LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 05-23-2008, 11:58 PM   #1
kustomjs
Member
 
Registered: Apr 2007
Posts: 37

Rep: Reputation: 15
Cant Get SSL working on Ubuntu Server 8.04


Hi Guys
I cant get my ssl to work and I cant even get my https working what do I need to do? here is my server info:

Server Host: XXXXXXconnection (XXX.XXX.X.X) Database Host: localhost (127.0.0.1)
Server OS: Linux 2.6.24-16-server Database: MySQL 5.0.51a-3ubuntu5
Server Date: 05/22/2008 21:21:16 Datebase Date: 05/22/2008 21:21:16
Server Up Time: 21:21:16 up 4:58, 1 user, load average: 0.00, 0.00, 0.00
HTTP Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.1 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g
PHP Version: 5.2.4-2ubuntu5.1 (Zend: 2.2.0)
 
Old 05-24-2008, 02:26 PM   #2
kustomjs
Member
 
Registered: Apr 2007
Posts: 37

Original Poster
Rep: Reputation: 15
~~~bump~~~
 
Old 05-26-2008, 05:42 AM   #3
harsshal
Member
 
Registered: Jul 2006
Location: New York, NY
Distribution: redhat,ubuntu,RHEL,fedora,centOS
Posts: 105

Rep: Reputation: 15
try disabling firewall or setting SSL as trusted in firewall.
you can do this at

System->firewall tab
 
Old 07-13-2008, 10:14 PM   #4
kustomjs
Member
 
Registered: Apr 2007
Posts: 37

Original Poster
Rep: Reputation: 15
well having the problem and yes I enabled it in my router but this is the error i get from firefox.

Secure Connection Failed
An error occurred during a connection to cbcperformance.net.

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long)

and i have 2 sites running on the same server.
sites i am running is:
jbodyconnection.com
cbcperformance.net
 
Old 07-14-2008, 12:50 AM   #5
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
If http://cbcperformance.net/ is indeed your site (some oscommerce stuff), I get the following error when accessing it over https:
Code:
cbcperformance.net has sent an incorrect or unexpected message. Error code -12263
I tested this on my own http site (using https instead of http) and get the same error.

It basically means that you haven't setup ssl for the sites. You can check the apache error logs and you will probably see something like
Code:
[Mon Jul 14 07:18:10 2008] [error] [client 172.18.32.2] Invalid method in request \x16\x03\x01
I don't use Ubuntu for servers so can not really advise. On Slackware 12, there are two config files for virtual hosts, one for normal sites (http) and one for secure sites (https).

Your https site (virtualhost) should look like this:
Code:
Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

SSLPassPhraseDialog  builtin

#SSLSessionCache         dbm:/var/run/httpd/ssl_scache
SSLSessionCache        shmcb:/var/run/httpd/ssl_scache(512000)
SSLSessionCacheTimeout  300

SSLMutex  file:/var/run/httpd/ssl_mutex

# command centre incident logging virtual host
<VirtualHost 172.18.32.234:443>

DocumentRoot "/home/cc/www/ils/web"
ServerName cc.btd-techweb02:443
ServerAdmin a@bc.c
ErrorLog /var/log/httpd/error_log.cc
TransferLog /var/log/httpd/access_log

SSLEngine on

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/webcertificates/cc_btd-techweb02.crt
SSLCertificateKeyFile /etc/httpd/webcertificates/btd-techweb02.key

<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/srv/httpd/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

BrowserMatch ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog /var/log/httpd/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

    <Directory "/home/cc/www/ils/web">
        Order allow,deny
        Allow from all
    </Directory>

</VirtualHost>
# tacroom scheduler and  incident logging virtual host
<VirtualHost 172.18.32.235:443>
...
...
...
</VirtualHost>
The italic part is generic and the bold section is per site. You need to have certificates in place for both sites and both sites need to have their own ip-address.

PS I've visited both sites and they look the same which might be another problem that you have.

Last edited by Wim Sturkenboom; 07-14-2008 at 12:52 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
working with ubuntu server msound Ubuntu 3 01-09-2008 04:36 PM
Ubuntu, Squid Transparent Proxy server is not working pocs Linux - Networking 6 10-31-2007 10:42 AM
Keys not working in Ubuntu server Dilleyboy Linux - Hardware 1 04-27-2007 08:32 AM
Getting SSL Working Spreegem Debian 2 03-15-2005 04:17 PM


All times are GMT -5. The time now is 04:07 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration