Shannon, Sean, Brad, et al -

I added the virtual host (correctly) and changed the config to listen on 443
only and all is (apparently) well.

Many thanks for your help.

Steve

"Shannon O'Donnell" <sodonnell@xxxxxxxxxxxxxxx>
wrote in message news:002501c3999a$3ee64ec0$2bfea8c0@xxxxxxxxxxx
> Are you wanting SSL on every directory for this HTTP configuration? It
> appears to me that you have specified that nothing is to be included in
teh
> virtual host pointing to port 443.
>
> Tell you what....here's my HTTP Config...maybe this will make it easier
for
> you.  I am allowing full access to the /www/magnus/htdocs directory, and
> then SSL only access to the directories: /www/magnus/maint  and
> /www/magnus/images
>
>  ====================================================================
> LoadModule ibm_ssl_module /QSYS.LIB/QHTTPSVR.LIB/QZSRVSSL.SRVPGM
> Listen *:80
> Listen *:443
> DocumentRoot /www/magnus/htdocs
> ServerRoot /www/magnus
>
Options -ExecCGI -FollowSymLinks -SymLinksIfOwnerMatch -Includes -IncludesNo
> Exec -Indexes -MultiViews
> NameVirtualHost 192.168.254.106:443
> DirectoryIndex index.htm
> AlwaysDirectoryIndex Off
> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
> combined
> LogFormat "%{Cookie}n \"%r\" %t" cookie
> LogFormat "%{User-agent}i" agent
> LogFormat "%{Referer}i -> %U" referer
> LogFormat "%h %l %u %t \"%r\" %>s %b" common
> CustomLog logs/access_log combined
> SetEnvIf "User-Agent" "Mozilla/2" nokeepalive
> SetEnvIf "User-Agent" "JDK/1\.0" force-response-1.0
> SetEnvIf "User-Agent" "Java/1\.0" force-response-1.0
> SetEnvIf "User-Agent" "RealPlayer 4\.0" force-response-1.0
> SetEnvIf "User-Agent" "MSIE 4\.0b2;" nokeepalive
> SetEnvIf "User-Agent" "MSIE 4\.0b2;" force-response-1.0
> ScriptAlias /cgi-bin/ /QSYS.LIB/CGIPGMS.LIB/
> <Directory />
>    Order Deny,Allow
>    Deny From all
> </Directory>
> <Directory /www/magnus/htdocs>
>    Order Allow,Deny
>    Allow From all
> </Directory>
> <VirtualHost 192.168.254.106:443>
>    ServerName MULTICOURT.www.zzz.com
>    DocumentRoot /www/magnus/htdocs
>    SSLEnable
>    SSLAppName QIBM_HTTP_SERVER_MAGNUS
>    <Directory /QSYS.LIB/SOCKETS.LIB>
>      Options +ExecCGI
>      SetHandler cgi-script
>      order allow,deny
>      allow from all
>     </Directory>
>    <Directory /www/magnus/maint>
>       Order Allow,Deny
>       Allow From all
>    </Directory>
>    <Directory /www/magnus/images>
>       Order Allow,Deny
>       Allow From all
>    </Directory>
>
> </VirtualHost>
>
> ===============================================
>
>
>
> Shannon O'Donnell
>
>
> ----- Original Message -----
> From: "Steve McKay" <steve.mckay@xxxxxxxxxxxxxx>
> To: <web400@xxxxxxxxxxxx>
> Sent: Thursday, October 23, 2003 1:56 PM
> Subject: [WEB400] Re: SSL error codes
>
>
> > Shannon -
> >
> > You are a brave man!  Here 'tis . . .
> >
> > Display Configuration File
> >       HTTP server:     WEBTEST
> >       Selected file:     /www/webtest/conf/httpd.conf
> >
> >         1     LoadModule ibm_ssl_module
> > /QSYS.LIB/QHTTPSVR.LIB/QZSRVSSL.SRVPGM
> >         2     DirectoryIndex index.shtml
> >         3     ServerName WEBTEST.STCORP.COM
> >         4     Listen 10.10.18.26:80
> >         5     Listen 10.10.18.26:5454
> >         6     Listen 10.10.18.26:443
> >         7     UseCanonicalName Off
> >         8     LogLevel debug
> >         9     ServerSignature Email
> >         10     CGIConvMode %%MIXED/MIXED%%
> >         11     MaxPersistentCGI 1000
> >         12     PersistentCGITimeout 900
> >         13     ScriptAlias /cgi-bin/
> > /QSYS.LIB/QHTTPSVR.LIB/DB2WWW.PGM/www/webtest/scripts/
> >         14     ScriptAlias /runcgi/ /QSYS.LIB/PERLDIST.LIB/
> >         15     ScriptAlias /wascfg/ /QSYS.LIB/XL_WEBSPT.LIB/
> >         16     ScriptAliasMatch ^/(.*)\.pgm$
/QSYS.LIB/CGITEST.LIB/$1.pgm
> >         17     Alias / /www/webtest/
> >         18     DocumentRoot /www/webtest/
> >         19     DefaultLanguage en
> >         20     LanguagePriority en
> >         21     Options +Indexes
> >         22     CookieName webtestcookie
> >         23     CookieExpires "1 years"
> >          Value "1 years" is not a valid integer.
> >         24     AddType text/html .shtml
> >         25     AddType application/pdf .pdf
> >         26     LogFormat "%t %a %U %s %f" Common
> >         27     LogFormat "%{cookie}n %r %t" webtestcookie
> >         28     LogFormat DDS
> >         29     CustomLog /www/webtest/logs/webtestcookie webtestcookie
> >         30     CustomLog /www/webtest/logs/activity combined
> >         31     ErrorLog /www/webtest/logs/error.log
> >         32     SSLEnable
> >         33     SSLAppName QIBM_HTTP_SERVER_WEBTEST
> >         34     SetEnv HTTPS_PORT 443
> >         35     <FilesMatch "\.shtml(\..+)?$">
> >         36         SetOutputFilter INCLUDES
> >       37     </FilesMatch>
> >         38     <Directory />
> >         39          Order deny,allow
> >         40          Require valid-user
> >         41          UseCanonicalName Off
> >         42          HostNameLookups Off
> >         43         Options +Includes
> >         44         SetOutputFilter INCLUDES
> >         45          ProfileToken off
> >         46          AuthType Basic
> >         47          AuthName "HR WebTest"
> >         48          PasswdFile QUSRSYS/WEBTEST
> >       49     </Directory>
> >         50     <Directory /QSYS.LIB/XL_WEBSPT.LIB>
> >         51         order allow,deny
> >         52         allow from all
> >         53          Options +ExecCGI +Includes
> >         54          UseCanonicalName Off
> >         55          HostNameLookups Off
> >       56     </Directory>
> >         57     <Directory /QSYS.LIB/PERLDIST.LIB>
> >         58         order allow,deny
> >         59         allow from all
> >         60          Options +ExecCGI +Includes
> >         61          UseCanonicalName Off
> >         62          HostNameLookups Off
> >       63     </Directory>
> >         64     <Directory /www/webtest>
> >         65          UseCanonicalName Off
> >         66          HostNameLookups Off
> >         67          SetOutputFilter INCLUDES
> >         68          Options +Includes
> >         69          Options +ExecCGI
> >         70          ProfileToken off
> >         71         AuthType Basic
> >         72          AuthName "HR Web Testing"
> >         73          order deny,allow
> >         74          allow from all
> >         75          require valid-user
> >         76          CGIConvMode %%EBCDIC/MIXED%%
> >         77          RedirectMatch temp (.*)\.pgm$
> > http://10.10.18.26/cgitest.lib/$1.pgm
> >         78          UserID %%SERVER%%
> >         79          PasswdFile QUSRSYS/WEBTEST
> >       80     </Directory>
> >         81     <Directory /www/webtest/scripts/>
> >         82          UseCanonicalName Off
> >         83          HostNameLookups Off
> >         84          SetOutputFilter INCLUDES
> >         85          Options +IncludesNOEXEC
> >         86          allow from all
> >         87          order allow,deny
> >       88     </Directory>
> >         89     <Directory /QSYS.LIB/QHTTPSVR.LIB/>
> >         90          Options +ExecCGI +IncludesNOEXEC
> >         91          UseCanonicalName Off
> >         92          HostNameLookups Off
> >         93         SetOutputFilter INCLUDES
> >         94          order allow,deny
> >         95          allow from all
> >       96     </Directory>
> >         97     <Directory /QSYS.LIB/CGITEST.LIB/>
> >         98          Order Deny,Allow
> >         99          Allow From all
> >       100     </Directory>
> >         101     <VirtualHost *:443>
> >       102     </VirtualHost>
> >         103     <VirtualHost 10.10.18.26:443>
> >         104          ServerName webtest.stcorp.com
> >         105          DocumentRoot /www/webtest
> >       106     </VirtualHost>
> >
> >
> > "Shannon O'Donnell" <sodonnell@xxxxxxxxxxxxxxx>
> > wrote in message
news:011901c3998f$5866efe0$2bfea8c0@xxxxxxxxxxx
> > > Steve,
> > >
> > > Post your HTTP Configuration file here.   Let me take a look. I've
just
> > > spent quite a bit of time screwing around with SSL on V5R2.
> > >
> > >
> > > Shannon O'Donnell
> > >
> > >
> > > ----- Original Message -----
> > > From: "Steve McKay"
<steve.mckay@xxxxxxxxxxxxxx>
> > > To: <web400@xxxxxxxxxxxx>
> > > Sent: Thursday, October 23, 2003 12:50 PM
> > > Subject: [WEB400] SSL error codes
> > >
> > >
> > > > List -
> > > >
> > > > I'm trying to turn on SSL on our Apache HTTP server (V5R2).  I have
> > > created
> > > > a Certificate Store and certificates and have added the certificate
> > > created
> > > > to my browser.  When I attempt to connect to the website using
HTTPS,
> I
> > am
> > > > getting no response and am getting SSL errors in the Apache error
log
> as
> > > > follows:
> > > >
> > > > ZSRV_MSG0216: Error occurred during SSL processing, error = 406.
> > > > ZSRV_MSG0252: SSL initialization operation failed, return code error
=
> > > 3426
> > > >
> > > > Where can I find out what these error codes mean?
> > > >
> > > > Also, this particular website is protected by an validation list
which
> > > > prompts for username and password.  This is working correctly when
> using
> > > SSL
> > > > but there is no subsequent page displayed.  If I turn off SSL, I
still
> > get
> > > > challenged for name/password followed by the expected page.
> > > >
> > > > TIA,
> > > >
> > > > Steve
> > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
> > > > To post a message email:
WEB400@xxxxxxxxxxxx
> > > > To subscribe, unsubscribe, or change list options,
> > > > visit: http://lists.midrange.com/mailman/listinfo/web400
> > > > or email: WEB400-request@xxxxxxxxxxxx
> > > > Before posting, please take a moment to review the archives
> > > > at http://archive.midrange.com/web400.
> > > >
> > > >
> > > >
> > > >
> > >
> > >
> > > _______________________________________________
> > > This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
> > > To post a message email:
WEB400@xxxxxxxxxxxx
> > > To subscribe, unsubscribe, or change list options,
> > > visit: http://lists.midrange.com/mailman/listinfo/web400
> > > or email: WEB400-request@xxxxxxxxxxxx
> > > Before posting, please take a moment to review the archives
> > > at http://archive.midrange.com/web400.
> > >
> > >
> >
> >
> >
> > _______________________________________________
> > This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
> > To post a message email: WEB400@xxxxxxxxxxxx
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/mailman/listinfo/web400
> > or email: WEB400-request@xxxxxxxxxxxx
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/web400.
> >
> >
> >
> >
>
>
> _______________________________________________
> This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
> To post a message email: WEB400@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/web400
> or email: WEB400-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/web400.
>
>




As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.