I'm now configuring for an embedded server with Apache v2.4, php5.3.20
Server version: Apache/2.4.4 (Unix)
Server built: Jul 19 2013 11:41:42
and it does work well but when I configure it for SSL mod, it can't not handle http request any more.
My server now can handle pages via https but when I request pages such as htt p://10.38.13.238/test.php
(intentional mistake) it returns TCP packages (I used wireshark to cactch) without any HTTP package like "HTTP/1.1 200 OK" and the web browser always says that "Transfering from 10.38.13.238" while I receive a blank page.
Here are some more info:
File etc/apache2/httpd.conf:
<VirtualHost *:80>
DocumentRoot "/usr/local/www/apache2/htdocs"
ServerName mustang:80
ServerAdmin you@example.com
# Host-specific directory setup, options, etc
# Most of these options are likely to be set outside the VirtualHosts
# sections.
</VirtualHost>
...
# Secure (SSL/TLS) connections
Include /etc/apache2/extra/httpd-ssl.conf
#
File /etc/apache2/extra/httpd-ssl.conf:
<VirtualHost *:443>
# General setup for the virtual host
DocumentRoot "/usr/local/www/apache2/htdocs/sslsite"
ServerName localhost:443
ServerAdmin you@example.com
ErrorLog "/usr/var/log/apache2/error_log"
TransferLog "/usr/var/log/apache2/access_log"
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile "/etc/apache2/server.crt"
SSLCertificateKeyFile "/etc/apache2/server.key"
SSLVerifyClient none
...
SSLOptions +StrictRequire +FakeBasicAuth +ExportCertData +StdEnvVars
<Directory />
SSLRequireSSL
</Directory>
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/usr/local/www/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
Error log file:
[Wed Aug 28 09:22:58.702230 2013] [mpm_worker:notice] [pid 1969:tid 548459311104] AH00298: SIGHUP received. Attempting to restart
[Wed Aug 28 09:22:58.812758 2013] [ssl:warn] [pid 1969:tid 548459311104] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Aug 28 09:22:58.814245 2013] [mpm_worker:notice] [pid 1969:tid 548459311104] AH00292: Apache/2.4.4 (Unix) OpenSSL/1.0.0j configured -- resuming normal operations
[Wed Aug 28 09:22:58.814285 2013] [core:notice] [pid 1969:tid 548459311104] AH00094: Command line: '/usr/sbin/httpd'
[Wed Aug 28 11:03:18.182732 2013] [mpm_worker:notice] [pid 1969:tid 548459311104] AH00295: caught SIGTERM, shutting down
[Wed Aug 28 11:03:33.782494 2013] [ssl:warn] [pid 2340:tid 547901157376] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Aug 28 11:03:33.990105 2013] [ssl:warn] [pid 2341:tid 547901157376] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Aug 28 11:03:33.991777 2013] [mpm_worker:notice] [pid 2341:tid 547901157376] AH00292: Apache/2.4.4 (Unix) OpenSSL/1.0.0j configured -- resuming normal operations
[Wed Aug 28 11:03:33.991847 2013] [core:notice] [pid 2341:tid 547901157376] AH00094: Command line: '/usr/sbin/httpd'
Access log file:
10.38.5.238 - - [28/Aug/2013:11:32:50 +0000] "GET /test.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2146
10.38.5.238 - - [28/Aug/2013:11:35:29 +0000] "GET /testxcache.php HTTP/1.1" 200 42
10.38.5.238 - - [28/Aug/2013:11:35:30 +0000] "GET /test.php HTTP/1.1" 200 47272
10.38.5.238 - - [28/Aug/2013:11:35:31 +0000] "GET /test.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2524
10.38.5.238 - - [28/Aug/2013:11:35:31 +0000] "GET /test.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2146
10.38.5.238 - - [28/Aug/2013:11:35:33 +0000] "GET /test.php HTTP/1.1" 200 47272
10.38.5.238 - - [28/Aug/2013:11:35:33 +0000] "GET /test.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2524
10.38.5.238 - - [28/Aug/2013:11:35:33 +0000] "GET /test.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2146
10.38.5.238 - - [28/Aug/2013:11:35:34 +0000] "GET /testxcache.php HTTP/1.1" 200 42
10.38.5.238 - - [28/Aug/2013:11:35:47 +0000] "GET /index.html HTTP/1.1" 200 45 10.38.5.238 - - [28/Aug/2013:11:36:07 +0000] "GET /test.php HTTP/1.1" 200 47272
10.38.5.238 - - [28/Aug/2013:11:36:07 +0000] "GET /test.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2146
10.38.5.238 - - [28/Aug/2013:11:36:07 +0000] "GET /test.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2524
Any suggestion will be very appreciated. Thanks.
P/s: I follow these sites to configure SSL for my Apache server
http://www.onlamp.com/2008/03/04/step-by-step-configuring-ssl-under-apache.html
http://forums.gentoo.org/viewtopic-p-6037402.html
Best Answer
HTTPS will only allow one request and close the session inmediately so its a sort of incompatible with KeepAlives