• SSL23_GET_SERVER_HELLO:unknown protocol

    Trying to debug yesterday’s The connection to www.raditha.com terminated unexpectedly error with Apache 2 SSL. Tried using the openssl client (openssl s_client -connect raditha.com:443 -state -debug). It produces the following result; As always there are lots of pundits with strong opinions, weak reasoning and no real answers.

    SSL_connect:error in SSLv2/v3 read server hello A
    9439:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:475:

    Finally I decided to roll back all the changes and start off from scratch, First I recreated the certificates/keys, then took the original httpd.conf file and recreated all the VirtualHost entries. Then the following Listen and NameVirtualHost directives were added to the configuration.

    Listen 80
    Listen 443
    NameVirtualHost 67.131.250.71:80
    NameVirtualHost 67.131.250.71:443

    Then for each VirtualHost I specifically stated what port should be used:
    eg:


    ServerName raditha.com
    …..


    ServerName raditha.com:443
    …..

    That did the trick. So without further ado let’s take a look at the section of this site secured with SSL. Please do take a moment to add the the root certificate.

    Friday, September 2nd, 2005 at 04:41
    Tags:
    RSS feed for comments on this post
  • « »
No comments yet.

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
TOP