Apache Friends Support Forum

Hello everyone,

I'm new here and i'd like to say thank you for all the help you can give

First of all i've searched for any topic related to my issue but i couldn't find anything...

So, I'll try to explain this matter:

I'm new in this world of apache and web servers and right now my job depend on solving this... n.n
I was asked to make that all incoming connections to our website get ciphered to HTTPS. At this moment we're working with a plataform called MantisBT and this works only on HTTP. (i think mantis was thought only for local use)
I've surffed the web trying to find were to start at least... but it's a little too complicated for me.
I'll show you what i've done so far:

Using this as a guide (http://www.mulesoft.com/tomcat-ssl) i modified --->server.xml
and created a certificate

<!-- Define a SSL HTTP/1.1 Connector on port 8443

This connector uses the JSSE configuration, when using APR, the

connector should be using the OpenSSL style configuration

described in the APR documentation -->

<!--

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"

maxThreads="150" scheme="https" secure="true"

clientAuth="false" sslProtocol="TLS"/>

-->

and then added this modifications:

<Connector port="8443" maxThreads="150" scheme="https" secure="true" SSLEnabled="true" keystoreFile="path/to/your/keystore" keystorePass="YourKeystorePassword" clientAuth="false" keyAlias="yourAlias" sslProtocol="TLS"/>

then i restart apache service and nothing happens. all connections keep using HTTP.
I'm really confused...
I really hope you can give me a hand with this.

Thank you all!

Ummm.... anyone? Please?

What is using http vs. https? Are you redirecting to https?

If it is a URL request, https uses 443. You will need to specify non-standard port if using port listed.

Thanks for your time.

Yes. What i want to do is all url requests to my website cipher to https. I mean, http://xxxxxx = work, https://same xxxx = no work
I've already redirected listening ports. Whenever I type the URL direction using https:// always the result is SSL error connection
Please give me a hint or something. What files to edit o whatever


Thank you again JJ

So redirecting https listening port to 8443? What happens if you try using https://xxxx:8443 ?

I think i get it all wrong---
searching internet i found about ssl certificates. that's what cipher your URL connections and gives you this famous https://

i've signed up to startssl and got these certificates. So i need to edit httpd.conf or ssl.conf file to put this?

<VirtualHost _default_:443>
DocumentRoot /home/httpd/private
ErrorLog /usr/local/apache/logs/error_log
TransferLog /usr/local/apache/logs/access_log
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

SSLCertificateFile /usr/local/apache/conf/ssl.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key
SSLCertificateChainFile /usr/local/apache/conf/sub.class1.server.ca.pem
SSLCACertificateFile /usr/local/apache/conf/ca.pem
CustomLog /usr/local/apache/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

i tried editing httpd.conf and apache wont start. Any ideas?

Thanks for your time

erodriguez wrote:Any ideas?

Of course - see error.log and show us the content of the error.log. Thats a billion times more precisely than "wont start".