Hi all,I think I've setup SSL, but Apache just won't use it. Syntax files read OK, and everything seems right, but... The full details of all my config files are here: http://gist.github.com/67695
Below are excerpts. The server is Ubuntu Intrepid, I'm using Apache 2.2.9, hosted on Amazon EC2. The ssl module is loaded.
Apache does listen on ports 80 and 443, as confirmed by lsof and netstat.
<VirtualHost _default_:443> SSLEngine On SSLRequireSSL ServerName xlsuite.com ServerAlias *.xlsuite.comSSLCertificateKeyFile /var/www/xlsuite/releases/20090220205909/ config/ssl/_.xlsuite.com/_.xlsuite.com.key SSLCertificateFile /var/www/xlsuite/releases/20090220205909/ config/ssl/_.xlsuite.com/_.xlsuite.com.crt
SSLOptions +StdEnvVars BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 DocumentRoot /var/www/xlsuite/current/public <Directory "/var/www/xlsuite/current/public"> AllowOverride None Options -Indexes +FollowSymlinks Order Allow,Deny Allow from all </Directory> RewriteEngine On # Check for maintenance file and redirect all requests RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f RewriteCond %{SCRIPT_FILENAME} !maintenance.html RewriteRule ^.*$ /system/maintenance.html [L] # DeflateAddOutputFilterByType DEFLATE text/html text/plain text/xml application/xml application/xhtml+xml text/javascript text/css
BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4.0[678] no-gzip BrowserMatch \bMSIE !no-gzip !gzip-only-text/html </VirtualHost> $ openssl s_client -connect localhost:443 CONNECTED(00000003)22774:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:583:
$ telnet localhost 443 Trying 127.0.0.1... Connected to localhost.localdomain. Escape character is '^]'. asdf <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>501 Method Not Implemented</title> </head><body> <h1>Method Not Implemented</h1> <p>asdf to / not supported.<br /> </p> </body></html> In the error.log, all I see is this:[Fri Feb 20 21:48:23 2009] [error] [client 127.0.0.1] Invalid method in request \x80t\x01\x03\x01 [Fri Feb 20 21:48:03 2009] [error] [client 127.0.0.1] Invalid method in request asdf
I know there's something simple I'm just not doing right. I've checked permissions (see the gist linked above), file ownerships, module configuration, searched, read the SSL FAQ, but I just can't find what I did wrong.
Thanks for any help! -- François Beausoleil http://blog.teksol.info/ http://piston.rubyforge.org/ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx