I'm having a hard time making HTTPS work on a RedHat 9 server,
running apache 2.0.40-21.3

I'm talking about an *actual* server (and not an exercise I'm
doing on my home machine). I got a GeoTrust certificate, but
there simply is no way that I can make it work.

I already succeeded in setting up multiple virtual hosts (same
IP, different domain names). Then, I want the name
secure.mydomain.com to be used as the secure host, so I edited
the default /etc/httpd/conf.d/ssl.conf file and put the following:



<VirtualHost _default_:443>

# With the actual IP instead of _default_, I get an error message
# when running apachectl startssl


# General setup for the virtual host
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log


ServerAdmin [email]adminmydomain.com[/email]
DoentRoot /home/websites/secure.mydomain.com
ScriptAlias /cgi-bin/ "/home/websites/secure.mydomain.com/cgi-bin/"
ServerName secure.mydomain.com:443
SSLCertificateFile /etc/httpd/conf/mydomain.com.crt
SSLCertificateKeyFile /etc/httpd/conf/mydomain.com.key




# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on


.....

And the rest is pretty much unchanged.

I run apachectl stop, then apachectl startssl, and they run
without error messages. But the HTTPS part does not work; I
get this output from a wget command:

[root]# wget [url]https://secure.mydomain.com/index.html[/url]
--19:44:26-- [url]https://secure.mydomain.com/index.html[/url]
=> `index.html'
Resolving secure.mydomain.com... done.
Connecting to secure.mydomain.com[xx.xx.xx.xx]:443... connected.

Unable to establish SSL connection.

Unable to establish SSL connection.


(I manually modified the actual domain name, and the actual IP
address; but otherwise, this is copy-n-pasted output from the
command).

If I try from the browser (Mozilla), I get a dialog box saying
"Connection refused when attempting to contact secure.mydomain.com"

If I point the browser (or wget) to: [url]http://secure.mydomain.com[/url]
(i.e., http instead of https), then I get the right index.html
file (the one corresponding to that domain name).

The certificate files are in the right place, owned by root with
permission 600. I temporarily changed the permissions to 644, but
it makes no difference. (all the directories in the path have
permission XX5 -- i.e., others always have read and execute
permission for all the directories in the path to the certificate
files)

What am I missing, or doing wrong?

BTW, the module mod_ssl is being loaded, and the right config
file is being read -- I tried putting a deliberate error, and
apachectl startssl reports it)

Thanks for any help/pointers,

Carlos
--