On 2018-08-20 01:38 PM, Mahmood Naderan wrote:
[snip]
Now, when I open https://w.x.y.z in firefox, I get
Your connection is not secure
The owner of 5.57.36.104 has configured their website improperly. To
protect your information from being stolen, Firefox has not connected to
this website. >
Hi Sander,
Nice to meet you. Based on your response here, you seem to be more educated
with respect to web security and SSLs. I’m working on developing a startup
that eliminates the difficulty obtaining and installing SSL certs. The
process is overly complicated and ripe for disruption.
If this
>This is because SSL-certs require domain names and don't work properly
>with 'bare IP addresses'. You'll never get that fixed unless you start
>using a domainname and a correct certificate (LetsEncrypt for example).
Thank you very much for the help.
Regards,
Mahmood
Quoting Mahmood Naderan (nt_mahm...@yahoo.com.INVALID):
> >Is default-ssl site "enabled" via the debian/ubuntu tools e.g. a2ensite?
> # a2ensite default-ssl
> Enabling site default-ssl.
Well, there ya go.
> Now, when I open https://w.x.y.z in firefox, I get
> Your connection is not secure
Quoting Mahmood Naderan (nt_mahm...@yahoo.com.INVALID):
> root@webshub:~# grep IfModule /etc/apache2/sites-available/default-ssl.conf
> #
> #
Ok.
> root@webshub:~# apachectl -S
> AH00558: apache2: Could not reliably determine the server's fully qualified
> domain name, using 127.0.1.1. Set the
>Is default-ssl site "enabled" via the debian/ubuntu tools e.g. a2ensite?
# a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Module socache_shmcb
> root@webshub:~# grep IfModule /etc/apache2/sites-available/default-ssl.conf
> #
> #
> root@webshub:~# apachectl -S
> AH00558: apache2: Could not reliably determine the server's fully qualified
> domain name, using 127.0.1.1. Set the 'ServerName' directive globally to
> suppress this message
>
>Is mod_ssl actually loaded/enabled?
>Try removing the lines and check your
>httpd config syntax (apache2ctl -S)
root@webshub:~# grep IfModule /etc/apache2/sites-available/default-ssl.conf
#
#
root@webshub:~# apachectl -S
AH00558: apache2: Could not reliably determine the server's fully
Quoting Mahmood Naderan (nt_mahm...@yahoo.com.INVALID):
> As I posted earlier, SSLEngine is on
> $ cat /etc/apache2/sites-available/default-ssl.conf
>
> So, I really don't know why it listens to http!
Is mod_ssl actually loaded/enabled?
Try removing the lines and check your
httpd config
Hello Mahmood,
Please forgive me if you have already tried this, but have you read the
man pages on HTTPD as there are some very useful command flags which can point
out configuration settings. You could take a look at settings for ‘Redirects'
in the Apache2 online docs too. I’m sorry
As I posted earlier, SSLEngine is on
$ cat /etc/apache2/sites-available/default-ssl.conf
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
Options FollowSymLinks
AllowOverride All
Quoting Mahmood Naderan (nt_mahm...@yahoo.com.INVALID):
> [mahmood@rocks7 ~]$ wget http://w.x.y.z:443
> Connecting to w.x.y.z:443... connected.
> HTTP request sent, awaiting response... 200 OK
> 2018-08-20 10:30:50 (1.95 MB/s) - ‘index.html.1’ saved [33229]
> Any thought?
Did you forget to put
Hi Mahmood,
On Mon, Aug 20, 2018 at 8:11 AM Mahmood Naderan
wrote:
> [mahmood@rocks7 ~]$ wget https://w.x.y.z
> --2018-08-20 10:30:43-- https://w.x.y.z/
> Connecting to w.x.y.z:443... connected.
> OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
> protocol
> Unable to
Hi again
>From another computer I tried to access the IP address via wget command. See
>this output
[mahmood@rocks7 ~]$ wget http://w.x.y.z
--2018-08-20 10:30:38-- http://w.x.y.z/
Connecting to w.x.y.z:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified
>OTOH, seems to be some
>special setup, defaulting to an address from the loopback network
>(127.0.1.1).
I also noted that, but don't know what to do.
>As you seem to receive some resources via HTTP, the request should get
>logged somewhere.
I use "tail -f /var/log/apache2/access.log"
Hi,
Zitat von Mahmood Naderan :
what's in the logs of your httpd server? Any errors reported during
httpd startup and/or your accesses?
When I restart apache2 service, I see these lines in the syslog
Aug 13 22:19:36 webshub systemd[1]: Stopping The Apache HTTP Server...
Aug 13 22:19:36
Hi,
Zitat von Mahmood Naderan :
what's in the logs of your httpd server? Any errors reported during
httpd startup and/or your accesses?
When I restart apache2 service, I see these lines in the syslog
Aug 13 22:19:36 webshub systemd[1]: Stopping The Apache HTTP Server...
Aug 13 22:19:36
>what's in the logs of your httpd server? Any errors reported during
>httpd startup and/or your accesses?
When I restart apache2 service, I see these lines in the syslog
Aug 13 22:19:36 webshub systemd[1]: Stopping The Apache HTTP Server...
Aug 13 22:19:36 webshub apachectl[20543]: AH00558:
Zitat von Mahmood Naderan :
Now, when I open https://w.x.y.z in the browser, I get>>>An error
occurred during a connection to w.x.y.z. SSL received a record that
exceeded the maximum permissible >length. Error code:
SSL_ERROR_RX_RECORD_TOO_LONG
Excuse me... Isn't there any idea?
>Now, when I open https://w.x.y.z in the browser, I get>>>An error occurred
>during a connection to w.x.y.z. SSL received a record that exceeded the
>maximum permissible >length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG
Excuse me... Isn't there any idea?
I searched the web about the
>In ports.conf have a 443 port listen configured? You enable mod_ssl with
>a2enmod mod_ssl?
root@webshub:~# netstat -tulpn | grep 443tcp6 0 0 :::443
:::* LISTEN 14709/apache2
I enabled mod_ssl
root@webshub:~# a2enmod ssl
Considering
In ports.conf have a 443 port listen configured? You enable mod_ssl with
a2enmod mod_ssl?
On Sun, Aug 12, 2018 at 2:52 PM Mahmood Naderan
wrote:
> Hi,
>
> I am totally confused with the configuration of ssl via apache2. The
> server's page is reachable by an IP address. So, when I enter
>
Hi,
I am totally confused with the configuration of ssl via apache2. The server's
page is reachable by an IP address. So, when I enter http://w.x.y.z I am able
to see the web page and the content of
/etc/apache2/sites-available/000-default.conf is
DocumentRoot /var/www/html
23 matches
Mail list logo