in Hacking

Apache 2.2.13 upgrade breaks my SSL configuration

Today I upgraded my Apache installation to 2.2.13 on my FreeBSD server. (Thankfully I first upgraded my internal server before upgrading the server this blog is on).
The server didn't start:

[error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile]

To solve this problem I usually fall back to google...

Finding some discussions about this problem I tried the following:
Moving the SSLCerticateFile and SSLCertificateKey outside a virtualhost tag as suggested, I've got the following error:

 [error] Illegal attempt to re-initialise SSL for server (theoretically shouldn't happen!)

More info wasn't available...

After some debuggin/playing I found out I must remove ALL SSL stuff out of my directives except for the line SSLEngine ON.
So in short my config file :

# Those two lines are placed OUTSIDE the <virtualhost> tag
SSLCertificateFile /usr/local/etc/apache22/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/etc/apache22/ssl.key/server.key

# in a virtual host file:
&lt;VirtualHost *:443&gt;
  DocumentRoot /usr/local/www/sample

    SSLEngine on
   &lt;Directory /usr/local/www/sample &gt;
      Options Indexes FollowSymLinks MultiViews
      AllowOverride All
      Order allow,deny
      allow from all

Finally the sites are up again. Besides the Apache warning about SSL and virtual hosts everything runs find. PHeeew!

[warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!

Now I must update this server, so If you can read this, the upgrade was succesful ;-)