Invalid method in request: Apache/1.3.33 mod_ssl/2.8.22 OpenSSL/0.9.7e

Posted on 2005-04-07
Last Modified: 2008-01-09
I was under the impression I had a working SSL-capable Apache server but I'm clearly mistaken.

Any attempts to access the SSL protected port fails with the error log file containing content like:

[Wed Apr  6 17:16:07 2005] [error] [client nn.nn.nn.9] Invalid method in request \\x80g\\x01\\x03

I find lots of references to this error log entry when I GOOGLE it, however no suggestions other than "your SSL configuration is screwed up, dude.."  Hey, I can tell that, I just don't know what
is screwed up about it.  Problem is URGENT so points is 500.

My configuration reads as follows; the private key was generated locally (using a different
host) and the public key is at test certificate from and will expire next year:
Listen nn.nn.nn.140:8443
<IfModule mod_ssl.c>
Listen nn.nn.nn.140:443
<ifModule mod_ssl.c>
<IfDefine SSL>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl
<IfModule mod_ssl.c>
SSLPassPhraseDialog  builtin
SSLSessionCache         dbm:/dlt/webservers/apaches_test/logs/ssl_scache
SSLSessionCacheTimeout  300
SSLMutex  file:/dlt/webservers/apaches_test/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLLog      /dlt/webservers/apaches_test/logs/ssl_engine_log
SSLLogLevel info
<IfDefine SSL>
<VirtualHost _default_:443>
DocumentRoot "/dlt/webservers/apaches_test/htdocs"
ErrorLog /dlt/webservers/apaches_test/logs/error_log
TransferLog /dlt/webservers/apaches_test/logs/access_log
SSLEngine on
SSLCertificateFile /dlt/webservers/apaches_test/certs/tramp.pubkey
SSLCertificateKeyFile /dlt/webservers/apaches_test/certs/tramp.privkey
#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
<Directory "/dlt/webservers/apaches_test/techsmart/cgi-bin">
    SSLOptions +StdEnvVars
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog /dlt/webservers/apaches_test/logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

Question by:jlw011597
    LVL 4

    Expert Comment

    The error in the log means that ssl is screwed or not running as it isn't decrypting the request.

    If you set the LogLevel to debug and run apache from the command line what (if any) messages do you get about ssl?

    plus what os is this?

    Author Comment

    Changed LogLevel and SSLLogLevel both to debug.

    No change in the error log or the SSLLog file (no additional information)

    OS is Solaris 9.

    Author Comment

    I guess this can probably be closed off -- a colleage observed the COMBINATION of
    <IfModule mod_ssl.c></IfModule> conditionals and <IfDefine SSL></IfDefine>
    conditionals, and pointed out that if the <IfModule> ones were TRUE, but the <IfDefine>
    ones were FALSE, it could cause this behavior.

    He was right.  The server was being started/restarted/stopped with a version of
    apachectl that did not support the "startssl" parameter (the httpd.exe was compiled to EXPECT one),  and by changing apachectl for one that did accept "startssl" as a parameter and using
    it, the server now works as expected.

    How do we want to do this?  The particular problem and its resolution could in theory be useful  as a PAQ, but since I solved the problem myself with no assist from Experts' Exchange, I don't feel right giving away my 500 points.

    Accepted Solution

    Closed, 500 points refunded.
    Community Support Moderator @ Experts Exchange

    Featured Post

    Courses: Start Training Online With Pros, Today

    Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

    Join & Write a Comment

    In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting ( to http…
    In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now