Are you wanting SSL on every directory for this HTTP configuration? It
appears to me that you have specified that nothing is to be included in teh
virtual host pointing to port 443.

Tell you what....here's my HTTP Config...maybe this will make it easier for
you.  I am allowing full access to the /www/magnus/htdocs directory, and
then SSL only access to the directories: /www/magnus/maint  and
/www/magnus/images

 ====================================================================
LoadModule ibm_ssl_module /QSYS.LIB/QHTTPSVR.LIB/QZSRVSSL.SRVPGM
Listen *:80
Listen *:443
DocumentRoot /www/magnus/htdocs
ServerRoot /www/magnus
Options -ExecCGI -FollowSymLinks -SymLinksIfOwnerMatch -Includes -IncludesNo
Exec -Indexes -MultiViews
NameVirtualHost 192.168.254.106:443
DirectoryIndex index.htm
AlwaysDirectoryIndex Off
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
LogFormat "%{Cookie}n \"%r\" %t" cookie
LogFormat "%{User-agent}i" agent
LogFormat "%{Referer}i -> %U" referer
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog logs/access_log combined
SetEnvIf "User-Agent" "Mozilla/2" nokeepalive
SetEnvIf "User-Agent" "JDK/1\.0" force-response-1.0
SetEnvIf "User-Agent" "Java/1\.0" force-response-1.0
SetEnvIf "User-Agent" "RealPlayer 4\.0" force-response-1.0
SetEnvIf "User-Agent" "MSIE 4\.0b2;" nokeepalive
SetEnvIf "User-Agent" "MSIE 4\.0b2;" force-response-1.0
ScriptAlias /cgi-bin/ /QSYS.LIB/CGIPGMS.LIB/
<Directory />
   Order Deny,Allow
   Deny From all
</Directory>
<Directory /www/magnus/htdocs>
   Order Allow,Deny
   Allow From all
</Directory>
<VirtualHost 192.168.254.106:443>
   ServerName MULTICOURT.www.zzz.com
   DocumentRoot /www/magnus/htdocs
   SSLEnable
   SSLAppName QIBM_HTTP_SERVER_MAGNUS
   <Directory /QSYS.LIB/SOCKETS.LIB>
     Options +ExecCGI
     SetHandler cgi-script
     order allow,deny
     allow from all
    </Directory>
   <Directory /www/magnus/maint>
      Order Allow,Deny
      Allow From all
   </Directory>
   <Directory /www/magnus/images>
      Order Allow,Deny
      Allow From all
   </Directory>

</VirtualHost>

===============================================



Shannon O'Donnell


----- Original Message ----- 
From: "Steve McKay" <steve.mckay@xxxxxxxxxxxxxx>
To: <web400@xxxxxxxxxxxx>
Sent: Thursday, October 23, 2003 1:56 PM
Subject: [WEB400] Re: SSL error codes


> Shannon -
>
> You are a brave man!  Here 'tis . . .
>
> Display Configuration File
>       HTTP server:     WEBTEST
>       Selected file:     /www/webtest/conf/httpd.conf
>
>         1     LoadModule ibm_ssl_module
> /QSYS.LIB/QHTTPSVR.LIB/QZSRVSSL.SRVPGM
>         2     DirectoryIndex index.shtml
>         3     ServerName WEBTEST.STCORP.COM
>         4     Listen 10.10.18.26:80
>         5     Listen 10.10.18.26:5454
>         6     Listen 10.10.18.26:443
>         7     UseCanonicalName Off
>         8     LogLevel debug
>         9     ServerSignature Email
>         10     CGIConvMode %%MIXED/MIXED%%
>         11     MaxPersistentCGI 1000
>         12     PersistentCGITimeout 900
>         13     ScriptAlias /cgi-bin/
> /QSYS.LIB/QHTTPSVR.LIB/DB2WWW.PGM/www/webtest/scripts/
>         14     ScriptAlias /runcgi/ /QSYS.LIB/PERLDIST.LIB/
>         15     ScriptAlias /wascfg/ /QSYS.LIB/XL_WEBSPT.LIB/
>         16     ScriptAliasMatch ^/(.*)\.pgm$ /QSYS.LIB/CGITEST.LIB/$1.pgm
>         17     Alias / /www/webtest/
>         18     DocumentRoot /www/webtest/
>         19     DefaultLanguage en
>         20     LanguagePriority en
>         21     Options +Indexes
>         22     CookieName webtestcookie
>         23     CookieExpires "1 years"
>          Value "1 years" is not a valid integer.
>         24     AddType text/html .shtml
>         25     AddType application/pdf .pdf
>         26     LogFormat "%t %a %U %s %f" Common
>         27     LogFormat "%{cookie}n %r %t" webtestcookie
>         28     LogFormat DDS
>         29     CustomLog /www/webtest/logs/webtestcookie webtestcookie
>         30     CustomLog /www/webtest/logs/activity combined
>         31     ErrorLog /www/webtest/logs/error.log
>         32     SSLEnable
>         33     SSLAppName QIBM_HTTP_SERVER_WEBTEST
>         34     SetEnv HTTPS_PORT 443
>         35     <FilesMatch "\.shtml(\..+)?$">
>         36         SetOutputFilter INCLUDES
>       37     </FilesMatch>
>         38     <Directory />
>         39          Order deny,allow
>         40          Require valid-user
>         41          UseCanonicalName Off
>         42          HostNameLookups Off
>         43         Options +Includes
>         44         SetOutputFilter INCLUDES
>         45          ProfileToken off
>         46          AuthType Basic
>         47          AuthName "HR WebTest"
>         48          PasswdFile QUSRSYS/WEBTEST
>       49     </Directory>
>         50     <Directory /QSYS.LIB/XL_WEBSPT.LIB>
>         51         order allow,deny
>         52         allow from all
>         53          Options +ExecCGI +Includes
>         54          UseCanonicalName Off
>         55          HostNameLookups Off
>       56     </Directory>
>         57     <Directory /QSYS.LIB/PERLDIST.LIB>
>         58         order allow,deny
>         59         allow from all
>         60          Options +ExecCGI +Includes
>         61          UseCanonicalName Off
>         62          HostNameLookups Off
>       63     </Directory>
>         64     <Directory /www/webtest>
>         65          UseCanonicalName Off
>         66          HostNameLookups Off
>         67          SetOutputFilter INCLUDES
>         68          Options +Includes
>         69          Options +ExecCGI
>         70          ProfileToken off
>         71         AuthType Basic
>         72          AuthName "HR Web Testing"
>         73          order deny,allow
>         74          allow from all
>         75          require valid-user
>         76          CGIConvMode %%EBCDIC/MIXED%%
>         77          RedirectMatch temp (.*)\.pgm$
> http://10.10.18.26/cgitest.lib/$1.pgm
>         78          UserID %%SERVER%%
>         79          PasswdFile QUSRSYS/WEBTEST
>       80     </Directory>
>         81     <Directory /www/webtest/scripts/>
>         82          UseCanonicalName Off
>         83          HostNameLookups Off
>         84          SetOutputFilter INCLUDES
>         85          Options +IncludesNOEXEC
>         86          allow from all
>         87          order allow,deny
>       88     </Directory>
>         89     <Directory /QSYS.LIB/QHTTPSVR.LIB/>
>         90          Options +ExecCGI +IncludesNOEXEC
>         91          UseCanonicalName Off
>         92          HostNameLookups Off
>         93         SetOutputFilter INCLUDES
>         94          order allow,deny
>         95          allow from all
>       96     </Directory>
>         97     <Directory /QSYS.LIB/CGITEST.LIB/>
>         98          Order Deny,Allow
>         99          Allow From all
>       100     </Directory>
>         101     <VirtualHost *:443>
>       102     </VirtualHost>
>         103     <VirtualHost 10.10.18.26:443>
>         104          ServerName webtest.stcorp.com
>         105          DocumentRoot /www/webtest
>       106     </VirtualHost>
>
>
> "Shannon O'Donnell" <sodonnell@xxxxxxxxxxxxxxx>
> wrote in message news:011901c3998f$5866efe0$2bfea8c0@xxxxxxxxxxx
> > Steve,
> >
> > Post your HTTP Configuration file here.   Let me take a look. I've just
> > spent quite a bit of time screwing around with SSL on V5R2.
> >
> >
> > Shannon O'Donnell
> >
> >
> > ----- Original Message -----
> > From: "Steve McKay" <steve.mckay@xxxxxxxxxxxxxx>
> > To: <web400@xxxxxxxxxxxx>
> > Sent: Thursday, October 23, 2003 12:50 PM
> > Subject: [WEB400] SSL error codes
> >
> >
> > > List -
> > >
> > > I'm trying to turn on SSL on our Apache HTTP server (V5R2).  I have
> > created
> > > a Certificate Store and certificates and have added the certificate
> > created
> > > to my browser.  When I attempt to connect to the website using HTTPS,
I
> am
> > > getting no response and am getting SSL errors in the Apache error log
as
> > > follows:
> > >
> > > ZSRV_MSG0216: Error occurred during SSL processing, error = 406.
> > > ZSRV_MSG0252: SSL initialization operation failed, return code error =
> > 3426
> > >
> > > Where can I find out what these error codes mean?
> > >
> > > Also, this particular website is protected by an validation list which
> > > prompts for username and password.  This is working correctly when
using
> > SSL
> > > but there is no subsequent page displayed.  If I turn off SSL, I still
> get
> > > challenged for name/password followed by the expected page.
> > >
> > > TIA,
> > >
> > > Steve
> > >
> > >
> > >
> > > _______________________________________________
> > > This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
> > > To post a message email: WEB400@xxxxxxxxxxxx
> > > To subscribe, unsubscribe, or change list options,
> > > visit: http://lists.midrange.com/mailman/listinfo/web400
> > > or email: WEB400-request@xxxxxxxxxxxx
> > > Before posting, please take a moment to review the archives
> > > at http://archive.midrange.com/web400.
> > >
> > >
> > >
> > >
> >
> >
> > _______________________________________________
> > This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
> > To post a message email: WEB400@xxxxxxxxxxxx
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/mailman/listinfo/web400
> > or email: WEB400-request@xxxxxxxxxxxx
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/web400.
> >
> >
>
>
>
> _______________________________________________
> This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
> To post a message email: WEB400@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/web400
> or email: WEB400-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/web400.
>
>
>
>



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.