SSL over non-standard port?

apache-2.2 ssl port mod-ssl
18,777

The answer is yes.

It's my mistake, I have setup 127.0.0.1 www.b.com in the /etc/hosts. Then, however I change the apache config files in the remote server, my browser always resolves www.b.com to my localhost, where there is a broken certificate.

Share:
18,777

Related videos on Youtube

Xiè Jìléi
Author by

Xiè Jìléi

Updated on September 18, 2022

Comments

  • Xiè Jìléi
    Xiè Jìléi over 1 year

    I have two different sites in one server: a.com and b.com.

    If I use named virtualhost on ssl port, IE won't work.

    So, I decided to use port 444 for SSL for b.com. However, it seems all browsers give error message:

    Chrome: Error 107 ssl protocol error
Firefox: Error code: ssl_error_rx_record_too_long
Epiphany: SSL handshake failed

    Umm.. I don't know why, but I do have seen some web sites can be accessed like https://example.com:1443.

    Or did I miss something?

    ports.conf:

    NameVirtualHost *:80
Listen 80

<IfModule mod_ssl.c>
    # If you add NameVirtualHost *:443 here, you will also have to change
    # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
    # to <VirtualHost *:443>
    # Server Name Indication for SSL named virtual hosts is currently not
    # supported by MSIE on Windows XP.
    NameVirtualHost *:443
    NameVirtualHost *:444
    Listen 443
    Listen 444
</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
    Listen 444
</IfModule>

    b.site:

    <VirtualHost *:444>
    ServerName  www.b.com:444
    ServerAdmin [email protected]

    LogLevel  error
    ErrorLog  /var/log/apache2/b_error.log
    CustomLog /var/log/apache2/b_access.log combined

    DocumentRoot ...

    <Directory ...>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>

    SSLEngine on
    SSLCertificateFile    /etc/ssl/certs/b.crt
    SSLCertificateKeyFile /etc/ssl/private/b.pem

</VirtualHost>

    CA config file to generate the certificate:

    [ca]
default_ca              = CA_default

[CA_default]
x509_extensions         = root_ca_extensions

[req]
default_bits            = 4096
default_keyfile         = 
distinguished_name      = req_distinguished_name
attributes              = req_attributes
prompt                  = no
x509_extensions         = v3_ca
req_extensions          = v3_req

[req_distinguished_name]
C     = ...
ST   = ..
O     = ...
OU   = ..
CN   = ...
emailAddress        = [email protected]

[req_attributes]

[root_ca_extensions]
basicConstraints        = CA:true

[v3_ca]
basicConstraints        = CA:true

[v3_req]
basicConstraints        = CA:false
keyUsage                = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName          = @alt_names

[alt_names]
DNS.1 = b.com
DNS.2 = www.b.com
    • DerfK
      DerfK almost 12 years
      Update the question with the configuration for port 444's VirtualHost block
    • uSlackr
      uSlackr almost 12 years
      It is likely your apache config is not correct. Perhaps the listening ports are not set right. If you post a config, we can provide better help
  • Xiè Jìléi
    Xiè Jìléi almost 12 years
    I've just added the port number to see if it works. So, no luck whether or not there is a port number.
  • Mike
    Mike almost 12 years
    generally when I see this it means the browser is talking https on a http port. Is there anything in the error log for the main server or the vhost on startup or connection?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Apache multiple virtual hosts with ssl certificates
How to install godaddy's ssl on apache
Self signed Apache cert error: asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
Apache SSL Log Incomplete SSL Handshake
Is it possible to run an Apache VirtualHost on port 443 with SSL off?
Trouble configuring apache server to proxy an SSL connection
OpenVPN port-share with apache 443/10443 not working
How to run a virtualhost 443 without an SSL cert?
SSL URL gives a 404
CentOS6 - Apache2 working but when installing / enabling SSL, server won't start because of permissions error