Forum OpenACS Q&A: openSSL doesn't work

Posted by tadashi nagao on
I did setup SSL according to

config file setup is  as follows.
ns_section "ns/server/{server name}/modules/nsopenssl"
ns_param port                    443
ns_param hostname      
ns_param Address
ns_param CertFile                /home/aol31/ssl/cert.pem
ns_param KeyFile                  /home/aol31/ssl/key.pem
ns_param Protocol                All
#ns_param Protocol                SSLv2
#ns_param Protocol                SSLv3
#ns_param Protocol                TLSv1
#ns_param CipherSuite              "ALL:!
ns_param ClientVerify            false
ns_param CADir                    ca
ns_param CAFile                  ca.pem
ns_param Trace                    false

but https protocol is not show up
and in error-log
[01/Aug/2002:02:34:03][15999.1024][-main-] Notice: Caching
RestrictToSSL for 1625 to acs-admin/*
[01/Aug/2002:02:34:04][15999.1024][-main-] Notice: Caching
RestrictToSSL for 94289 to admin/*

What was wrong ? Is anyone have some idea to improve situation.

Posted by David Siktberg on
Did you open up access to port 443 in your firewall? (probably iptables if you are running Linux)
Posted by tadashi nagao on
Port 443 is OK. Apache Port 443 is running same machine.
is "RestrictToSSL for xxx " message related to SSL error ?
Posted by David Siktberg on
Judging from the ns_param variable names, I think you are using an older version of nsopenssl.  I recommend that you go to Scott Goodwin's site at, where you will find good documentation as well as nsopenssl downloads.  The latest version has a trace feature that can help you figure out what is going on - though I never used earlier versions, and perhaps they did too.
Posted by David Walker on
Check to make sure that the apache on the same machine isn't keeping
aolserver from listening on that port.  "netstat --inet -nlp" should
list all services listening.
Posted by tadashi nagao on
when apache doesn't running,Aolserver could not listening Port 443