Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Learning every day' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Learning every day
Authored by: TheSpoonman on Dec 01, '04 11:26:24AM

See, when my friends said to me, "Why would you buy a Mac? You're already seriously guru-istic in both Windows AND Linux! Why bother?", I'd answer: "'Cause real geeks never stop learnin'!"

This is an excellently written article, and looks so much more complete and thorough than the Apache-SSL Howtos I've seen for Linux. They're so poorly written that I gave up trying to get SSL working on Apache fairly quickly. It wasn't something I REALLY needed, just something to play with. With your article, I saw three points where I made mistakes immediately.

Nicely done and thanks!

---
Answering the age-old question: which is more painful, going to work or gouging your eye out with a spoon?
www.workorspoon.com



[ Reply to This | # ]
Learning every day
Authored by: legacyb4 on Dec 01, '04 12:12:10PM

Thanks.

The biggest problem I had found with the Linux-based tutorials was that none of them were written with the OS X file hierarchy in mind. Sure, you can delve into the dark hidden corners of the /folder structure, but I wanted to put things in context with /Users/username as much as possible so that a year from now, you can go back and easily figure out what was done.

Out of curiosity, what points did you get wrong?

Cheers.



[ Reply to This | # ]
Learning every day
Authored by: TheSpoonman on Dec 01, '04 03:14:05PM

Um, offhand, the biggest problems were the creation of a cert authority and/or self-signing the cert. Also, the removal of the password from the cert. The howtos made this look a ton more complex than you did. I didn't feel like bothering with that much work for a minor pet project.

I'm going to use this tonight to see if I can get it working on my Linux box. I still use Apache, but primarily as a reverse-proxy to my internal network. I'm using SSL_Proxy to encrypt packets, but would prefer to just use Apache and be done with it. SSL_Proxy was setup in 5 minutes (including download and compile time), this makes it look like Apache should be as quick!

---
Answering the age-old question: which is more painful, going to work or gouging your eye out with a spoon?
www.workorspoon.com



[ Reply to This | # ]
Learning every day
Authored by: neill on Mar 26, '05 07:11:22PM

I tried to follow this hint and once I was done and I restarted apache via sudo apachectl graceful I got the following error:

configuration broken, ignoring restart
/usr/sbin/apachectl graceful: (run 'apachectl configtest' for details)

Running configtest gives the following:

Processing config directory: /private/etc/httpd/users/*.conf
Processing config file: /private/etc/httpd/users/laubennd.conf
Processing config file: /private/etc/httpd/users/neil.conf
Processing config file: /private/etc/httpd/users/neill2.conf
Processing config file: /private/etc/httpd/users/ssl.conf
Syntax error on line 15 of /private/etc/httpd/users/ssl.conf:
SSLCipherSuite takes one argument, Colon-delimited list of permitted SSL Ciphers (`XXX:...:XXX' - see manual)

which tells me t hat the SSLCipherSuite is incorrect . . . I've double checked that I copied/pasted it exactly as in the hint.

Any ideas why it isn't working right?



[ Reply to This | # ]
Learning every day
Authored by: artntek on Dec 01, '04 12:24:05PM
Good hint - nice & clear. In case anyone needs another set of insructions, the one I used when setting up ssl was this one :

http://developer.apple.com/internet/serverside/modssl.html

which was also pretty clear and easy to follow (although providing this alternative reminds me of the old adage, about someone who has 2 clocks never knowing the exact time... :-)

cheers

m

[ Reply to This | # ]