[SOLVED] Forcing SSL over https

[r_hartman]

https requires mod_ssl:
[code]# yum install mod_ssl
# service httpd restart[/code]

[TrevorH]

If it does not work then the first place to check is in the logfiles in /var/log/httpd for error messages.

[DarkSnake-Kobra]

Sorry for the late response. Been busy. CentOS is a completely different environment from what I'm use to. Sorry for the trouble and all that as I tend to switch OS's a lot and can't really make up my mind. Ubuntu Server is more what I'm use to and better for beginners. CentOS seems to be more for enterprise/advanced users. I didn't have time to mess with this so I went back to Ubuntu Server. Really would like to get into CentOS, but my top admin hates it(not what he is used to) and it'll take us a bit to get into it. So for right now I'm going to use it under VirtualBox to hopefully get some more experience. This old fossil also hates me so I'm hoping to get a new server within the next 3-5 months. :-P

[pschaff]

Sometimes what you are used to is the overriding factor in an OS decision, and my use of RPM-based distros back to RLH 3.0.3 may color my opinion; however, RHEL and derivatives are generally considered superior to Ubuntu in the server domain. The market share certainly supports that conclusion. Whatever works for you is good. Good luck, and come back if you need help getting up the learning curve.

[DarkSnake-Kobra]

Exactly. From what I hear CentOS is the most popular choice. Plus it's based off RHEL which is well known. Another thing my hard drive I believe is going out which was another factor as I was having a lot of file permission issues and file system problems with both CentOS/ Ubuntu. I might reinstall it if I can get things just right on a new server I'm purchasing in a few weeks. :-)

I decided to restart this topic for a learning purposes. I got the mod_ssl installed and apache restarted. I'm testing this in a vm this time so I don't screw anything up. ;-)


Information for general problems.
[code]
== BEGIN uname -rmi ==
2.6.32-220.4.2.el6.x86_64 x86_64 x86_64
== END uname -rmi ==

== BEGIN rpm -qa \*-release\* ==
rpmforge-release-0.5.2-2.el6.rf.x86_64
centos-release-6-2.el6.centos.7.x86_64
== END rpm -qa \*-release\* ==

== BEGIN cat /etc/redhat-release ==
CentOS release 6.2 (Final)
== END cat /etc/redhat-release ==

== BEGIN getenforce ==
Enforcing
== END getenforce ==

== BEGIN free -m ==
total used free shared buffers cached
Mem: 1958 736 1222 0 32 337
-/+ buffers/cache: 366 1592
Swap: 4999 0 4999
== END free -m ==

== BEGIN rpm -qa yum\* rpm-\* python | sort ==
python-2.6.6-29.el6.x86_64
rpm-build-4.8.0-19.el6.x86_64
rpm-libs-4.8.0-19.el6.x86_64
rpm-python-4.8.0-19.el6.x86_64
yum-3.2.29-22.el6.centos.noarch
yum-metadata-parser-1.1.2-16.el6.x86_64
yum-plugin-fastestmirror-1.1.30-10.el6.noarch
yum-plugin-security-1.1.30-10.el6.noarch
yum-utils-1.1.30-10.el6.noarch
== END rpm -qa yum\* rpm-\* python | sort ==

== BEGIN ls /etc/yum.repos.d ==
CentOS-Base.repo
CentOS-Debuginfo.repo
CentOS-Media.repo
mirrors-rpmforge
mirrors-rpmforge-extras
mirrors-rpmforge-testing
rpmforge.repo
== END ls /etc/yum.repos.d ==

== BEGIN cat /etc/yum.conf ==
[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=5
bugtracker_url=http://bugs.centos.org/set_project.php?project_id=16&ref=http://bugs.centos.org/bug_report_page.php?category=yum
distroverpkg=centos-release

# This is the default, if you make this bigger yum won't see if the metadata
# is newer on the remote and so you'll "gain" the bandwidth of not having to
# download the new metadata and "pay" for it by yum not having correct
# information.
# It is esp. important, to have correct metadata, for distributions like
# Fedora which don't keep old packages around. If you don't like this checking
# interupting your command line usage, it's much better to have something
# manually check the metadata once an hour (yum-updatesd will do this).
# metadata_expire=90m

# PUT YOUR REPOS HERE OR IN separate files named file.repo
# in /etc/yum.repos.d
== END cat /etc/yum.conf ==

== BEGIN yum repolist all ==
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: mirror.7x24web.net
* extras: mirror.anl.gov
* rpmforge: fr2.rpmfind.net
* updates: mirror.cogentco.com
repo id repo name status
base CentOS-6 - Base enabled: 6,294
c6-media CentOS-6 - Media disabled
centosplus CentOS-6 - Plus disabled
contrib CentOS-6 - Contrib disabled
debug CentOS-6 - Debuginfo disabled
extras CentOS-6 - Extras enabled: 4
rpmforge RHEL 6 - RPMforge.net - dag enabled: 4,217
rpmforge-extras RHEL 6 - RPMforge.net - extras disabled
rpmforge-testing RHEL 6 - RPMforge.net - testing disabled
updates CentOS-6 - Updates enabled: 388
repolist: 10,903
== END yum repolist all ==

== BEGIN egrep 'include|exclude' /etc/yum.repos.d/*.repo ==
== END egrep 'include|exclude' /etc/yum.repos.d/*.repo ==

== BEGIN sed -n -e "/^\[/h; /priority *=/{ G; s/\n/ /; s/ity=/ity = /; p }" /etc/yum.repos.d/*.repo | sort -k3n ==
== END sed -n -e "/^\[/h; /priority *=/{ G; s/\n/ /; s/ity=/ity = /; p }" /etc/yum.repos.d/*.repo | sort -k3n ==

== BEGIN cat /etc/fstab ==

#
# /etc/fstab
# Created by anaconda on Thu Feb 16 19:29:42 2012
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=4fa3dd13-c9aa-45fe-ad54-2e92d122e6bc / ext4 defaults 1 1
UUID=0ea9c968-4668-466f-9ff0-f9952132bfe2 /boot ext4 defaults 1 2
UUID=a1fe6c49-1e0a-4f34-b8a4-026f5bbb3a03 swap swap defaults 0 0
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
== END cat /etc/fstab ==

== BEGIN df -h ==
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 15G 3.1G 11G 23% /
tmpfs 980M 284K 979M 1% /dev/shm
/dev/sda1 485M 54M 406M 12% /boot
/dev/sr0 44M 44M 0 100% /media/VBOXADDITIONS_4.1.8_75467
== END df -h ==

== BEGIN fdisk -l ==

Disk /dev/sda: 21.5 GB, 21474836480 bytes
255 heads, 63 sectors/track, 2610 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000cb645

Device Boot Start End Blocks Id System
/dev/sda1 * 1 64 512000 83 Linux
Partition 1 does not end on cylinder boundary.
/dev/sda2 64 702 5120000 82 Linux swap / Solaris
Partition 2 does not end on cylinder boundary.
/dev/sda3 702 2611 15338496 83 Linux
== END fdisk -l ==

== BEGIN blkid ==
/dev/sda1: UUID="0ea9c968-4668-466f-9ff0-f9952132bfe2" TYPE="ext4"
/dev/sda2: UUID="a1fe6c49-1e0a-4f34-b8a4-026f5bbb3a03" TYPE="swap"
/dev/sda3: UUID="4fa3dd13-c9aa-45fe-ad54-2e92d122e6bc" TYPE="ext4"
== END blkid ==

== BEGIN cat /proc/mdstat ==
Personalities :
unused devices: <none>
== END cat /proc/mdstat ==

== BEGIN pvs ==
== END pvs ==

== BEGIN vgs ==
No volume groups found
== END vgs ==

== BEGIN lvs ==
No volume groups found
== END lvs ==

== BEGIN rpm -qa kernel\* | sort ==
kernel-2.6.32-220.4.2.el6.x86_64
kernel-2.6.32-220.el6.x86_64
kernel-devel-2.6.32-220.4.2.el6.x86_64
kernel-firmware-2.6.32-220.4.2.el6.noarch
kernel-headers-2.6.32-220.4.2.el6.x86_64
== END rpm -qa kernel\* | sort ==

== BEGIN lspci -nn ==
00:00.0 Host bridge [0600]: Intel Corporation 440FX - 82441FX PMC [Natoma] [8086:1237] (rev 02)
00:01.0 ISA bridge [0601]: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II] [8086:7000]
00:01.1 IDE interface [0101]: Intel Corporation 82371AB/EB/MB PIIX4 IDE [8086:7111] (rev 01)
00:02.0 VGA compatible controller [0300]: InnoTek Systemberatung GmbH VirtualBox Graphics Adapter [80ee:beef]
00:03.0 Ethernet controller [0200]: Intel Corporation 82540EM Gigabit Ethernet Controller [8086:100e] (rev 02)
00:04.0 System peripheral [0880]: InnoTek Systemberatung GmbH VirtualBox Guest Service [80ee:cafe]
00:05.0 Multimedia audio controller [0401]: Intel Corporation 82801AA AC'97 Audio Controller [8086:2415] (rev 01)
00:06.0 USB controller [0c03]: Apple Computer Inc. KeyLargo/Intrepid USB [106b:003f]
00:07.0 Bridge [0680]: Intel Corporation 82371AB/EB/MB PIIX4 ACPI [8086:7113] (rev 08)
00:0d.0 SATA controller [0106]: Intel Corporation 82801HM/HEM (ICH8M/ICH8M-E) SATA Controller [AHCI mode] [8086:2829] (rev 02)
== END lspci -nn ==

== BEGIN lsusb ==
Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 002: ID 80ee:0021 VirtualBox USB Tablet
== END lsusb ==

== BEGIN rpm -qa kmod\* kmdl\* ==
== END rpm -qa kmod\* kmdl\* ==

== BEGIN ifconfig -a ==
eth0 Link encap:Ethernet HWaddr 08:00:27:54:82:82
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe54:8282/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4920 errors:0 dropped:0 overruns:0 frame:0
TX packets:3217 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4218487 (4.0 MiB) TX bytes:282401 (275.7 KiB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:95 errors:0 dropped:0 overruns:0 frame:0
TX packets:95 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:33224 (32.4 KiB) TX bytes:33224 (32.4 KiB)

== END ifconfig -a ==

== BEGIN brctl show ==
bridge name bridge id STP enabled interfaces
== END brctl show ==

== BEGIN route -n ==
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 10.0.2.2 0.0.0.0 UG 0 0 0 eth0
== END route -n ==

== BEGIN cat /etc/resolv.conf ==
# Generated by NetworkManager
nameserver 10.0.2.2
== END cat /etc/resolv.conf ==

== BEGIN grep net /etc/nsswitch.conf ==
#networks: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
netmasks: files
networks: files
netgroup: nisplus
== END grep net /etc/nsswitch.conf ==

== BEGIN chkconfig --list | grep -Ei 'network|wpa' ==
NetworkManager 0:off 1:off 2:on 3:on 4:on 5:on 6:off
matahari-network 0:off 1:off 2:off 3:off 4:off 5:off 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
wpa_supplicant 0:off 1:off 2:off 3:off 4:off 5:off 6:off
== END chkconfig --list | grep -Ei 'network|wpa' ==

[/code]

Thanks again for the help and all. I'm a bit impatient sometimes and rather stubborn so you'll have to pardon that as things are frusterating sometimes with things I'm not use to. :-)

[pschaff]

Please restate any open question[s] remaining after your fresh VM install.

[DarkSnake-Kobra]

Basically the main question is directing the user to https when typing http. I got the mod_ssl installed so now the next question is what do I do next?

[pschaff]

That seems clear to me, so perhaps someone more cluefull on web servers than I can now advise you.

[DarkSnake-Kobra]

Thanks for the help. :-) Hopefully someone else sees this and has advice. :-) No rush or anything. :-)

[TrevorH]

Just confirm, you can now successfully connect to https itself without using the redirect?