LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 04-04-2008, 01:51 PM   #1
leo22838
LQ Newbie
 
Registered: Apr 2008
Location: Guatemala
Distribution: redhat, suse
Posts: 2

Rep: Reputation: 0
apache 1.3.27, https url returns error -12263 in Firefox, fatal error (40) in Opera


Hello all. This is my situation:

I've got apache 1.3.27 running on a RedHat 7.3 server. We have several virtual hosts for the same domain, one of which has ssl enabled. Another vhost was recently added, but this one is for a different domain from the others and needs to be running ssl. We purchased another ssl certificate (wildcard type, unlike the first; both are from different CA's) and, due to ssl not working with different domains for the same ip address, configured the vhosts so that https requests are served on port 81 for the recent vhost with different domain.

Here are my relevant httpd.conf file lines:

------------------------------------
<IfDefine HAVE_SSL>
Listen 80
Listen 81
Listen 443
</IfDefine>

ServerName www.domain1.com

NameVirtualHost 10.1.20.2

************
(the following lines are not in the httpd.conf file but on a Vhosts.conf file)

<VirtualHost 10.1.20.2>
ServerAdmin webmaster@domain1.com
DocumentRoot /var/www/vhosts/domain1.com/htdocs
ScriptAlias /cgi-bin/ "/var/www/vhosts/domain1.com/cgi-bin/"
ServerName domain1.com
ErrorLog /var/www/vhosts/domain1.com/data/logs/domain1.com-error_log
CustomLog /var/www/vhosts/domain1.com/data/logs/domain1.com-access_log common
</VirtualHost>

<VirtualHost 10.1.20.2>
ServerAdmin webmaster@domain1.com
DocumentRoot /var/www/vhosts/domain1.com/htdocs
ScriptAlias /cgi-bin/ "/var/www/vhosts/domain1.com/cgi-bin/"
ServerName www.domain1.com
ErrorLog /var/www/vhosts/domain1.com/data/logs/domain1.com-error_log
CustomLog /var/www/vhosts/domain1.com/data/logs/domain1.com-access_log common
</VirtualHost>

<VirtualHost 10.1.20.2>
ServerAdmin webmaster@domain1.com
DocumentRoot /var/www/vhosts/test.domain1.com/htdocs
ScriptAlias /cgi-bin/ "/var/www/vhosts/test.domain1.com/cgi-bin/"
ServerName test.domain1.com
ErrorLog /var/www/vhosts/test.domain1.com/data/logs/test.domain1.com-error_log
CustomLog /var/www/vhosts/test.domain1.com/data/logs/test.domain1.com-access_log common
</VirtualHost>

.
.
.

<VirtualHost 10.1.20.2>
ServerAdmin webmaster@domain2.com
DocumentRoot /path/to/domain2.com/htdocs
ScriptAlias /cgi-bin/ "/var/www/vhosts/domain2.com/cgi-bin/"
ServerName www.domain2.com
ErrorLog /var/www/vhosts/domain2.com/data/logs/domain2.com-error_log
CustomLog /var/www/vhosts/domain2.com/data/logs/domain2.com-access_log common
</VirtualHost>


*************

<IfDefine HAVE_SSL>
<VirtualHost 10.1.20.2:443>
ServerName domain1.com
DocumentRoot "/var/www/vhosts/domain1.com/htdocs"
ErrorLog logs/error_log
TransferLog logs/access_log

SSLEngine on

SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
SSLCACertificateFile /etc/httpd/conf/ssl.crt/intermediate.crt

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/vhosts/domain1.com/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

<VirtualHost 10.1.20.2:81>
ServerName www.domain2.com
DocumentRoot "/var/www/vhosts/domain2.com/htdocs"
ErrorLog logs/error_log
TransferLog logs/access_log

SSLEngine On

SSLCertificateFile /etc/httpd/conf/domain2-certs/dom2-server.crt
SSLCertificateKeyFile /etc/httpd/conf/domain2-certs/dom2-key.key
SSLCertificateChainFile /etc/httpd/conf/domain2-certs/dom2-intermediate.txt

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/vhosts/domain2.com/cgi-bin">
SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

</IfDefine>

---------------------------------------------------

Domain1.com is working just fine, http and http requests. When trying to access http://www.domain1.com, the index.htm page loads fine, but when trying to access https://www.domain2.com:81, Firefox displays an alert that says "www.domain2.com has sent an incorrect or unexpected message. Error Code: -12263", Opera displays a page with the lines "Error! Could not connect to remote server... Secure connection: fatal error (40).

I ran the "openssl s_client -connect localhost:81 -state -debug" command, showed me the numerous ssl handshake lines, then when I typed "GET" it did show the code of my index.htm file.

I've been struggling with this issue for around two weeks now and have been unable to solve it . Any help will be greatly appreciated.

Thanks,


Leonel
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SSL Error 12263 on OpenSUSE 10.2 running Apache 2, and OpenSSL 0.9.8d ieduarte73 Linux - Server 1 03-30-2008 08:16 AM
https returns 403 forbidden error sumanc Linux - Server 2 12-11-2007 07:56 AM
HTTPS returns error code -12263 mesh2005 Linux - Server 3 07-10-2007 11:52 AM
gmplayer returns a fatal error when trying to play a DVD lagu2653 Linux - Software 4 10-28-2005 01:39 PM
scanpci returns fatal error & modem init string? billybob92 Linux - Newbie 1 02-01-2004 02:12 PM


All times are GMT -5. The time now is 06:46 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration