# how to disable SSL?

## thecooptoo

i want to use 443 for x11vnc-ssl connection so i need to disable https from my headless box that is my webserver

ive removed the -D SSL option in /etc/conf.d/apache2 and attempted to restart apache  , but I get a whole  host of errors as it reads etc/apache2/vhosts.d/00_default_ssl_vhost.conf:

where do disable this bit of it , so that i can then portforward 443 to another box ?

----------

## muhsinzubeir

Try rebuilding apache with -ssl...

----------

## neonknight

Well, then delete or move /etc/apache2/vhosts.d/00_default_ssl_vhost.conf to another location.

----------

## cach0rr0

apache lumps 00_default_ssl_vhost into its running config via Include statements

in this case it includes *.conf - so simply renaming 00_default_ssl_vhost.conf to 00_default_ssl_vhost.old should do the trick

even doing a USE="-ssl" emerge apache, will not do the trick, as the .conf will still be there. 

removing -D SSL does not mean that file will not get parsed - it simply means that certain stanzas in that file become invalid, as they are specific to SSL. 

So the solution is to not include that file at all - its settings are ONLY needed for SSL vhosts, nothing core, so it shouldn't break anything

----------

## malern

Removing -D SSL should really be enough, assuming you haven't made any changes to the default 00_default_ssl_vhost.conf

The entire contents of 00_default_ssl_vhost.conf is surrounded by an <IfDefine SSL> statement, so if you arn't defining SSL then none of it should have any effect.

It might help if you posted your /etc/conf.d/apache2 file so we could double check it.

----------

## cach0rr0

 *malern wrote:*   

> surrounded by an <IfDefine SSL> statement

 

You are quite right, and I am quite blind as I completely overlooked that

Pay me no mind, I've obviously lost my wits

----------

## muhsinzubeir

 *Quote:*   

> even doing a USE="-ssl" emerge apache, will not do the trick, as the .conf will still be there. 

 

Whats the meaning of those useflags?....will apache still have ssl support, becoz .conf is still there...   :Laughing: 

----------

## cach0rr0

 *muhsinzubeir wrote:*   

>  *Quote:*   even doing a USE="-ssl" emerge apache, will not do the trick, as the .conf will still be there.  
> 
> Whats the meaning of those useflags?....will apache still have ssl support, becoz .conf is still there...  

 

if I understand correctly, it'd mean mod_ssl didn't get built

----------

## muhsinzubeir

 *cach0rr0 wrote:*   

>  *muhsinzubeir wrote:*    *Quote:*   even doing a USE="-ssl" emerge apache, will not do the trick, as the .conf will still be there.  
> 
> Whats the meaning of those useflags?....will apache still have ssl support, becoz .conf is still there...   
> 
> if I understand correctly, it'd mean mod_ssl didn't get built

 

Anyways, I was just kidding when I wrote that....having a config file with no support of the feature itself, wouldnt work anyways..

I think this approach of disabling features by USEFLAG, is the best approach reducing troubles on server.

This module is also known to make troubles with nagios, if its not needed why building apache with it?This is why I chose gentoo to be able to choose with USEFLAG....

USEFLAGS one reason of mine in using GENTOO OSS...  :Smile: 

----------

## Havin_it

Perhaps you're ahead of me on this one, but you will need to remove "-D SSL_DEFAULT_VHOST" from the conf.d file as well...

----------

## NeddySeagoon

Havin_it,

... thats all thats needed.

----------

## cach0rr0

 *muhsinzubeir wrote:*   

> 
> 
> Anyways, I was just kidding when I wrote that....

 

Yeah, I'm pretty sure I'm losing my mind. I should have known all of that - I've been really sloppy lately.

----------

