Date: Sat, 31 Mar 2018 15:36:39 -0700 From: Bruce Ferrell <bferrell@baywinds.org> To: freebsd-questions@freebsd.org Subject: Re: apache24 ssl setup problems; "unknown protocol" Message-ID: <fc3125a2-14a1-6fe5-cc67-0a32f9361657@baywinds.org> In-Reply-To: <acd1c4b7-72ce-0fd2-a640-4b3c22299a75@dreamchaser.org> References: <acd1c4b7-72ce-0fd2-a640-4b3c22299a75@dreamchaser.org>
next in thread | previous in thread | raw e-mail | index | archive | help
That *looks* like you have no certs installed On 03/31/2018 03:20 PM, Gary Aitken wrote: > Hi all, > > I'm trying to set up apache24 ssl for the first time; getting nowhere > very slowly. > > Server starts up ok, serves port 80 normally as usual. > sockstat shows it listening on 443 ok. > > When I attempt to connect I get this: > > $ openssl s_client -connect 192.168.151.101:443 > CONNECTED(00000003) > 34379279064:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:782: > --- > no peer certificate available > --- > No client certificate CA names sent > --- > SSL handshake has read 7 bytes and written 291 bytes > --- > New, (NONE), Cipher is (NONE) > Secure Renegotiation IS NOT supported > Compression: NONE > Expansion: NONE > SSL-Session: > Protocol : TLSv1.2 > Cipher : 0000 > Session-ID: > Session-ID-ctx: > Master-Key: > Key-Arg : None > PSK identity: None > PSK identity hint: None > SRP username: None > Start Time: 1522531949 > Timeout : 300 (sec) > Verify return code: 0 (ok) > > I assume the problem is the unknown protocol issue, but it's not clear > to me what the unknown protocol it's looking for is. > My extra/httpd-ssl.conf says: > SSLProtocol all -SSLv3 > and my extra/httpd-vhosts.conf does not override it. > The error log simply says: > [core:debug] [pid 13758] protocol.c(1272): ... : request failed: malformed request line > > Running apache24-2.4.25_1 on a 10.3 amd64 > > Thanks, > > Gary > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?fc3125a2-14a1-6fe5-cc67-0a32f9361657>