Re: configured HTTP(80) on the standard HTTPS(443) port!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 04/04/2017 11:37 PM, Yehuda Katz wrote:
The first warning is telling you that you are serving regular HTTP traffic on what is usually an HTTPS port. This is because you do not have any SSL configuration on the virtual host on port 443. You need "SSLEngine on" and certificate information at least.

thanks.  fixed.

You can ignore the second warning about "server name indication" unless you specifically want to support really old and insecure browsers.

- Y

On Tue, Apr 4, 2017 at 10:47 PM, Robert Moskowitz <rgm@xxxxxxxxxxxxxxx> wrote:
I just noticed the following in error_log on httpd startup:

[Tue Apr 04 21:20:43.030519 2017] [ssl:warn] [pid 15521] AH01916: Init: (z9m9z.test.htt-consult.com:443) You configured HTTP(80) on the standard HTTPS(443) port!
[Tue Apr 04 21:20:43.030759 2017] [ssl:warn] [pid 15521] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)

What does this mean?

One of my .conf files is:

# cat 00-init.conf
    ServerAdmin rgm@xxxxxxxxxxxxxxx
    ServerName z9m9z.test.htt-consult.com
<VirtualHost *:80>
<Directory "/var/www/html">
        Options Indexes FollowSymLinks
        AllowOverride None
        Require ip 192.168.0.0/16
</Directory>
</VirtualHost>
<VirtualHost *:443>
<Directory "/var/www/html">
        Options Indexes FollowSymLinks
        AllowOverride None
        Require ip 192.168.0.0/16
</Directory>
</VirtualHost>

httpd -S reports:

VirtualHost configuration:
*:80                   is a NameVirtualHost
         default server z9m9z.test.htt-consult.com (/etc/httpd/conf.d/00-init.conf:3)
         port 80 namevhost z9m9z.test.htt-consult.com (/etc/httpd/conf.d/00-init.conf:3)
         port 80 namevhost webmail.test.htt-consult.com (/etc/httpd/conf.d/roundcubemail.conf:1)
                 alias webmail
*:443                  is a NameVirtualHost
         default server z9m9z.test.htt-consult.com (/etc/httpd/conf.d/00-init.conf:10)
         port 443 namevhost z9m9z.test.htt-consult.com (/etc/httpd/conf.d/00-init.conf:10)
         port 443 namevhost webmail.test.htt-consult.com (/etc/httpd/conf.d/roundcubemail.conf:16)
                 alias webmail
         port 443 namevhost z9m9z.test.htt-consult.com (/etc/httpd/conf.d/ssl.conf:56)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux