Solved

Can anyone help me finish getting SSL working on Apache2?

Posted on 2011-09-12
10
549 Views
Last Modified: 2012-05-12
It seems that I am past all of the issues of manually setting up my Certificate Authority and self signing a cert.  The web server is running again (for quite a while it would not).  The odd thing is that if I attempt to go to my IP address I get the default.htm but if I got https://MyIPAddress then I get this from Firefox...

SSL received a record that exceeded the maximum permissible length.

and this from Chrome.

SSL connection error
Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have.
Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.

it seems like both browsers are communicating with SSL on Apache2, but there is still an issue.  So, I need some help diagnosing and correcting the error.

I am running 64 bit Ubuntu 11.04 server
0
Comment
Question by:developmentguru
  • 6
  • 2
  • 2
10 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36526336
What do the apache logs say after you try it?  Are you sure nothing is redirecting https to http?
0
 
LVL 21

Author Comment

by:developmentguru
ID: 36527092
--What do the apache logs say after you try it?
Which logs should I be checking?

--Are you sure nothing is redirecting https to http?
I feel I can be reasonably sure that is not what is happening as both browsers report an error from SSL (one glaring example being that SSL returned a record length larger than the maximum permissible length).

I have read that I need to import my certificate to the browsers but am unsure how to do that.

I guess what I need from you is a way to diagnose what is wrong.  Both questions sound good, but I am a newb when it comes to Apcahe web server.  I suppose I should have apologized for the newb question already...

In any case, let me know which logs you would check, as well as what you are looking for.  I will let you know what I find.
0
 
LVL 6

Accepted Solution

by:
mohansahu earned 375 total points
ID: 36529066

Hi,

Can u post the apache logs...

tail -0f /var/log/apache2/error.log

MS
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 6

Assisted Solution

by:mohansahu
mohansahu earned 375 total points
ID: 36529092
Hi,

For more detail go through the below link

http://linuxconfig.org/apache-web-server-ssl-authentication

MS

MS
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 125 total points
ID: 36531999
Which logs should I be checking?

Apache error logs.  Where those are located depends on some options in httpd.conf, but depending on your distro it can usually be found in /var/log/httpd/

In your httpd.conf, "ErrorLog" will show you either an absolute path, or a path relative to whatever is set for "ServerRoot"

Like this:
[user@phx3web8 conf]$ grep ErrorLog httpd.conf
ErrorLog logs/error_log
[user@phx3web8 conf]$ grep ServerRoot httpd.conf
ServerRoot "/x/httpd-2.2.14"

Open in new window

That would make the path /x/httpd-2.2.14/logs/error_log.  There are other things you can do with logging but let's just keep it simple for now.

Once you find the error log, do your test again and then paste us any log excerpts that from time period that you did your testing.



0
 
LVL 21

Author Comment

by:developmentguru
ID: 36537588
I tried the first command you posted and the terminal window seems to be taking a nap...
0
 
LVL 21

Author Comment

by:developmentguru
ID: 36537623
OK, I started trying some testing of the web page and it is acting differently now.  It was displaying my HTTP page requests and will not do that now.  Instead I get two errors when I try to go to the IP address on normal HTTP.


[Wed Sep 14 12:52:32 2011] [client 10.1.1.254] File does not exist: /etc/apache2/htdocs
[Wed Sep 14 12:52:32 2011] [client 10.1.1.254] File does not exist: /etc/apache2/htdocs
0
 
LVL 21

Author Comment

by:developmentguru
ID: 36537939
I think I have a lead on the new error.  I will try to get it back where it was and let you know what I find.
0
 
LVL 21

Author Comment

by:developmentguru
ID: 36537975
OK.  The site was disabled and caused the, somewhat odd, error.  I re-enabled the site and now... somehow... the https is working when it would not yesterday...

I am going to split points based on what I learned that helped me to identify some of what was wrong.  I appreciate the help!
0
 
LVL 21

Author Closing Comment

by:developmentguru
ID: 36538000
My only disappointment in the solution is that I do not have any understanding of why it was not working in the first place.

The advice given did lead me to getting it working again by identifying the error.  I was able to use the identified error (google search) to figure out what was wrong and use a2ensite to get the site working again.

The http was working initially while the https seemed to be responding but was not working.  So I am left happy that it is now working, but confused by the fact that I do not understand WHY HTTPS is working today when it was not yesterday.

I do appreciate the help.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now