ssl configuration

Discussion in 'Install/Configuration' started by Shelby, Aug 20, 2006.

  1. Shelby

    Shelby New Member

    Hello -
    I am trying to get one of my domain's web application to work with ssl.
    I think I have the listener's SSL configuration set correctly, but the message I get back from Firefox is "Firefox and xxx.xxx.com cannot communicate securely because they have no common encryption algorithms."

    Here is my configuration...
    I have one domain name www.xxx.com that I want to use both on ports 80 and 443. I created two listeners - one called xxx-listener that listens on a particular IP, port 80, and maps to www.xxx.com. The second listener, called xxx-ssl-listener, listens on the same IP, port 443, and also maps to www.xxx.com.

    The xxx-ssl-listener is configured with an absolute path to its certificate and key files. Chained certificate is set to yes. CA Certificate Path is set to the directory that holds the chained certificate. CA Certificate File is set to the absolute path of the chained certificate. These are known good certs, in use already on another server. (I want to migrate everything to litespeed!!)

    I have SSL protocol set at v3, and have tried different encryption levels, all with no luck. The certificates are readable, and the LiteSpeed log files don't reveal any trouble. I can gracefully restart the server fine, and the virtual host is reported as running.

    I don't know where to start looking. Does anyone have any ideas? (by the way, the rails webapp that I am trying to serve with SSL does work correctly without ssl, over port 80.)

    Thanks!
    Shelby
  2. mistwang

    mistwang LiteSpeed Staff

    "TLSv1" should be checked for the SSL configuration, and at least "high" and "medium" should be checked for encryption level.
  3. Shelby

    Shelby New Member

    Thanks! That fixed it.

    Shelby

Share This Page