I've spent over a day searching for the answer to this and had no luck.
I have apache 2.0.49 running on Redhat EL3. Openssl is installed. But HTTPS requests give me an error:

wwwmydomain.com has sent an incorrect or unexpected message. Error Code: -12281

I can start Apache using apachectl startssl just fine and nothing looks out of the ordinary.
Requests to port 443 work when (and only when) apachectl startssl is run. But https will give me that error whether the request is made to port 80 or 443. Nothing looks out of the ordinary in ssl.conf, and openssl seems to generate keys and certificates just fine. I really don't know what else to look at now, and any help would be greatly appreciated.

(small edit: the dot had to be removed between www and mydomain becuase URLs are not allowed in posts for new members)

But https will give me that error whether the request is made to port 80 or 443.
HTTPS requests are made to port 443 and not 80 (unless you specifically edit the conf for that to work). 443 is the designated port.
Make sure your config is sane, logfiles set, certs and permissions set and config is syntax-tested.focus_ on putting out a well-formed request (https://www.mydomain.com:443/), then check your logfiles for weirdness.
If it still throws an error on port 443 then SSL probably isn't configured correctly. Check with "openssl s_client -state -quiet -connect www.mydomain.com:443" to see if it at least initialises, read/writes cert, key and and cipher info. Post the (logfile) errors (or the URI where to see 'em) and the Apache conf.

BTW (you couldn't know this) but this isn't a security but a configuration problem. I'll move this thread to Linux - General after your reply.

The config file looks sane, the certs and permissions set, I checked both httpd.conf and ssl.conf for wierdness and couldn't find anything, and I double checked the spelling. Nothing seemed wrong except that there was a file stated in the line:
SSLMutex file:/wwwroot/logs/ssl_mutex
that didn't exist. Other than ssl_mutex being missing, I couldn't find anything out of the ordinary


I tried
openssl s_client -state -quiet -connect www.mydomain.com:443
and got the followinf message:

19732:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:475:

I hope this sheds some light on the subject, and I'll look in Linux - General next

I found something else a little strange.

In /wwwroot/logs/error_log I found this message come up every time I restated apache:
Apache/2.0.49 (Unix) mod_ssl/2.0.49 OpenSSL/0.9.7d PHP/4.3.5 configured -- resuming normal operations

whats strange about that is that 'openssl version' returns 'OpenSSL 0.9.7a Feb 19 2003'

The SSL version in /wwwroot/logs/error_log doesn't match the version returned with 'openssl version'

because mod_ssl might have been built using different libssl than your ssl toolkit uses...

I have the exact same problem, did you ever find a solution?

Generated all keys 'nstuff ? read_on : man openssl;
If apache is chrooted, check if you have the devs required for ssl to work (chrun/dev/random urandom &c.)? if not, man mknod.

People, could you please reproduce the following:
apache layout (use find), *.conf, also --> resolv.conf and other services,
Before 'nafter starting apache `netstat` and save the output.

post it somewhere and wait for diagnosis... you really can't tell much from what's said here...
At least a can't.

RTFM!

P.S.
The difference in OpenSSL versions in http signature and in `openssl -v` doesn't matter. Your openssl toolkit can be one version and the mod_ssl some other (especially if it was a binary installation, or if you used shipped openssl toolkit and not system libs... which AFAIR is the default. This doesn't nmatter...

I know its an old thread but....
This is probably caused by not including

"SSLEngine on"

In your <VirtualHosts>