Date: Sun, 1 Apr 2018 21:56:47 -0700 From: Bruce Ferrell <bferrell@baywinds.org> To: freebsd@dreamchaser.org, freebsd-questions@freebsd.org Subject: Re: apache24 ssl setup problems; "unknown protocol" [Solved] Message-ID: <59b606e3-eb2e-34c6-735e-d2ea211d39ee@baywinds.org> In-Reply-To: <b2fc47c5-fc0b-3e1b-22ea-244c96610c7c@dreamchaser.org> References: <acd1c4b7-72ce-0fd2-a640-4b3c22299a75@dreamchaser.org> <fc3125a2-14a1-6fe5-cc67-0a32f9361657@baywinds.org> <3ebae04a-4928-7979-9100-b0c3317a5284@dreamchaser.org> <eab52606-6f62-d88f-0682-9fe3ce1f470c@baywinds.org> <210673da-f441-491f-7de4-f4bfbadbf5a5@dreamchaser.org> <80dadfa7-ea5f-4027-f862-e1cd39f5694b@baywinds.org> <cc91a72c-f373-3438-c60c-8c519ac2afd9@dreamchaser.org> <b2fc47c5-fc0b-3e1b-22ea-244c96610c7c@dreamchaser.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 04/01/2018 07:03 PM, Gary Aitken wrote: > The problem turned out to be an apache configuration error related to > virtual hosts. > > The openssl error message was: > SSL23_GET_SERVER_HELLO:unknown protocol > > I finally found this article (why I didn't get it on numerous other > searches is somewhat of a mystery): > https://stackoverflow.com/questions/15166950/unable-to-establish-ssl-connection-how-do-i-fix-my-ssl-cert#15168180 > which, while rather outdated in some respects, gives the right hint -- > the error is reported when the server sends back a normal http response > instead of https. An easy test for this is to try connecting in a > browser to http[no s]://addr:443; if it works, the server isn't using > ssl. > > I had enabled and tweaked extra/httpd-ssl.conf; also httpd-vhosts.conf. > httpd-ssl.conf had ssl enabled so (default from install): > <VirtualHost _default_:443> > ... > SSLEngine on > > I had erroneously assumed including httpd-ssl.conf would turn it on > in the general case. The virtual host definitions were missing the > directive to activate it. Duh. It's right there at the top of the > apache web page which I had used when I started... > > Thanks Bruce for your patience. > > Gary > Oops! I hate it when I do things like that... WAY too often
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?59b606e3-eb2e-34c6-735e-d2ea211d39ee>
