Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: add modSSL value to httpd.conf
« previous next »
Pages: [1]   Go Down

add modSSL value to httpd.conf

  • 2 Replies
  • 1688 Views

Offline crazybob

  • *****
  • 894
  • +0/-0
    • Stalzer R&D
add modSSL value to httpd.conf
« on: July 19, 2010, 04:34:39 AM »
I am using sme 7.5
I need to add the value SSLCACertificateFile to my httpd.conf.

I have added a custom template 35SSL10SSLCACertificateFile to /etc/e-smith/templates-custom/httpd/conf/httpd.conf
I have modified the code in the template
Code: [Select]
{
    my $cafile = $modSSL{SSLCACertificateFile}
or return "# modSSL{SSLCACertificateFile} not set";

    $OUT = "SSLCACertificateFile $cafile";
}
and saved it.
 I issue
Code: [Select]
config setprop modSSL cafile /home/e-smith/ssl.crt/ca.pemthen
Code: [Select]
expand-template /etc/httpd/conf/httpd.conf
but httpd.conf does not change
Not sure what I am missing

TIA

Bob
Logged
If you think you know whats going on, you obviously have no idea whats going on!

Offline CharlieBrady

  • *
  • 6,918
  • +3/-0
Re: add modSSL value to httpd.conf
« Reply #1 on: July 19, 2010, 04:46:44 AM »
Quote from: crazybob on July 19, 2010, 04:34:39 AM
I am using sme 7.5
I need to add the value SSLCACertificateFile to my httpd.conf.

Why? My understanding is that you would only use a SSLCACertificateFile directive if you had clients authenticating themselves to the webserver using SSL client certificates.

Quote
I issue
Code: [Select]
config setprop modSSL cafile /home/e-smith/ssl.crt/ca.pemthen
Code: [Select]
expand-template /etc/httpd/conf/httpd.conf
but httpd.conf does not change
Not sure what I am missing

You did:

config setprop modSSL cafile /home/e-smith/ssl.crt/ca.pem

You need to do:

config setprop modSSL  SSLCACertificateFile /home/e-smith/ssl.crt/ca.pem

The name of the new property you have created is 'SSLCACertificateFile' and not 'cafile'. Within a template, $modSSL{SSLCACertificateFile} refers to the SSLCACertificateFile property of the modSSL record in the configuration database.

if you do this, I would recommend that you use a more specific filename than ca.pem. But as stated, I don't think you need this.

« Last Edit: July 19, 2010, 04:50:20 AM by CharlieBrady »
Logged

Offline crazybob

  • *****
  • 894
  • +0/-0
    • Stalzer R&D
Re: add modSSL value to httpd.conf
« Reply #2 on: July 19, 2010, 05:03:04 AM »
Thank you Charlie, that worked. I had tried it the way you said once, but it did not work. Oh well.

The reason I am using the ca.pem is the ssl cert provider said I should. I am doing this as a way to provide ssl for a couple of my virtual domains.

Things seemed to work properly without the ca.pem, but again following directions of the cert provider.

Bob
Logged
If you think you know whats going on, you obviously have no idea whats going on!
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: add modSSL value to httpd.conf