apache24 ssl setup problems; "unknown protocol" [Solved]

Gary Aitken freebsd at dreamchaser.org
Mon Apr 2 02:04:37 UTC 2018

The problem turned out to be an apache configuration error related to
virtual hosts.

The openssl error message was:
   SSL23_GET_SERVER_HELLO:unknown protocol

I finally found this article (why I didn't get it on numerous other
searches is somewhat of a mystery):
which, while rather outdated in some respects, gives the right hint --
the error is reported when the server sends back a normal http response
instead of https.  An easy test for this is to try connecting in a
browser to http[no s]://addr:443; if it works, the server isn't using

I had enabled and tweaked extra/httpd-ssl.conf; also httpd-vhosts.conf.
httpd-ssl.conf had ssl enabled so (default from install):
   <VirtualHost _default_:443>
   SSLEngine on

I had erroneously assumed including httpd-ssl.conf would turn it on
in the general case.  The virtual host definitions were missing the
directive to activate it.  Duh.  It's right there at the top of the
apache web page which I had used when I started...

Thanks Bruce for your patience.


More information about the freebsd-questions mailing list