Re: virtual host gives unexpected network read error

[Luca Toscano <toscano.luca@xxxxxxxxx>]

Hi David,

2018-01-29 19:45 GMT-08:00 David Mehler <dave.mehler@xxxxxxxxx>:

Hello,

Can someone take a look at the below virtual host configuration?
Whenever I put it in my apache 2.4 the server returns an alert
unexpected network read error connection aborted message. If I take it
out the server behaves normally. Of course nothing is in any of the
logs I've got LogLevel set to warn. An apachectl -t says the files are
syntactically correct.

Any ideas?

Thanks.
Dave.

#
# Virtual host file
#

# The example.com http  and https virtual host
<VirtualHost *:80 *:443>

SSLCertificateFile "/usr/local/etc/ssl/acme/example.com/fullchain.pem"
SSLCertificateKeyFile "/usr/local/etc/ssl/acme/private/example.com/privkey.pem"
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA128:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA128:AES128-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!3DES
SSLEngine on

In this way you are enabling SSL/TLS on both 80 and 443 port, I don't believe that it will work (even if I didn't test it properly). Any reason why you have this settings? Can you try without the "*:80" ? In your case I'd simply create a *:80 Vhost to force a http->https redirect, and then apply SSL/etc.. settings only to *:443.

Luca