You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Robert Paulsen <ro...@paulsenonline.net> on 2004/08/05 02:29:02 UTC

[users@httpd] Can only access via localhost with SSL

Hello,

I am running apache2 (2.0.50) and until today all was well. I made no
changes that I am aware of and suddenly I can no longer access web
pages remotely (using SSL) but only by localhost.

Even on the same machine I can only access via localhost, not by
external IP. I am actually getting to the server since it logs an error. 

Here is a small testcase: I run the following two commands on the server's
own host:

	wget https://localhost
	wget https://192.168.0.31

Here is what gets logged in /var/log/apache2/access_log

	127.0.0.1 - - [04/Aug/2004:19:08:11 -0500] "GET / HTTP/1.0" 200 1456 "-" "Wget/1.9.1"
	192.168.0.31 - - [04/Aug/2004:19:08:17 -0500] "\x80\x8c\x01\x03\x01" 501 987 "-" "-"

And here is the error_log:

	[Wed Aug 04 19:08:17 2004] [error] [client 192.168.0.31] Invalid method in request \x80\x8c\x01\x03\x01

If I turn off SSL and run the following, all is well:

	wget http://localhost
	wget http://192.168.0.31

I tried three different browsers and got the same results.

Should I regenerate my certificates?

-- 
Robert C. Paulsen, Jr.
robert@paulsenonline.net

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Can only access via localhost with SSL [SOLVED]

Posted by Robert Paulsen <ro...@paulsenonline.net>.

On Wednesday 04 August 2004 08:16 pm, Joshua Slive wrote:
> On Wed, 4 Aug 2004 19:29:02 -0500, Robert Paulsen
>
> <ro...@paulsenonline.net> wrote:
> >         wget https://localhost
> >         wget https://192.168.0.31
> >
> > Here is what gets logged in /var/log/apache2/access_log
> >
> >         127.0.0.1 - - [04/Aug/2004:19:08:11 -0500] "GET / HTTP/1.0" 200
> > 1456 "-" "Wget/1.9.1" 192.168.0.31 - - [04/Aug/2004:19:08:17 -0500]
> > "\x80\x8c\x01\x03\x01" 501 987 "-" "-"
> >
> > And here is the error_log:
> >
> >         [Wed Aug 04 19:08:17 2004] [error] [client 192.168.0.31] Invalid
> > method in request \x80\x8c\x01\x03\x01
>
> Show us the ssl section of your config files.  I'd guess that your
> SSL-virtual-host is listening only to the loopback address.

Well, as I went about collecting information to post I noticed a *new* file in 
my /etc/apache2/vhosts.d/ directory named yast2_vhosts.conf. Here are the 
contents:

<VirtualHost 192.168.0.31>
# YaST auto define section
 <IfDefine SSL>
  SSLEngine off
 </IfDefine>
 DocumentRoot /srv/www/htdocs/
 ServerName avalon2.paulsen.org
 ServerAdmin root@avalon.paulsen.org
</VirtualHost>

I hid this file, restarted apache2 and all is now well again. SuSE's Yast 
program put that there 2 days ago.  Looking at the Yast logs I see this was 
my error -- At the time, I was using Yast to fool around with virtual hosts 
and didn't put everything back the way it was. It took me two days to notice 
since most of my URLs used localhost. I tripped over a seldom used one to day 
that happened to use the actual host name.

Thanks for the clue (virtual hosts) that put me in the right frame of mind to 
figure this out!

-- 
Robert C. Paulsen, Jr.
robert@paulsenonline.net

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Can only access via localhost with SSL

Posted by Joshua Slive <js...@gmail.com>.

On Wed, 4 Aug 2004 19:29:02 -0500, Robert Paulsen
<ro...@paulsenonline.net> wrote:
>         wget https://localhost
>         wget https://192.168.0.31
> 
> Here is what gets logged in /var/log/apache2/access_log
> 
>         127.0.0.1 - - [04/Aug/2004:19:08:11 -0500] "GET / HTTP/1.0" 200 1456 "-" "Wget/1.9.1"
>         192.168.0.31 - - [04/Aug/2004:19:08:17 -0500] "\x80\x8c\x01\x03\x01" 501 987 "-" "-"
> 
> And here is the error_log:
> 
>         [Wed Aug 04 19:08:17 2004] [error] [client 192.168.0.31] Invalid method in request \x80\x8c\x01\x03\x01

Show us the ssl section of your config files.  I'd guess that your
SSL-virtual-host is listening only to the loopback address.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org