Apache2 SSL vhosts are hard work
By Odile on Friday, January 30 2009, 14:02 - computing - Permalink
What if, by a sunny Friday afternoon, you find yourself unable to configure Apache2 with SSL and ever again get the same message: Error code: ssl_error_rx_record_too_long
?
That happened to me so I frantically checked everything: the SSL certificate was OK, the Apache configuration syntax also, the port numbers too, the module was loaded and the vhost configuration was OK also.
Looked everywhere on the web. Nothing helped.
Now look at this:
$ sudo apache2ctl -D SSL -S
VirtualHost configuration:
131.246.124.231:80 is a NameVirtualHost
default server ofset6.unix-ag.uni-kl.de (/etc/apache2/sites-enabled/000-default:2)
port 80 namevhost ofset6.unix-ag.uni-kl.de (/etc/apache2/sites-enabled/000-default:2)
port 80 namevhost cvs.ofset.org (/etc/apache2/sites-enabled/cvsweb:7)
port 80 namevhost gnuedu.ofset.org (/etc/apache2/sites-enabled/gnuedu:2)
131.246.124.231:443 is a NameVirtualHost
default server cvs.ofset.org (/etc/apache2/sites-enabled/cvsweb:34)
port 443 namevhost cvs.ofset.org (/etc/apache2/sites-enabled/cvsweb:34)
port 443 namevhost gnuedu.ofset.org (/etc/apache2/sites-enabled/gnuedu:35)
Syntax OK
Do you see the issue now? Yes? Good! Otherwise:
This line
default server cvs.ofset.org (/etc/apache2/sites-enabled/cvsweb:34)
is wrong. For the real, default server name is ofset6.unix-ag.uni-kl.de.
My 'default' vhost configuration was wrong, I had forgotten to write an SSL paragraph (:443) in the default vhost configuration file. That was it. Now I have
$ sudo apache2ctl -D SSL -S
VirtualHost configuration:
131.246.124.231:80 is a NameVirtualHost
default server ofset6.ix-ag.uni-kl.de (/etc/apache2/sites-enabled/000-default:2)
port 80 namevhost ofset6.ix-ag.uni-kl.de (/etc/apache2/sites-enabled/000-default:2)
port 80 namevhost cvs.ofset.org (/etc/apache2/sites-enabled/cvsweb:7)
port 80 namevhost gnuedu.ofset.org (/etc/apache2/sites-enabled/gnuedu:2)
131.246.124.231:443 is a NameVirtualHost
default server ofset6.ix-ag.uni-kl.de (/etc/apache2/sites-enabled/000-default:51)
port 443 namevhost ofset6.ix-ag.uni-kl.de (/etc/apache2/sites-enabled/000-default:51)
port 443 namevhost cvs.ofset.org (/etc/apache2/sites-enabled/cvsweb:34)
port 443 namevhost gnuedu.ofset.org (/etc/apache2/sites-enabled/gnuedu:38)
Syntax OK
and it works .. :-p