Hi, Not the wrong place at all. I would start by splitting up the SSL stuff from web server stuff. That means, if the SSL is working, move onto the content. Start by going to your 404 page and identify whether it is being delivered over HTTPS. Use the Qualys HTTP scanner at www.sssllabs.com to identify any issues with the HTTPS implementation. Not all of the issues you need to fix, but I would recommend as a starting point ensure the trust is resolving correctly, and that you have SSL V3 switched off. Next identify the content you need to surve up over HTTPS, it is likely your virtual host isn't defined well and so you are ending up at this page, the Apache logs are the place to look here to identify the directory being accessed. I find it helpful to do this to split up HTTPS things from the actual content serving. Andrew. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Steve Matzura Sent: 17 August 2015 19:37 To: sysadmin <blind-sysadmins@lists.hodgsonfamily.org> Subject: [Blind-sysadmins] PHP and secure Web access I have some rather deep PHP questions that I need answered in order to solve an implementation problem. If this isn't the right place to talk about PHP, even though I consider it a system administration function, I'd very much appreciate a good mailing list name to go to to post the following. I have spent the past three full days trying to learn and understand how to implement secure Web access using SSL on Apache 2.4.10. I got basic password-based authentication to work over port 80, but I'd like to take that a step further--use port 443, use SSL, and make that all-important "s" appear in the user's address bar. I have SSL certificates of all kinds--a certified and signed certificate for my Website, a private key of course, and the intermediate key from the certifying authority. These all work. I know they work because I am using them on my Dovecot+Postfix email system successfully. I could probably cite ten or more articles I've read, most from the Apache Software Foundation itself, on how to set this up, but nothing I'm doing is working, which means I must be missing some key thing. When I browse to my site on port 443 by using https, I get 403 forbidden and have no idea why. If anybody knows what the very basic things I should be doing are, I'd appreciate having that knowledge as well. I've tried so many variants of SSL directives and options, and nothing changes, which probably means the options and directives I'm using do not apply to my situation or need, but there must be some basic ones required to start with, and that's what I'm looking for. Again, if this is the wrong place to ask about detailed PHP stuff, a redirection to a place that is would be greatly appreciated, with my thanks in advance. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins