You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by "Boex,Matthew W." <Ma...@cna.com> on 2002/03/05 21:20:19 UTC

what gives?

i am getting this error in my apache logs...

[05/Mar/2002 11:29:42 29719] [error] SSL handshake failed: HTTP spoken on
HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[05/Mar/2002 11:29:42 29719] [error] OpenSSL: error:1407609C:SSL
routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS
port!?]

now, all i am doing is requesting a cgi via http, not via https.  i figure,
when requesting a cgi or a static page using "http://" it should hit my
server on port 80 and if i request via "https://", it should try port 443.
what gives?

below is the virtual host snip from httpd.conf.  is this configuration
right?  i have one virtual host, www.chimcentral.com with no need for ssl,
and another, www.fosbow.com which needs ssl for a couple scripts, not all of
them....

below is a snip of httpd.conf virtual host section, below that is entire
httpd.conf....

NameVirtualHost 192.168.2.14

<VirtualHost 192.168.2.14:80>
    SSLDisable
    Port 80
    ServerAdmin boex@fosbow.com
    DocumentRoot /var/www/fosbow
    ServerName www.fosbow.com
    ServerAlias fosbow.com
    ScriptAlias /cgi-bin/ "/var/www/fosbow/cgi-bin/"
  <Directory "/var/www/fosbow/">
    AllowOverride FileInfo
  </Directory>
  <Directory "/var/www/fosbow/cgi-bin">
    DirectoryIndex mychicagoindex.cgi
    AllowOverride FileInfo
    Options +ExecCGI
    Order allow,deny
    Allow from all
  </Directory>
    ErrorLog /var/log/httpd/fosbow.com-error_log
    CustomLog /var/log/httpd/fosbow.com-access_log common
</VirtualHost>

<VirtualHost 192.168.2.14:443>
Port 443
ServerAlias fosbow.com
ServerName www.fosbow.com
DocumentRoot /var/www/fosbow
ScriptAlias /ssl/ "/var/www/fosbow/ssl/"
SSLEngine on
     SSLCertificateFile /etc/httpd/conf/ca.crt
     SSLCertificateKeyFile /etc/httpd/conf/ca.key
<Directory "/var/www/fosbow/ssl/">
        DirectoryIndex index.cgi
        AllowOverride None
    Options +ExecCGI
    Order allow,deny
    Allow from all
</Directory>
    ErrorLog /var/log/httpd/fosbow.com-ssl-error_log
    CustomLog /var/log/httpd/fosbow.com-ssl-access_log common
</VirtualHost>

<VirtualHost 192.168.2.14:80>
    SSLDisable
    Port 80
    ServerAdmin boex@chimcentral.com
    DocumentRoot /var/www/chimcentral
    ServerName www.chimcentral.com
    ServerAlias chimcentral.com
    ScriptAlias /cgi-bin/ "/var/www/chimcentral/cgi-bin/"
  <Directory "/var/www/chimcentral/cgi-bin">
    AllowOverride None
    Options +ExecCGI
    Order allow,deny
    Allow from all
  </Directory>
    ErrorLog /var/log/httpd/chimcentral.com-error_log
    CustomLog /var/log/httpd/chimcentral.com-access_log common
</VirtualHost>

 <<httpd.conf>>

Re: what gives?

Posted by Owen Boyle <ob...@bourse.ch>.

"Boex,Matthew W." wrote:
> 
> i am getting this error in my apache logs...
> 
> [05/Mar/2002 11:29:42 29719] [error] SSL handshake failed: HTTP spoken on
> HTTPS port; trying to send HTML error page (OpenSSL library error follows)
> [05/Mar/2002 11:29:42 29719] [error] OpenSSL: error:1407609C:SSL
> routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS
> port!?]
> 
> now, all i am doing is requesting a cgi via http, not via https.  i figure,
> when requesting a cgi or a static page using "http://" it should hit my
> server on port 80 and if i request via "https://", it should try port 443.
> what gives?
> 

I'm not sure about the multiple definitions of "Port". Depending on how
the VHs are processed, you might end up with only port 443 open.... Port
is a server-config directive - it is non-standard to place it in a VH:
Remove it everywhere and replace it with one Listen directive per VH
positioned just before the VH container, i.e.

> Listen 192.168.2.14:80
> <VirtualHost 192.168.2.14:80>

repeat for each VH.

Rgds,

Owen Boyle.

> below is the virtual host snip from httpd.conf.  is this configuration
> right?  i have one virtual host, www.chimcentral.com with no need for ssl,
> and another, www.fosbow.com which needs ssl for a couple scripts, not all of
> them....
> 
> below is a snip of httpd.conf virtual host section, below that is entire
> httpd.conf....
> 
> NameVirtualHost 192.168.2.14
> 
> <VirtualHost 192.168.2.14:80>
>     SSLDisable
>     Port 80
>     ServerAdmin boex@fosbow.com
>     DocumentRoot /var/www/fosbow
>     ServerName www.fosbow.com
>     ServerAlias fosbow.com
>     ScriptAlias /cgi-bin/ "/var/www/fosbow/cgi-bin/"
>   <Directory "/var/www/fosbow/">
>     AllowOverride FileInfo
>   </Directory>
>   <Directory "/var/www/fosbow/cgi-bin">
>     DirectoryIndex mychicagoindex.cgi
>     AllowOverride FileInfo
>     Options +ExecCGI
>     Order allow,deny
>     Allow from all
>   </Directory>
>     ErrorLog /var/log/httpd/fosbow.com-error_log
>     CustomLog /var/log/httpd/fosbow.com-access_log common
> </VirtualHost>
> 
> <VirtualHost 192.168.2.14:443>
> Port 443
> ServerAlias fosbow.com
> ServerName www.fosbow.com
> DocumentRoot /var/www/fosbow
> ScriptAlias /ssl/ "/var/www/fosbow/ssl/"
> SSLEngine on
>      SSLCertificateFile /etc/httpd/conf/ca.crt
>      SSLCertificateKeyFile /etc/httpd/conf/ca.key
> <Directory "/var/www/fosbow/ssl/">
>         DirectoryIndex index.cgi
>         AllowOverride None
>     Options +ExecCGI
>     Order allow,deny
>     Allow from all
> </Directory>
>     ErrorLog /var/log/httpd/fosbow.com-ssl-error_log
>     CustomLog /var/log/httpd/fosbow.com-ssl-access_log common
> </VirtualHost>
> 
> <VirtualHost 192.168.2.14:80>
>     SSLDisable
>     Port 80
>     ServerAdmin boex@chimcentral.com
>     DocumentRoot /var/www/chimcentral
>     ServerName www.chimcentral.com
>     ServerAlias chimcentral.com
>     ScriptAlias /cgi-bin/ "/var/www/chimcentral/cgi-bin/"
>   <Directory "/var/www/chimcentral/cgi-bin">
>     AllowOverride None
>     Options +ExecCGI
>     Order allow,deny
>     Allow from all
>   </Directory>
>     ErrorLog /var/log/httpd/chimcentral.com-error_log
>     CustomLog /var/log/httpd/chimcentral.com-access_log common
> </VirtualHost>
> 
>  <<httpd.conf>>
> 
>   ------------------------------------------------------------------------
>                  Name: httpd.conf
>    httpd.conf    Type: unspecified type (application/octet-stream)
>              Encoding: quoted-printable
> 
>   ------------------------------------------------------------------------
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org