HPE Community
Operating System - HP-UX
1832840 Members
2899 Online
110047 Solutions
New Discussion

Re: Apache web server SSL problem

 
SOLVED
Go to solution
Leon A. Howorth
Advisor

‎03-17-2002 07:21 AM

‎03-17-2002 07:21 AM

Apache web server SSL problem

Apache 1.3.19.23 on HP-UX 11.0 or 11.11 -
I have two separate instances (separate config files, etc.) of apache web server on HP-UX 11.0 (and the same setup for testing on an 11.11 system). Each web server instance uses a unique IP address and each has SSL enabled by means of a Verisign secure server certificate. I have a separate /opt/apache/bin/apachectl for startup/shutdown of each one.
-----------------
Apache web server "A":
Is started with "-DSSL" and the config file is in the default location. The ports are specified in httpd.conf as:
Listen X.Y.Z.156:80
Listen X.Y.Z.156:443
The port 443 is also speciied in the lines:

Listen 443

AND

-----------------------
Apache web server "B" configuration is identical to "A" except that the IP address is X.Y.Z.163 and the "-f" option is used in the startup to specify a separate httpd.conf file. It is also started with "-DSSL" option.
----------------------
If I start either A or B first, and in SSL mode, it is OK. The problem is in trying to start the second one in SSL mode.
For example, I first start A in SSL mode. It is OK. I check to make sure no process is using IP address X.Y.Z.163 (which will be used by B). Both "netstat -an|grep 163" and
"lsof -i -n -P|grep 163" display NO output. I try to start B in SSL mode. It fails with the following message in the error_log:
"Address already in use: make_sock: could not bind to port 443"
I can, however, start B in normal mode (no SSL) and it will be listening on both port 80 and 443. No matter which one I start second, the problem occurs, and it only occurs if I'm trying to start the second one in SSL mode. I'm stumped?

Leon.Howorth@acs-inc.com
0 Kudos
Reply
5 REPLIES 5
Paula J Frazer-Campbell
Honored Contributor

‎03-17-2002 11:47 AM

‎03-17-2002 11:47 AM

Re: Apache web server SSL problem

Leon

Are they both trying to listen on 443?

If one has the port then the other can't.

Paula
If you can spell SysAdmin then you is one - anon
0 Kudos
Reply
Paula J Frazer-Campbell
Honored Contributor

‎03-17-2002 11:49 AM

‎03-17-2002 11:49 AM

Re: Apache web server SSL problem

Hi I re-read your question.

Is ssl locking out 443 on the first instance so that the second cannot attach?

Paula
If you can spell SysAdmin then you is one - anon
0 Kudos
Reply
Christoph Rothe_3
Frequent Advisor

‎03-18-2002 02:18 AM

‎03-18-2002 02:18 AM

Re: Apache web server SSL problem

Hi,

if both of them were listening on port 443 and blocking each other, why wouldn??t one use one apache with one httpd.conf in which 2 virtual hosts are specified ?

Greetings,

Christoph
0 Kudos
Reply
Jordan Bean
Honored Contributor

‎03-18-2002 04:30 PM

‎03-18-2002 04:30 PM

Solution

Re: Apache web server SSL problem

The problem is here:


Listen 443


which tells Apache to bind to port 443 on *ALL* interfaces. This means that the first instance gets it and the second can not. The quick fix is remove this config block from each conf file.

The prefered solution, however, is to configure all of these virtual hosts in one Apache server. The key is to give each SSL virtual host a unique key and crt.

Reply
Leon A. Howorth
Advisor

‎03-20-2002 11:38 AM

‎03-20-2002 11:38 AM

Re: Apache web server SSL problem

Thank you Jordan Bean.
I should have noticed something so
obvious.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.