From owner-freebsd-questions Tue May 21 8:17: 8 2002 Delivered-To: freebsd-questions@freebsd.org Received: from pcwin002.win.tue.nl (pcwin002.win.tue.nl [131.155.71.72]) by hub.freebsd.org (Postfix) with ESMTP id 00A9437B409 for ; Tue, 21 May 2002 08:16:40 -0700 (PDT) Received: from pcwin002.win.tue.nl (orb_rules@localhost [127.0.0.1]) by pcwin002.win.tue.nl (8.12.3/8.12.2) with ESMTP id g4LFGdD0009759; Tue, 21 May 2002 17:16:39 +0200 (CEST) (envelope-from stijn@pcwin002.win.tue.nl) Received: (from stijn@localhost) by pcwin002.win.tue.nl (8.12.3/8.12.3/Submit) id g4LFGdtr009758; Tue, 21 May 2002 17:16:39 +0200 (CEST) Date: Tue, 21 May 2002 17:16:39 +0200 From: Stijn Hoop To: George Patterson Cc: freebsd-questions@freebsd.org Subject: Re: apache2 + SSL Message-ID: <20020521171639.I98647@pcwin002.win.tue.nl> References: <20020521164645.H98647@pcwin002.win.tue.nl> <20020522003713.6fcaf5c9.george@visp.com.au> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="zq44+AAfm4giZpo5" Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020522003713.6fcaf5c9.george@visp.com.au>; from george@visp.com.au on Wed, May 22, 2002 at 12:37:13AM +0930 X-Bright-Idea: Let's abolish HTML mail! Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --zq44+AAfm4giZpo5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, May 22, 2002 at 12:37:13AM +0930, George Patterson wrote: > On Tue, 21 May 2002 16:46:45 +0200 > Stijn Hoop wrote: > > Hi, > >=20 > > is anyone able to use the apache2 port with SSL certificates? > >=20 > > I made myself a self-signed server certificate using the instructions a= t: > >=20 > > http://httpd.apache.org/docs-2.0/ssl/ssl_faq.html#cert-real > > http://httpd.apache.org/docs-2.0/ssl/ssl_faq.html#cert-ownca > >=20 > > which openssl dumps just fine. > >=20 > > I can also do 'apachectl configtest' which returns no errors. > > After a 'apachectl startssl' sockstat also shows various httpd processes > > listening on both :80 & :443. > >=20 > > Connections to port 80 are OK, but connections to port :443 are dropped > > by the server, with something like the following in the log files: > >=20 > > 127.0.0.1 - - [21/May/2002:16:41:10 +0200] "<80>F^A^C" 501 729 "-" "-" > > [Tue May 21 16:41:10 2002] [error] [client 127.0.0.1] Invalid method in > > request <80>F`b > >=20 > > My mozilla also doesn't warn me about anything, it just refuses to load > > the page... > >=20 > > Did I do something wrong? More info available on request. > >=20 > > --Stijn > >=20 > > --=20 > > What would this sentence be like if it weren't self-referential? > >=20 > Stiji, ^ n :) > What version of mozilla are you using?? the earlier versions didn't > support secure http (http). Have you tried a another borwser such as > netscape or opera?? I'm using mozilla-1.0rc2_1,1 (up to date from the ports collection). It can connect to https://www.verisign.com/ just fine, so I don't assume it's the browser. I haven tried another one yet, but a preliminary tcpdump seems to contain a string like '