You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "J. Bakshi" <jo...@infoservices.in> on 2010/12/03 13:12:10 UTC
[users@httpd] problem setting https:// in local server
Hello list,
I have no issue making virtual domain in a local-server with apache vhost technique, so users within the intranet can access those virtual domains, once they have the proper entry in their own /etc/hosts file. But the problem is with virtual domains having SSL support. Visiting such sites from workstation within the intranet through firefox reports
```````````````````````
SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)
````````````````````
Obviously the domain entry is already there in the /etc/hosts of the workstation from where the site is called ; like
192.168.1.1 mydomain.com
Could anyone suggest any clue which cause the problem ? ( there is nothing available in the log )
Here is the configuration of such a SSL enable virtual domain
``````````````````````````````
Listen 400
<VirtualHost mydomain.com:400>
ServerName https://mydomain.com:400
ServerAlias https://mydomain.com:400
SSLEngine on
# Here, I am allowing only "high" and "medium" security key lengths.
SSLCipherSuite HIGH:MEDIUM
# Here I am allowing SSLv3 and TLSv1, I am NOT allowing the old SSLv2.
SSLProtocol all -SSLv2
# Server Certificate:
SSLCertificateFile /etc/apache2/mycert/server.crt
# Server Private Key:
SSLCertificateKeyFile /etc/apache2/mycert/ssl.key
DocumentRoot /var/www/mydomain.com
<Directory /var/www/mydomain.com/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
`````````````````````````````
-with regards
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] problem setting https:// in local server
Posted by Eric Covener <co...@gmail.com>.
On Fri, Dec 3, 2010 at 7:12 AM, J. Bakshi <jo...@infoservices.in> wrote:
> Hello list,
>
> I have no issue making virtual domain in a local-server with apache vhost technique, so users within the intranet can access those virtual domains, once they have the proper entry in their own /etc/hosts file. But the problem is with virtual domains having SSL support. Visiting such sites from workstation within the intranet through firefox reports
>
> ```````````````````````
> SSL received a record that exceeded the maximum permissible length.
>
> (Error code: ssl_error_rx_record_too_long)
> ````````````````````
>
> Obviously the domain entry is already there in the /etc/hosts of the workstation from where the site is called ; like
>
> 192.168.1.1 mydomain.com
>
> Could anyone suggest any clue which cause the problem ? ( there is nothing available in the log )
>
> Here is the configuration of such a SSL enable virtual domain
>
> ``````````````````````````````
> Listen 400
> <VirtualHost mydomain.com:400>
>
Use * or an ip address here if you can instead of a hostname. If you
use an IP address, it has to match the local interface the connection
appears on.
You may not even be hitting this virtualhost, and instead hitting the
base configuration which is not SSL enabled.
--
Eric Covener
covener@gmail.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org