You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wiki-changes@httpd.apache.org by Apache Wiki <wi...@apache.org> on 2007/09/29 06:05:24 UTC

[Httpd Wiki] Update of "InvalidMethodHTTPSonHTTP" by megaspaz

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.

The following page has been changed by megaspaz:
http://wiki.apache.org/httpd/InvalidMethodHTTPSonHTTP

The comment on the change is:
added the common scenarios that i've seen.

------------------------------------------------------------------------------
  
  If you see this error message in your error log, then it means that you are attempting to connect to a ''non-HTTPS'' site (''i.e.'', HTTP only), using ''HTTPS''.
  
- This could indicate that you don't have `SSLEngine On` in the vhost that you're contacting.  Or try connecting to the site using HTTP instead.
+ This could indicate that you don't have '''SSLEngine On''' in the vhost that you're contacting or you are trying to connect to the site using the wrong protocol (HTTP on HTTPS or HTTPS on HTTP).
  
- '''For example, your vhost block may look like this:'''
+ '''For example, if your vhost block looks like this:'''
  
  {{{
+ NameVirtualHost *:443
- <VirtualHost *:80>
+ <VirtualHost *:443>
- ServerName myserver.foo.com
+   ServerName myserver.foo.com
- DocumentRoot /var/www/myserver
+   DocumentRoot /var/www/myserver
+ 
+   # Missing SSLEngine On
- ...
+   ...
  </VirtualHost>
  }}}
  
+ This is not an SSL enabled vhost. This vhost can only be accessed by the user via HTTP - ''http://myserver.foo.com:443''.
+ 
+ '''Or, another example, if your vhosts looke like this:'''
+ 
+ {{{
+ NameVirtualHost *
+ <VirtualHost *>
+   ServerName myserver.foo.com
+   DocumentRoot /var/www/myserver
+ 
+   ...
+ </VirtualHost>
+ 
+ <VirtualHost _default_:443>
+   ServerName myserver.foo.com
+   DocumentRoot /var/www/myserver
+ 
+   SSLEngine On
+   # Other SSL configuration directives.
+   ...
+ </VirtualHost>
+ }}}
+ 
+ Apache will always bypass the SSL vhost because of the * interface/port configuration of your HTTP vhost. You will know this is the cause as when you start Apache, you'll see the [http://wiki.apache.org/httpd/VirtualHostsMixingPorts mixing * ports and non-* ports warning]. This is a common name based vhost configuration mistake.
+ 
+ The final scenario would be that you are trying to access a HTTP vhost via HTTPS or vice versa. This does not necessarily mean an Apache misconfiguration on your part. Only that you (or your users) are trying to access a HTTP vhost via HTTPS or a HTTPS vhost via HTTP.
+ 
+ Also note that starting from Apache 2.2, the classic, monolithic httpd.conf file has been broken up into smaller configuration files. One of these being httpd-ssl.conf in the '''conf/extras''' directory. This file contains an SSL vhost configuration along with SSL configuration directives. If you are aware of this file and have made your configurations in this file, make sure that the include line in httpd.conf has been uncommented.
+ 
+ {{{
+ # Make sure you uncomment the line below!
+ # Include conf/extra/httpd-ssl.conf
+ }}}
+  
+