apache24 ssl setup problems; "unknown protocol" [Solved]

Bruce Ferrell bferrell at baywinds.org
Mon Apr 2 04:57:02 UTC 2018

On 04/01/2018 07:03 PM, Gary Aitken wrote:
> The problem turned out to be an apache configuration error related to
> virtual hosts.
> The openssl error message was:
>   SSL23_GET_SERVER_HELLO:unknown protocol
> I finally found this article (why I didn't get it on numerous other
> searches is somewhat of a mystery):
> https://stackoverflow.com/questions/15166950/unable-to-establish-ssl-connection-how-do-i-fix-my-ssl-cert#15168180
> which, while rather outdated in some respects, gives the right hint --
> the error is reported when the server sends back a normal http response
> instead of https.  An easy test for this is to try connecting in a
> browser to http[no s]://addr:443; if it works, the server isn't using
> ssl.
> I had enabled and tweaked extra/httpd-ssl.conf; also httpd-vhosts.conf.
> httpd-ssl.conf had ssl enabled so (default from install):
>   <VirtualHost _default_:443>
>     ...
>   SSLEngine on
> I had erroneously assumed including httpd-ssl.conf would turn it on
> in the general case.  The virtual host definitions were missing the
> directive to activate it.  Duh.  It's right there at the top of the
> apache web page which I had used when I started...
> Thanks Bruce for your patience.
> Gary
Oops!  I hate it when I do things like that... WAY too often

More information about the freebsd-questions mailing list