.
> >
> > On the RaQ2, SSL runs as a separate server, and must be separately started.
> >
> > try this command: /etc/rc.d/init.d/httpsd start
> >
> > Then enter your "challenge phrase"
> >
> > Now try ps again.
> >
> > If none of this works, I will send you the relevant portions of my
> > httpd.conf and httpsd.conf for you to compare
> >
> > Aloha
> > Davis
> > rdavis@xxxxxxxxxxx
> >
> > ----- Original Message -----
> > From: "Kevin Murphy" <kevin@xxxxxxxxxxxxx>
> > To: <cobalt-users@xxxxxxxxxxxxxxx>
> > Sent: Wednesday, March 08, 2000 10:34 AM
> > Subject: [cobalt-users] SSL and PHP3
> >
> > > Hello.
> > >
> > > I have several problems relating to my recent installation of the SSL
> > > package on my RaQ2 that I hope the list can help with.
> > >
> > > 1. It doesn't seem to work.  I have followed the instructions on the
> > > Knowledge Base page regarding configuring a virtual site for SSL, and on
> > > restart, nothing happens.  When I type in https://etc., I get
> > > "Netscape's connection was refused by the server..."  I have tried both
> > > accessing it via IP and by name, and have modified the VirtualHost
> > > section several times in an attempt to get things working.
> > >
> > > Here are my particulars:
> > >
> > > server name: shop.clarkstradingpost.com
> > > IP: 216.205.7.165 (my primary address is .162, so I'm on top of that
> > > part of the game)
> > >
> > > VirtualHost entry:
> > >
> > > <VirtualHost 216.205.7.165:443>
> > > ServerAlias shop.clarkstradingpost.com
> > > DocumentRoot /home/sites/site3/web
> > > SSLEngine on
> > > SSLCertificateFile /etc/httpd/conf/ssl.crt/clarkstradingpost.crt
> > > SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
> > > </VirtualHost>
> > >
> > > Yes, I know this is contrary to the instructions - but when I did it as
> > > instructed, httpsd complained that the machine name was bogus because
> > > there was no reverse entry (I have since added that entry to the RaQ's
> > > DNS table, as well).
> > >
> > > One other strangeness:  upon following the instructions, I got a syntax
> > > error on line 1086 (or somewhere close) of the httpsd.conf file when I
> > > ran the restart - that line of the file was pointing at server.crt
> > > which, of course, was no longer there.  I commented this line out, since
> > > the file shouldn't be there, and should in fact be overridden by the
> > > .crt file in the VirtualHost section.  The restart parsed the .conf file
> > > fine, but I'm wondering if there should be a test cert in there for good
> > measure.
> > >
> > > Finally, running:
> > > # ps uax | grep httpsd
> > >
> > > gets me a whole lotta nothin', except for the command itself.  So
> > > something's not going right when the httpsd starts up, but I'll be
> > > darned if I can figure it out.
> > >
> > >
> > > 2. Once I get the httpsd happy, then I have to make it run with PHP,
> > > since the store that I've developed is written EXCLUSIVELY in
> > > php3/mySQL.  Yes, I know Cobalt doesn't (officially) support this, but
> > > I'm hoping I'm not the first person who ever wanted to do PHP-based
> > > eCommerce on a RaQ2.  The PHP3 that's running on the server now is the
> > > .rpm provided in cobalt's /experimental directory on their ftp server
> > (3.0.7).
> > >
> > > My guess here is that, since PHP is running as a module, there won't be
> > > any recompiling to do - just file copying to put the files where they
> > > belong.  But I'm sufficiently unfamiliar with the installation process
> > > (hey - it was an RPM - gimme a break!), that I'm afraid I'm a bit lost,
> > > even as to where to begin...
> > >
> > > Thanks in advance.
> > >
> > > -Kevin
> > >
> > > P.S.  My apologies if this has been asked and answered already - I
> > > couldn't find any way to search the list archives at cobalt's site.  If
> > > anybody's set up a search of those archives, could you please pass that
> > > URL along, so I can go there before I bug the list next time?  Thanks.
> > >
> > >
> > > --
> > > Kevin Murphy
> > > Director of Technology
> > >
> > > Glen Group
> > > Marketing and Advertising Design
> > > P.O. Box 2838, 170 Kearsarge Street
> > > North Conway, New Hampshire 03860
> > > http://www.glengroup.com
> > >
> > > Voice: 603-356-3030 . FAX: 603-356-3991
> > >
> > > _______________________________________________
> > > cobalt-users mailing list
> > > cobalt-users@xxxxxxxxxxxxxxx
> > > To Subscribe or Unsubscribe, please go to:
> > > http://list.cobalt.com/mailman/listinfo/cobalt-users
> > >
> >
> > _______________________________________________
> > cobalt-users mailing list
> > cobalt-users@xxxxxxxxxxxxxxx
> > To Subscribe or Unsubscribe, please go to:
> > http://list.cobalt.com/mailman/listinfo/cobalt-users
> 
> --
> Kevin Murphy
> Director of Technology
> 
> Glen Group
> Marketing and Advertising Design
> P.O. Box 2838, 170 Kearsarge Street
> North Conway, New Hampshire 03860
> http://www.glengroup.com
> 
> Voice: 603-356-3030 ? FAX: 603-356-3991
> 
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users

-- 
Kevin Murphy
Director of Technology

Glen Group
Marketing and Advertising Design
P.O. Box 2838, 170 Kearsarge Street
North Conway, New Hampshire 03860
http://www.glengroup.com

Voice: 603-356-3030 ? FAX: 603-356-3991
References:
- [cobalt-users] SSL and PHP3
  - From: Kevin Murphy
- Re: [cobalt-users] SSL and PHP3
  - From: Robert Davis
- Re: [cobalt-users] SSL and PHP3
  - From: Kevin Murphy
Prev by Date: Re: [cobalt-users] SSL problem in RaQ3 GUI - bug?? UPDATE!
Next by Date: Re: [cobalt-users] Qube2 Mailing Lists
Previous by thread: Re: [cobalt-users] SSL and PHP3
Next by thread: [cobalt-users] Restarting apache
Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index