Date: Sat, 31 Mar 2018 16:20:00 -0600 From: Gary Aitken <freebsd@dreamchaser.org> To: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: apache24 ssl setup problems; "unknown protocol" Message-ID: <acd1c4b7-72ce-0fd2-a640-4b3c22299a75@dreamchaser.org>
next in thread | raw e-mail | index | archive | help
Hi all, I'm trying to set up apache24 ssl for the first time; getting nowhere very slowly. Server starts up ok, serves port 80 normally as usual. sockstat shows it listening on 443 ok. When I attempt to connect I get this: $ openssl s_client -connect 192.168.151.101:443 CONNECTED(00000003) 34379279064:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:782: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 291 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1522531949 Timeout : 300 (sec) Verify return code: 0 (ok) I assume the problem is the unknown protocol issue, but it's not clear to me what the unknown protocol it's looking for is. My extra/httpd-ssl.conf says: SSLProtocol all -SSLv3 and my extra/httpd-vhosts.conf does not override it. The error log simply says: [core:debug] [pid 13758] protocol.c(1272): ... : request failed: malformed request line Running apache24-2.4.25_1 on a 10.3 amd64 Thanks, Gary
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?acd1c4b7-72ce-0fd2-a640-4b3c22299a75>