osdir.com

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [users@httpd] Help with SSL not working on Ubuntu 14.04


Thanks Yehuda! That change to the ports.conf file was a suggestion from a different forum I tried when I was troubleshooting. I ended up removing all of that and just using Listen 80 and Listen 443 https. Glad to know it would of caused more harm than good if I left it.  


Thanks,

Travis Johnston, Web Systems Architect & Salesforce Administrator
Collaborative for Educational Services 
97 Hawley St, Northampton, MA. 01060
Company Phone: (413) 586-4900
Direct Line: (413) 588-5930
LinkedIn: https://www.linkedin.com/in/travisejohnston

For all support related issues, please visit our Help Center at http://support.collaborative.org and login with your Google Apps account or register to see answers to commonly asked support questions. If you do not find an answer that meets your support needs, please submit a request by clicking the button located at the top of the Help Center.



On Wed, Aug 8, 2018 at 9:34 PM Yehuda Katz <yehuda@xxxxxxxxxx> wrote:
Hi Travis,
I see you mentioned on StackOverflow that your question is resolved (extra virtual hosts in the configuration meant you weren't reaching to correct host).

One recommendation based on the config you posted there: Don't use <IfModule mod_ssl.c> if it is critical to you that your site is available over ssl (or similar for any other module you need).
<IfModule > is great if you don't know anything about the server where your code is actually going to run, but not necessarily when you control the server.
If your SSL configuration is inside <IfModule > and for some reason mod_ssl isn't loaded, you will not get an error message when you run a config check (highly recommended before reloading/restarting the service) that SSL (or other module) isn't loaded.
You would rather know that.

- Y

On Wed, Aug 8, 2018 at 5:21 PM Travis Johnston <tjohnston@xxxxxxxxxxxxxxxxx> wrote:
Hello,

This is my first post to the group so testing the waters with an issue that I am having. I run 4 Ubuntu servers, each controlled with Webmin and Virtualmin. I am adding SSL to one of the sites but every time I visit the https://www.domain.org it gives me either one of the errors. 

Chrome: ERR_SSL_PROTOCOL_ERROR

Firefox: SSL_ERROR_RX_RECORD_TOO_LONG

The Chrome one isn't very helpful but the Firefox error at least tells me that it's an issue on the server. I've posted to Stackoverflow about the issue as well here:


I've made sure that port 443 is being listened to and in the site-avaiable/domain-name.conf file there are 2 <Virtualhost> entries, one for port 80 and one for port 443. 

The SSL cert installed correctly without any errors and the 443 entry was added and appears fine. SSLEngine is On, file paths for certs are all correct. The *.conf files are being loaded by Apache OK. 

One issue I do have is if I set the 443 to *:443 in the conf file, a different website on the server loads if you visit https. I need to specifically enter the IPADDRESS:443 or the domain:443 to stop it from redirecting. 

Any help is appreciated, really stumped with this one. 

Thanks,

Travis Johnston, Web Systems Architect & Salesforce Administrator
Collaborative for Educational Services 
97 Hawley St, Northampton, MA. 01060
Company Phone: (413) 586-4900
Direct Line: (413) 588-5930
LinkedIn: https://www.linkedin.com/in/travisejohnston

For all support related issues, please visit our Help Center at http://support.collaborative.org and login with your Google Apps account or register to see answers to commonly asked support questions. If you do not find an answer that meets your support needs, please submit a request by clicking the button located at the top of the Help Center.


All email sent to or received from CES is a matter of public record and may be viewed by others. Please do not share or forward. The content of this email may be confidential unless otherwise indicated. If you are not the intended recipient (or have received this email in error), please notify the sender immediately and delete this email.

All email sent to or received from CES is a matter of public record and may be viewed by others. Please do not share or forward. The content of this email may be confidential unless otherwise indicated. If you are not the intended recipient (or have received this email in error), please notify the sender immediately and delete this email.