Invalid method in request: Apache/1.3.33 mod_ssl/2.8.22 OpenSSL/0.9.7e

I was under the impression I had a working SSL-capable Apache server but I'm clearly mistaken.

Any attempts to access the SSL protected port fails with the error log file containing content like:

[Wed Apr  6 17:16:07 2005] [error] [client nn.nn.nn.9] Invalid method in request \\x80g\\x01\\x03

I find lots of references to this error log entry when I GOOGLE it, however no suggestions other than "your SSL configuration is screwed up, dude.."  Hey, I can tell that, I just don't know what
is screwed up about it.  Problem is URGENT so points is 500.

My configuration reads as follows; the private key was generated locally (using a different
host) and the public key is at test certificate from cacert.org and will expire next year:
....
Listen nn.nn.nn.140:8443
<IfModule mod_ssl.c>
Listen nn.nn.nn.140:443
</IfModule>
...
ServerAdmin jlw+apache.NOSSL@xxx.edu
<ifModule mod_ssl.c>
ServerAdmin jlw+apache.ssl@xxx.edu
</IfModule>
...
<IfDefine SSL>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl
</IfDefine>
...
<IfModule mod_ssl.c>
SSLPassPhraseDialog  builtin
SSLSessionCache         dbm:/dlt/webservers/apaches_test/logs/ssl_scache
SSLSessionCacheTimeout  300
SSLMutex  file:/dlt/webservers/apaches_test/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLLog      /dlt/webservers/apaches_test/logs/ssl_engine_log
SSLLogLevel info
</IfModule>
...
<IfDefine SSL>
<VirtualHost _default_:443>
DocumentRoot "/dlt/webservers/apaches_test/htdocs"
ServerName tramp.xxx.edu
ServerAdmin postmaster+tramp.ssl@xxx.edu
ErrorLog /dlt/webservers/apaches_test/logs/error_log
TransferLog /dlt/webservers/apaches_test/logs/access_log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /dlt/webservers/apaches_test/certs/tramp.pubkey
SSLCertificateKeyFile /dlt/webservers/apaches_test/certs/tramp.privkey
#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/dlt/webservers/apaches_test/techsmart/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>
...
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog /dlt/webservers/apaches_test/logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>



jlw011597Asked:
Who is Participating?
 
PashaModCommented:
Closed, 500 points refunded.
PashaMod
Community Support Moderator @ Experts Exchange
0
 
armeenCommented:
The error in the log means that ssl is screwed or not running as it isn't decrypting the request.

If you set the LogLevel to debug and run apache from the command line what (if any) messages do you get about ssl?

plus what os is this?
0
 
jlw011597Author Commented:
Changed LogLevel and SSLLogLevel both to debug.

No change in the error log or the SSLLog file (no additional information)

OS is Solaris 9.
0
 
jlw011597Author Commented:
I guess this can probably be closed off -- a colleage observed the COMBINATION of
<IfModule mod_ssl.c></IfModule> conditionals and <IfDefine SSL></IfDefine>
conditionals, and pointed out that if the <IfModule> ones were TRUE, but the <IfDefine>
ones were FALSE, it could cause this behavior.

He was right.  The server was being started/restarted/stopped with a version of
apachectl that did not support the "startssl" parameter (the httpd.exe was compiled to EXPECT one),  and by changing apachectl for one that did accept "startssl" as a parameter and using
it, the server now works as expected.

How do we want to do this?  The particular problem and its resolution could in theory be useful  as a PAQ, but since I solved the problem myself with no assist from Experts' Exchange, I don't feel right giving away my 500 points.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.