Configure SSL in httpd.conf

Portal Home > Knowledgebase > Articles Database > Configure SSL in httpd.conf

Posted by cerrie, 07-17-2013, 08:38 AM
Hi All, Could some one please help me with httpd.conf to host just one website with SSL enabled. I have 2 IPs assigned to the web server. So far I have: -- cat /etc/httpd/conf/httpd.conf Listen ip1:80 Listen ip2:443 LoadModule ssl_module modules/mod_ssl.so # NON SSL DocumentRoot /home/user/public_html ServerName hostname.domain.com ServerAlias www.domain.com # SSL DocumentRoot /home/user/public_html ServerName hostname.domain.com ServerAlias www.domain.com SSLEngine on SSLCertificateFile /etc/ssl/cert/xxx.crt SSLCertificateKeyFile /etc/ssl/certs/xxx.key SSLCACertificateFile /etc/ssl/certs/xxx.cabundle -- Also I have: -- cat /etc/hosts ip1 hostname.domain.com ip2 hostname.domain.com 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 -- But when starting httpd i get: /etc/init.d/httpd start Starting httpd: httpd: apr_sockaddr_info_get() failed for hostname.domain.com httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName (98)Address already in use: make_sock: could not bind to address [::]:443 (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443 no listening sockets available, shutting down Unable to open logs Any advice would be great. Thanks!
Posted by net, 07-17-2013, 08:43 AM
Moved > Hosting Security and Technology .
Posted by PCS-Chris, 07-17-2013, 08:46 AM
You probably already have an SSL listening IP / Namevirtualhost entry and virtualhost in /etc/httpd/conf/httpd-ssl.conf or simular depending on your distro.
Posted by cerrie, 07-17-2013, 08:54 AM
Hi, I dont see one on here. It's CentOS 6.4
Posted by PCS-Chris, 07-17-2013, 08:58 AM
May just be ssl.conf, check /etc/httpd/conf/extra Going from memory here but its there somewhere..
Posted by cerrie, 07-17-2013, 08:59 AM
All I seem to have is: ls /etc/httpd/conf/ httpd.conf magic
Posted by cerrie, 07-17-2013, 09:01 AM
ah found it: /etc/httpd/conf.d/ssl.conf will have a read
Posted by PCS-Chris, 07-17-2013, 09:02 AM
Thats the one
Posted by cerrie, 07-17-2013, 09:18 AM
Great! Added the vhost in there and now httpd starts OK but with this error: Starting httpd: httpd: apr_sockaddr_info_get() failed for hostname.domain.com httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName [ OK ] where hostname.domain.com is my hostname.. Any ideas?
Posted by cerrie, 07-17-2013, 09:21 AM
never mind! had hostname wrong in /etc/hosts duh!lol
Posted by cerrie, 07-17-2013, 09:43 AM
do you have any idea why connection to port 80 is refused but port 443 is open? iptables is off. telnet localhost 80 Trying localhost... telnet: connect to address localhost: Connection refused telnet localhost 443 Trying 7localhost... Connected to localhost. Escape character is '^]'. ^C where localhost is my IP.
Posted by cerrie, 07-17-2013, 09:45 AM
it seems 80 is not open? netstat -tulpn Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1169/mysqld tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 1208/pure-ftpd (SER tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1031/sshd tcp 0 0 :::21 :::* LISTEN 1208/pure-ftpd (SER tcp 0 0 :::22 :::* LISTEN 1031/sshd tcp 0 0 :::443 :::* LISTEN 1328/httpd
Posted by cerrie, 07-17-2013, 09:48 AM
Again never mind did not have listen :80 set to my IP in httpd.conf. it was 127. etc
Posted by cerrie, 07-17-2013, 02:11 PM
Hi again, I am now getting this error: Starting httpd: [Wed Jul 17 18:01:06 2013] [warn] _default_ VirtualHost overlap on port 443, the first has precedence I have tried every solution on Google but cannot fix this. Anyone have any advice?

Add to Favourites Print this Article

Knowledgebase

Configure SSL in httpd.conf

Our Services

Client Menu

Legal