ssl on a local dev server

Question

I am running ubuntu as a testing server on my laptop. I am attempting to set up some of the test sites with self signed ssl certificates. I think I have everything correct except perhaps the apache 2 conf files.

When creating the cerificates I gave the common name as *.hr4.mdev. "mdev" is what I have arbitrarily called my local dev environment.

So I modified my existing conf file to listen on 443 instead on 80 (line 1) and I added lines 6, 7 and 8.

<VirtualHost *:443>
  ServerAdmin  myemail@mydomain.com
  ServerName   marino.hr4.mdev
  ServerAlias  *.marino.hr4.mdev
  DocumentRoot /var/www/marino.hr4/htdocs
  SSLEngine on
  SSLCertificateFile /etc/apache2/ssl/apache.crt
  SSLCertificateKeyFile /etc/apache2/ssl/apache.key
  <Directory /var/www/marino.hr4/htdocs>
    php_value include_path /var/www/marino.hr4/htdocs
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
  </Directory>

  ErrorLog /var/www/marino.hr4/logs/error.log
  # Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
  LogLevel debug

  CustomLog /var/www/marino.hr4/logs/access.log combined
</VirtualHost>

Now when I go to the site ( https://marino.hr4.mdev ) I am advised that "It works!" Which is reassuring on a certain level, but it is not the content that I expected to see.

---

Having referenced tremor's link, my conf file now looks like this:

<VirtualHost 192.168.73.128:443>
  SSLEngine on
  SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP

  SSLCertificateFile /etc/apache2/ssl/apache.crt
  SSLCertificateKeyFile /etc/apache2/ssl/apache.key

  ServerAdmin  bernard@theminery.com
  ServerName   marino.hr4.mdev
  ServerAlias  *.marino.hr4.mdev
  DocumentRoot /var/www/marino.hr4/htdocs

  <Directory /var/www/marino.hr4/htdocs>
    php_value include_path /var/www/marino.hr4/htdocs
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
  </Directory>

  ErrorLog /var/www/marino.hr4/logs/error.log
  # Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
  LogLevel debug

  CustomLog /var/www/marino.hr4/logs/access.log combined
</VirtualHost>

after restarting Apache I am asked to add a security exception, which is fine, but I am then kicked to another site I have set up on my machine.

Answer 1

Add NameVirtualHost directive, something like this perhaps?

NameVirtualHost *:443
Listen 443

Your apache server is obviously serving up it's default server "It works" instead of your website.

Here is some supporting information from apache: http://wiki.apache.org/httpd/NameBasedSSLVHosts

Edit:

Potentially move your virtual host to the first referenced vhost in the conf file, default is selected based on order.

Answer 2

So in the end I modified the ports.conf file and added 443 to the Listen directive, so now it reads:

Listen 80 443
<IfModule ssl_module>
  Listen 443
</IfModule>
<IfModule mod_gnutls.c>
  listen 443
</IfModule>

I also changed the first line of my conf file from

<VirtualHost 192.168.73.128:443>

back to

<VirtualHost *:443>

Special thanks to tremor for pointing me in the right direction.