Prev: 11.3, KDE 4.5 rc, Multiple occurrences of sections in kdmrc
Next: time issue during 11.3 install
From: jamesromeongmail.com on 17 Jul 2010 16:44
I set up my ssl certificates following the article in
http://www.novell.com/communities/node/3992/setting-ssltls-apache-sles-10
(but I put the virtual hosts file in /etc/apache2/vhosts.d rather
than /etc/apache2/vhosts in the article) and removed the server
password.

But when I try to access my server (https://localhost), I get

"Secure Connection Failed
An error occurred during a connection to localhost.
SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)"

In the apache2 error_log I get:
[Sat Jul 17 16:35:27 2010] [error] [client ::1] Invalid method in
request \x16\x03\x01

What am I doing wrong?

Thanks,
Jim
From: mjt on 17 Jul 2010 17:16
On Sat, 17 Jul 2010 13:44:46 -0700 (PDT)
"jamesromeongmail.com" <jamesrome(a)gmail.com> wrote:

> I set up my ssl certificates following the article in
> http://www.novell.com/communities/node/3992/setting-ssltls-apache-sles-10
> (but I put the virtual hosts file in /etc/apache2/vhosts.d rather
> than /etc/apache2/vhosts in the article) and removed the server
> password.
>
> But when I try to access my server (https://localhost), I get
>
> "Secure Connection Failed
> An error occurred during a connection to localhost.
> SSL received a record that exceeded the maximum permissible length.
> (Error code: ssl_error_rx_record_too_long)"

Is port 443 open/enabled?
Is port 443 forwarded to the server?
Does the oorts.conf file have the entry:
Listen 443 https
???
Ensure wherever "443" is found, it's "443" and
not some other value (i.e, - fat-fingered)

--
Of all possible committee reactions to any given agenda item, the
reaction that will occur is the one which will liberate
the greatest amount of hot air. - Thomas L. Martin
<<< Remove YOURSHOES to email me >>>

From: jamesromeongmail.com on 17 Jul 2010 18:33
On Jul 17, 5:16 pm, mjt <myswtestYOURSH...(a)gmail.com> wrote:

> Is port 443 open/enabled?
> Is port 443 forwarded to the server?
> Does the oorts.conf file have the entry:
> Listen 443 https
> ???
> Ensure wherever "443" is found, it's "443" and
> not some other value (i.e, - fat-fingered)

Yes, I am sure 443 is enabled, and gets through the firewall. And the
log files show that it is enabled. If I turn off SSL, I get a very
different message. There is no oorts,conf anywhere in /etc

From: jamesromeongmail.com on 18 Jul 2010 10:33
On Jul 17, 6:57 pm, houghi <hou...(a)houghi.org.invalid> wrote:
> jamesromeongmail.com wrote:
> > Yes, I am sure 443 is enabled, and gets through the firewall. And the
> > log files show that it is enabled. If I turn off SSL, I get a very
> > different message. There is no oorts,conf anywhere in /etc
>
> Just did a telnet on port 443:
> houghi(a)penne : telnet 68.53.35.192 443
> 'Trying 68.53.35.192...
> Connected to 68.53.35.192.
> Escape character is '^]'.
> <snip>
>
> My IP is 83.101.44.29 so you should see that in your logfiles. If
> 68.53.35.192 (which I got from your header) is not your IP, you could
> usehttp://nmap-online.com/
> I did not gave my email and still got the response pretty quick.
>
> houghi
> --
> This is written under the inluence of the following:
>
> >   Artist : HIM
> >     Song : Your Sweet 666
> >    Album : Razorblade Romance

I found the problem after more Google searching. I had changed the
host in the virtual host file from _default_ to its real name. When I
changed it back to _default_ everything worked!

<VirtualHost _default_:443>

Those error messages were certainly non-helpful.

Thanks,
Jim
From: mjt on 18 Jul 2010 17:14
On Sat, 17 Jul 2010 15:33:46 -0700 (PDT)
"jamesromeongmail.com" <jamesrome(a)gmail.com> wrote:

> > Ensure wherever "443" is found, it's "443" and
> > not some other value (i.e, - fat-fingered)
>
> Yes, I am sure 443 is enabled, and gets through the firewall. And the
> log files show that it is enabled. If I turn off SSL, I get a very
> different message. There is no oorts,conf anywhere in /etc

Talk about fat-fingering ... I meant, "ports.conf" :)

Good to hear your got it fixed.

--
Loose bits sink chips.
<<< Remove YOURSHOES to email me >>>

 | 
Pages: 1
Prev: 11.3, KDE 4.5 rc, Multiple occurrences of sections in kdmrc
Next: time issue during 11.3 install