|
Shannon, Sean, Brad, et al - I added the virtual host (correctly) and changed the config to listen on 443 only and all is (apparently) well. Many thanks for your help. Steve "Shannon O'Donnell" <sodonnell@xxxxxxxxxxxxxxx> wrote in message news:002501c3999a$3ee64ec0$2bfea8c0@xxxxxxxxxxx > Are you wanting SSL on every directory for this HTTP configuration? It > appears to me that you have specified that nothing is to be included in teh > virtual host pointing to port 443. > > Tell you what....here's my HTTP Config...maybe this will make it easier for > you. I am allowing full access to the /www/magnus/htdocs directory, and > then SSL only access to the directories: /www/magnus/maint and > /www/magnus/images > > ==================================================================== > LoadModule ibm_ssl_module /QSYS.LIB/QHTTPSVR.LIB/QZSRVSSL.SRVPGM > Listen *:80 > Listen *:443 > DocumentRoot /www/magnus/htdocs > ServerRoot /www/magnus > Options -ExecCGI -FollowSymLinks -SymLinksIfOwnerMatch -Includes -IncludesNo > Exec -Indexes -MultiViews > NameVirtualHost 192.168.254.106:443 > DirectoryIndex index.htm > AlwaysDirectoryIndex Off > LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" > combined > LogFormat "%{Cookie}n \"%r\" %t" cookie > LogFormat "%{User-agent}i" agent > LogFormat "%{Referer}i -> %U" referer > LogFormat "%h %l %u %t \"%r\" %>s %b" common > CustomLog logs/access_log combined > SetEnvIf "User-Agent" "Mozilla/2" nokeepalive > SetEnvIf "User-Agent" "JDK/1\.0" force-response-1.0 > SetEnvIf "User-Agent" "Java/1\.0" force-response-1.0 > SetEnvIf "User-Agent" "RealPlayer 4\.0" force-response-1.0 > SetEnvIf "User-Agent" "MSIE 4\.0b2;" nokeepalive > SetEnvIf "User-Agent" "MSIE 4\.0b2;" force-response-1.0 > ScriptAlias /cgi-bin/ /QSYS.LIB/CGIPGMS.LIB/ > <Directory /> > Order Deny,Allow > Deny From all > </Directory> > <Directory /www/magnus/htdocs> > Order Allow,Deny > Allow From all > </Directory> > <VirtualHost 192.168.254.106:443> > ServerName MULTICOURT.www.zzz.com > DocumentRoot /www/magnus/htdocs > SSLEnable > SSLAppName QIBM_HTTP_SERVER_MAGNUS > <Directory /QSYS.LIB/SOCKETS.LIB> > Options +ExecCGI > SetHandler cgi-script > order allow,deny > allow from all > </Directory> > <Directory /www/magnus/maint> > Order Allow,Deny > Allow From all > </Directory> > <Directory /www/magnus/images> > Order Allow,Deny > Allow From all > </Directory> > > </VirtualHost> > > =============================================== > > > > Shannon O'Donnell > > > ----- Original Message ----- > From: "Steve McKay" <steve.mckay@xxxxxxxxxxxxxx> > To: <web400@xxxxxxxxxxxx> > Sent: Thursday, October 23, 2003 1:56 PM > Subject: [WEB400] Re: SSL error codes > > > > Shannon - > > > > You are a brave man! Here 'tis . . . > > > > Display Configuration File > > HTTP server: WEBTEST > > Selected file: /www/webtest/conf/httpd.conf > > > > 1 LoadModule ibm_ssl_module > > /QSYS.LIB/QHTTPSVR.LIB/QZSRVSSL.SRVPGM > > 2 DirectoryIndex index.shtml > > 3 ServerName WEBTEST.STCORP.COM > > 4 Listen 10.10.18.26:80 > > 5 Listen 10.10.18.26:5454 > > 6 Listen 10.10.18.26:443 > > 7 UseCanonicalName Off > > 8 LogLevel debug > > 9 ServerSignature Email > > 10 CGIConvMode %%MIXED/MIXED%% > > 11 MaxPersistentCGI 1000 > > 12 PersistentCGITimeout 900 > > 13 ScriptAlias /cgi-bin/ > > /QSYS.LIB/QHTTPSVR.LIB/DB2WWW.PGM/www/webtest/scripts/ > > 14 ScriptAlias /runcgi/ /QSYS.LIB/PERLDIST.LIB/ > > 15 ScriptAlias /wascfg/ /QSYS.LIB/XL_WEBSPT.LIB/ > > 16 ScriptAliasMatch ^/(.*)\.pgm$ /QSYS.LIB/CGITEST.LIB/$1.pgm > > 17 Alias / /www/webtest/ > > 18 DocumentRoot /www/webtest/ > > 19 DefaultLanguage en > > 20 LanguagePriority en > > 21 Options +Indexes > > 22 CookieName webtestcookie > > 23 CookieExpires "1 years" > > Value "1 years" is not a valid integer. > > 24 AddType text/html .shtml > > 25 AddType application/pdf .pdf > > 26 LogFormat "%t %a %U %s %f" Common > > 27 LogFormat "%{cookie}n %r %t" webtestcookie > > 28 LogFormat DDS > > 29 CustomLog /www/webtest/logs/webtestcookie webtestcookie > > 30 CustomLog /www/webtest/logs/activity combined > > 31 ErrorLog /www/webtest/logs/error.log > > 32 SSLEnable > > 33 SSLAppName QIBM_HTTP_SERVER_WEBTEST > > 34 SetEnv HTTPS_PORT 443 > > 35 <FilesMatch "\.shtml(\..+)?$"> > > 36 SetOutputFilter INCLUDES > > 37 </FilesMatch> > > 38 <Directory /> > > 39 Order deny,allow > > 40 Require valid-user > > 41 UseCanonicalName Off > > 42 HostNameLookups Off > > 43 Options +Includes > > 44 SetOutputFilter INCLUDES > > 45 ProfileToken off > > 46 AuthType Basic > > 47 AuthName "HR WebTest" > > 48 PasswdFile QUSRSYS/WEBTEST > > 49 </Directory> > > 50 <Directory /QSYS.LIB/XL_WEBSPT.LIB> > > 51 order allow,deny > > 52 allow from all > > 53 Options +ExecCGI +Includes > > 54 UseCanonicalName Off > > 55 HostNameLookups Off > > 56 </Directory> > > 57 <Directory /QSYS.LIB/PERLDIST.LIB> > > 58 order allow,deny > > 59 allow from all > > 60 Options +ExecCGI +Includes > > 61 UseCanonicalName Off > > 62 HostNameLookups Off > > 63 </Directory> > > 64 <Directory /www/webtest> > > 65 UseCanonicalName Off > > 66 HostNameLookups Off > > 67 SetOutputFilter INCLUDES > > 68 Options +Includes > > 69 Options +ExecCGI > > 70 ProfileToken off > > 71 AuthType Basic > > 72 AuthName "HR Web Testing" > > 73 order deny,allow > > 74 allow from all > > 75 require valid-user > > 76 CGIConvMode %%EBCDIC/MIXED%% > > 77 RedirectMatch temp (.*)\.pgm$ > > http://10.10.18.26/cgitest.lib/$1.pgm > > 78 UserID %%SERVER%% > > 79 PasswdFile QUSRSYS/WEBTEST > > 80 </Directory> > > 81 <Directory /www/webtest/scripts/> > > 82 UseCanonicalName Off > > 83 HostNameLookups Off > > 84 SetOutputFilter INCLUDES > > 85 Options +IncludesNOEXEC > > 86 allow from all > > 87 order allow,deny > > 88 </Directory> > > 89 <Directory /QSYS.LIB/QHTTPSVR.LIB/> > > 90 Options +ExecCGI +IncludesNOEXEC > > 91 UseCanonicalName Off > > 92 HostNameLookups Off > > 93 SetOutputFilter INCLUDES > > 94 order allow,deny > > 95 allow from all > > 96 </Directory> > > 97 <Directory /QSYS.LIB/CGITEST.LIB/> > > 98 Order Deny,Allow > > 99 Allow From all > > 100 </Directory> > > 101 <VirtualHost *:443> > > 102 </VirtualHost> > > 103 <VirtualHost 10.10.18.26:443> > > 104 ServerName webtest.stcorp.com > > 105 DocumentRoot /www/webtest > > 106 </VirtualHost> > > > > > > "Shannon O'Donnell" <sodonnell@xxxxxxxxxxxxxxx> > > wrote in message news:011901c3998f$5866efe0$2bfea8c0@xxxxxxxxxxx > > > Steve, > > > > > > Post your HTTP Configuration file here. Let me take a look. I've just > > > spent quite a bit of time screwing around with SSL on V5R2. > > > > > > > > > Shannon O'Donnell > > > > > > > > > ----- Original Message ----- > > > From: "Steve McKay" <steve.mckay@xxxxxxxxxxxxxx> > > > To: <web400@xxxxxxxxxxxx> > > > Sent: Thursday, October 23, 2003 12:50 PM > > > Subject: [WEB400] SSL error codes > > > > > > > > > > List - > > > > > > > > I'm trying to turn on SSL on our Apache HTTP server (V5R2). I have > > > created > > > > a Certificate Store and certificates and have added the certificate > > > created > > > > to my browser. When I attempt to connect to the website using HTTPS, > I > > am > > > > getting no response and am getting SSL errors in the Apache error log > as > > > > follows: > > > > > > > > ZSRV_MSG0216: Error occurred during SSL processing, error = 406. > > > > ZSRV_MSG0252: SSL initialization operation failed, return code error = > > > 3426 > > > > > > > > Where can I find out what these error codes mean? > > > > > > > > Also, this particular website is protected by an validation list which > > > > prompts for username and password. This is working correctly when > using > > > SSL > > > > but there is no subsequent page displayed. If I turn off SSL, I still > > get > > > > challenged for name/password followed by the expected page. > > > > > > > > TIA, > > > > > > > > Steve > > > > > > > > > > > > > > > > _______________________________________________ > > > > This is the Web Enabling the AS400 / iSeries (WEB400) mailing list > > > > To post a message email: WEB400@xxxxxxxxxxxx > > > > To subscribe, unsubscribe, or change list options, > > > > visit: http://lists.midrange.com/mailman/listinfo/web400 > > > > or email: WEB400-request@xxxxxxxxxxxx > > > > Before posting, please take a moment to review the archives > > > > at http://archive.midrange.com/web400. > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > This is the Web Enabling the AS400 / iSeries (WEB400) mailing list > > > To post a message email: WEB400@xxxxxxxxxxxx > > > To subscribe, unsubscribe, or change list options, > > > visit: http://lists.midrange.com/mailman/listinfo/web400 > > > or email: WEB400-request@xxxxxxxxxxxx > > > Before posting, please take a moment to review the archives > > > at http://archive.midrange.com/web400. > > > > > > > > > > > > > > _______________________________________________ > > This is the Web Enabling the AS400 / iSeries (WEB400) mailing list > > To post a message email: WEB400@xxxxxxxxxxxx > > To subscribe, unsubscribe, or change list options, > > visit: http://lists.midrange.com/mailman/listinfo/web400 > > or email: WEB400-request@xxxxxxxxxxxx > > Before posting, please take a moment to review the archives > > at http://archive.midrange.com/web400. > > > > > > > > > > > _______________________________________________ > This is the Web Enabling the AS400 / iSeries (WEB400) mailing list > To post a message email: WEB400@xxxxxxxxxxxx > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/mailman/listinfo/web400 > or email: WEB400-request@xxxxxxxxxxxx > Before posting, please take a moment to review the archives > at http://archive.midrange.com/web400. > >
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
