[ale] Semi-OT: Baby steps with SSL and GoAhead webserver

John Mills johnmills at speakeasy.net
Thu Nov 16 15:48:29 EST 2006


Mark -

Thanks for your note.

'# iptables -L' gives this, which means (I think) 'yes':

 LOG        tcp  --  anywhere             anywhere            limit: avg 
   3/min burst 5 tcp dpt:https flags:FIN,SYN,RST,ACK/SYN LOG level warning
   tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
 ACCEPT     tcp  --  anywhere             anywhere            tcp 
   dpt:https

I don't see any corresponding 'udp' entry; should there be one?

 - Mills


On Thu, 16 Nov 2006, Mark Walters wrote:

> Is port 443 open ? Check your iptables configuration.
> 
> On 11/16/06, John Mills <johnmills at speakeasy.net> wrote:

> > I'm setting up the GoAhead web server ([http://www.goahead.com]) as a test
> > (This is only a test!) on my SuSE-10.1 Linux box, and want to use the
> > installed 'openssl' for incoming 'https' connections. I had very few
> > problems building the package and running it without SSL enabled, and
> > similarly an easy time building the server with 'openssl' enabled.

> > When I run the enabled version I still get the proper 'http' behavior, but
> > I cannot connect for 'https' traffic. 'netstat -l' shows one port
> > listening for 'web-http' connections, but nothing waiting for 'web-https'.

> > I placed a 'server.pem' (one that works on other servers) in the same
> > directory as the server executable, and opened the firewall for HTTPS
> > service.




More information about the Ale mailing list