Testing the Server

Previous page
Table of content
Next page

Testing the Server

Now we're ready to take the server for a test drive. First we start up the server for both normal and SSL Web traffic: 

  # /usr/local/apache/bin/apachectl startssl

You should see a message like this: 

  apachectl startssl: httpd started

If you don't, something happened that prevented the server from properly starting. The best place to look to help diagnose what is wrong is the error log file, in ../logs/error_log.

Now look to see if you have two new ports listening, ports 80/TCP and 443/TCP. We will use the netstat command to look for them: 

 # netstat -na  grep LISTEN 
 
 tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 
  tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN

Sure enough, we have two listening sockets, on ports 80 and 443 TCP ports. These correspond to the normal and SSL traffic for the server, respectively.

And now we will connect to our server and test out the secure Web-mail connection. Fire up a browser like Netscape or Internet Explorer (if you are on a Windows machine) and point it to your Web server. In our example the machine's name is friend.dsl.isp.com , so the secure Aeromail site would have the URL https ://friend.dsl.isp.com/aeromail/ .

The first thing you should go through is the acceptance of the certificate. For Netscape, it's a several-stage process, illustrated next .

First, we are presented with a popup window noting that the site uses encryption but Netscape doesn't recognize the signing authority (remember, we didn't have a big name sign above it). Use Next to move on in the process ( Figure 8-1 ).

Figure 8-1. Netscape ”cert2.

Second, it tells us a little bit about the certificate. If you click the More Info button ( Figure 8-2 ) we can view more information, and Next will continue in the process.

Figure 8-2. Netscape ”cert3.

Now we can choose to accept this certificate or not, and for how long. I usually choose to accept the certificate until it expires ( Figure 8-3 ) and then click Next.

Figure 8-3. Netscape ”cert4.

Then it offers you the chance of alerting you whenever you submit information ( Figure 8-4 ). This can be useful, but with Web-mail it can also be extremely annoying. I usually ignore the warnings and don't let them pop up, and I click Next to continue the process.

Figure 8-4. Netscape ”cert5.

Now we can finish the process by clicking Finish ( Figure 8-5 ).

Figure 8-5. Netscape ”cert6.

I often get the popup shown in Figure 8-6 , since the site name that is on the certificate and the one that I am actually connecting to don't match (I'm not running a real Internet server here). I just click Continue and accept the certificate.

Figure 8-6. Netscape ”cert7.

We know we have a secure connection because of three things: We have a URL that starts with https:// rather than http:// ( Figure 8-7 ). And we have two indicators in the browser that the connection is secure: The button bar at the top has a highlighted security lock ( Figure 8-8 ), and the lock in the bottom left of the browser is closed and highlighted ( Figure 8-9 ).

Figure 8-7. Secure ”2.

Figure 8-8. Secure ”1.

Figure 8-9. Secure ”3.

Should the preceding not have occurred, you need to diagnose the problem and try to remedy it. You can look in several places. First, make sure you are listening on both ports 80/TCP and 443/TCP for normal and SSL Web connections. Second, make sure that the SSL engine is turned on in the directives for the Web server. Otherwise you'll never complete a connection with the server ”your browser will just hang. Last, make sure you are indeed connecting. Use netstat on the server to show that you are connecting to the server, and check the logs from Apache, both the access_log file and the error_log file, for any entries. The SSL server is pretty verbose about what went wrong, and the mod_ssl documentation is also very good at helping diagnose a problem.

You can test your PHP4 installation with a simple PHP file. Simply create the file test.php in your htdocs/ directory for your Web server with the following very simple content: 

  <?php phpinfo() ?>

This will show you all of the information about your PHP installation if it comes up. Make sure that you have IMAP support, for one, or your Web-mail solution just won't work. If you get prompted to download the file, make sure you added the earlier directives for PHP files to the server configuration file, httpd.conf. When in doubt, check the documentation for each of the components , Apache, mod_ssl, and PHP, for chances are you have encountered a common problem.

 


Previous page
Table of content
Next page
Multitool Linux. Practical Uses for Open Source Software
Multitool Linux: Practical Uses for Open Source Software
ISBN: 0201734206
EAN: 2147483647
Year: 2002
Pages: 257
Authors: Michael Schwarz, Jeremy Anderson, Peter Curtis, Steven Murphy
BUY ON AMAZON
SQL Hacks
Making Sense of Change Management: A Complete Guide to the Models, Tools and Techniques of Organizational Change
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
The Oracle Hackers Handbook: Hacking and Defending Oracle
Python Standard Library (Nutshell Handbooks) with
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy