The first warning is telling you that you are serving regular HTTP traffic on what is usually an HTTPS port. This is because you do not have any SSL configuration on the virtual host on port 443. You need "SSLEngine on" and certificate information at least. You can ignore the second warning about "server name indication" unless you specifically want to support really old and insecure browsers.
- Y On Tue, Apr 4, 2017 at 10:47 PM, Robert Moskowitz <r...@htt-consult.com> wrote: > I just noticed the following in error_log on httpd startup: > > [Tue Apr 04 21:20:43.030519 2017] [ssl:warn] [pid 15521] AH01916: Init: ( > z9m9z.test.htt-consult.com:443) You configured HTTP(80) on the standard > HTTPS(443) port! > [Tue Apr 04 21:20:43.030759 2017] [ssl:warn] [pid 15521] AH02292: Init: > Name-based SSL virtual hosts only work for clients with TLS server name > indication support (RFC 4366) > > What does this mean? > > One of my .conf files is: > > # cat 00-init.conf > ServerAdmin r...@htt-consult.com > ServerName z9m9z.test.htt-consult.com > <VirtualHost *:80> > <Directory "/var/www/html"> > Options Indexes FollowSymLinks > AllowOverride None > Require ip 192.168.0.0/16 > </Directory> > </VirtualHost> > <VirtualHost *:443> > <Directory "/var/www/html"> > Options Indexes FollowSymLinks > AllowOverride None > Require ip 192.168.0.0/16 > </Directory> > </VirtualHost> > > httpd -S reports: > > VirtualHost configuration: > *:80 is a NameVirtualHost > default server z9m9z.test.htt-consult.com > (/etc/httpd/conf.d/00-init.conf:3) > port 80 namevhost z9m9z.test.htt-consult.com > (/etc/httpd/conf.d/00-init.conf:3) > port 80 namevhost webmail.test.htt-consult.com > (/etc/httpd/conf.d/roundcubemail.conf:1) > alias webmail > *:443 is a NameVirtualHost > default server z9m9z.test.htt-consult.com > (/etc/httpd/conf.d/00-init.conf:10) > port 443 namevhost z9m9z.test.htt-consult.com > (/etc/httpd/conf.d/00-init.conf:10) > port 443 namevhost webmail.test.htt-consult.com > (/etc/httpd/conf.d/roundcubemail.conf:16) > alias webmail > port 443 namevhost z9m9z.test.htt-consult.com > (/etc/httpd/conf.d/ssl.conf:56) > ServerRoot: "/etc/httpd" > Main DocumentRoot: "/var/www/html" > Main ErrorLog: "/etc/httpd/logs/error_log" > Mutex ssl-stapling: using_defaults > Mutex proxy: using_defaults > Mutex authn-socache: using_defaults > Mutex ssl-cache: using_defaults > Mutex default: dir="/run/httpd/" mechanism=default > Mutex mpm-accept: using_defaults > Mutex authdigest-opaque: using_defaults > Mutex proxy-balancer-shm: using_defaults > Mutex rewrite-map: using_defaults > Mutex authdigest-client: using_defaults > PidFile: "/run/httpd/httpd.pid" > Define: DUMP_VHOSTS > Define: DUMP_RUN_CFG > User: name="apache" id=48 > Group: name="apache" id=48 > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >
