Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: crazybob on July 19, 2010, 04:34:39 AM
-
I am using sme 7.5
I need to add the value SSLCACertificateFile to my httpd.conf.
I have added a custom template 35SSL10SSLCACertificateFile to /etc/e-smith/templates-custom/httpd/conf/httpd.conf
I have modified the code in the template
{
my $cafile = $modSSL{SSLCACertificateFile}
or return "# modSSL{SSLCACertificateFile} not set";
$OUT = "SSLCACertificateFile $cafile";
}
and saved it.
I issue config setprop modSSL cafile /home/e-smith/ssl.crt/ca.pemthen expand-template /etc/httpd/conf/httpd.conf
but httpd.conf does not change
Not sure what I am missing
TIA
Bob
-
I am using sme 7.5
I need to add the value SSLCACertificateFile to my httpd.conf.
Why? My understanding is that you would only use a SSLCACertificateFile directive if you had clients authenticating themselves to the webserver using SSL client certificates.
I issue config setprop modSSL cafile /home/e-smith/ssl.crt/ca.pemthen expand-template /etc/httpd/conf/httpd.conf
but httpd.conf does not change
Not sure what I am missing
You did:
config setprop modSSL cafile /home/e-smith/ssl.crt/ca.pem
You need to do:
config setprop modSSL SSLCACertificateFile /home/e-smith/ssl.crt/ca.pem
The name of the new property you have created is 'SSLCACertificateFile' and not 'cafile'. Within a template, $modSSL{SSLCACertificateFile} refers to the SSLCACertificateFile property of the modSSL record in the configuration database.
if you do this, I would recommend that you use a more specific filename than ca.pem. But as stated, I don't think you need this.
-
Thank you Charlie, that worked. I had tried it the way you said once, but it did not work. Oh well.
The reason I am using the ca.pem is the ssl cert provider said I should. I am doing this as a way to provide ssl for a couple of my virtual domains.
Things seemed to work properly without the ca.pem, but again following directions of the cert provider.
Bob