Bug 42207 - ssl directive is ignored in /etc/sysconfig/apache2
Summary: ssl directive is ignored in /etc/sysconfig/apache2
Status: RESOLVED INVALID
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: All (show other bugs)
Version: 2.2.3
Hardware: PC Linux
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords: ErrorMessage
Depends on:
Blocks:
 
Reported: 2007-04-23 16:27 UTC by Nick Jones
Modified: 2007-04-24 08:35 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Nick Jones 2007-04-23 16:27:17 UTC
I think I've found an annoying little feature in apache2ctl where it completely
ignores my directive -D SSL or SSL (set in /etc/sysconfig/apache2 which I
checked that apache2ctl is looking at).

When I type apache2ctl start I cannot get it to listen on 443 and run a secure
server.  If I type apache2ctl startssl it says "Please edit httpd.conf to
include the SSL configuration settings" but this is far too vague or just plain
incorrect, I think it should say "please check /etc/sysconfig/apache2" or
something specific as this was totally unhelpful to me.

It all works fine when running this:

lcn2:/etc/apache2 # rcapache2 extreme-configtest
Syntax: OK

lcn2:/etc/apache2 # rcapache2 startssl
Starting httpd2 (prefork)                                             done

Works great and ssl works without changing anything.  Using rcapache2 start
works the same.  However it uses a different binary /usr/sbin/httpd2-prefork

But, running just httpd -D SSL works as well so it doesn't seem to matter which
binary is used.

This is a Suse 10.2 compiled package but I think the issue is with apache2ctl
script.

Nick
Comment 1 Nick Jones 2007-04-24 08:21:05 UTC
Perhaps a Suse 10.2 specific problem.  Suse 10.2 uses rcapache2 instead of
apachectl (it is named apache2ctl under Suse 10.2).  From the Suse documentation

Even if it is a Suse specific problem that Suse has caused and needs to know
about, I still think better error output is needed.  Such as "Could not start an
ssl httpd2 on port 443 because of XX".  I'm nearly certain the syntax is correct
because it works when calling the init.d process directly with -D SSL.

---
 Tried to review doc on apache.org for the start script and not sure how to start.

On apache.org, you will find 'apachectl' referenced as the standard tool to
start apache2. Although this tool is available on SuSE Linux (named
"apache2ctl"), using our slightly more powerful (and better integrated) tool
named "rcapache2" is recommended. (That's actually the shell script
/etc/init.d/apache2.) Enter "rcapache2 help" as user root to see what it can do.
To start apache2, either enter "rcapache2 start" as root or use the YaST
Runlevel Editor to activate the starting of apache2 at boot time. As a command
line alternative to the Runlevel Editor, you could run the command "chkconfig -a
apache2" to make sure that apache2 is started at system boot time. 
---
Comment 2 Joshua Slive 2007-04-24 08:35:49 UTC
The startssl option to apachectl was deprecated in 2.0 and removed in 2.2 as
discussed here:
http://httpd.apache.org/docs/2.2/upgrading.html

But in general, this is an issue you should address with SuSE. They do not use
the standard apache.org config, so they are responsible for supporting their
changes.