Operation System : Redhat Linux.
Apache Version : 2.0.63
Folks,
I have installed apache as a web proxy server to redirect all the client requests to the
weblogic application server.This works perfectly for the non ssl connection.
Now I need to setup SSL for apache alone and not for the Weblogic.
As we are setting up SSO at the web server level, we need to have the apache running on SSL.
So I had installed the module mod_ssl to the apache and configured the ssl.conf and virtual hosts as follows.
****************************
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
<IfDefine SSL>
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/home/apache/logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/home/apache/logs/ssl_mutex
<VirtualHost *:443>
DocumentRoot "/opt/bea/domains/optdomain/servers/AdminServer/stage"
ServerName (ip address>:443
ErrorLog /home/apache/logs/error_log
TransferLog /home/apache/logs/access_log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/share/ssl/certs/server.crt/
SSLCertificateKeyFile /usr/share/ssl/certs/server.key/
CustomLog /home/apache/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
</IfDefine>
**************************************
I created the certificates and key files using the following command options of openssl.
openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes -keyout server.key -out server.crt -subj '/O=Company/OU=Department/CN=
www.example.com'
I had copied the certs to the openssl certs directory and created hashlinks for them.
I verified the certs using the openssl command as follows.
[root@gelxd002 logs]# openssl s_client -host
43.65.9.6 -port 443
CONNECTED(00000003)
22951:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:475:
But when I try to access the url with https, it give the following error messages.
At the browser.
<Host> has sent an incorrent or unexpected message Error code :-12263
At the apache logs.
[Tue Oct 28 10:20:00 2008] [error] [client HOST] Invalid method in request \x16\x03\x01
[Tue Oct 28 10:20:10 2008] [error] [client HOST] Invalid method in request \x16\x03\x01
[Tue Oct 28 10:20:20 2008] [error] [client HOST] Invalid method in request \x16\x03\x01
[Tue Oct 28 10:23:22 2008] [error] [client HOST] Invalid method in request \x80\x8c\x01\x03\x01
[Tue Oct 28 10:29:41 2008] [error] [client HOST] Invalid method in request \x16\x03\x01
Can you help me out , if there is something wrong with config settings.
I did google with the error messages obtained in log, they were pointing out a configuration problem with ssl.
Can you point out specifically which i need to address.
--
Regards&Thanks,
Vasanth Kumar Ravi
