I have been trying to setup SSL virtual host
<VirtualHost *:443>
ServerAdmin webmaster@mts.com
ServerName moclm.tap.pt
SSLEngine on
SSLCertificateFile /etc/ssl/moclm.cer
SSLCertificateKeyFile /etc/ssl/moclm.pem
DocumentRoot /var/www/tapme/
<Directory />
Options FollowSymLinks
AllowOverride All
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
<Directory /var/www/tapme/>
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
#Order allow,deny
#allow from all
</Directory>
</VirtualHost>
For some reason, the server automatically redirect to SSL (http:// to https://). The apache is not configured to redirect and application was working fine on port 80 only. I have no knowledge how the internal network works as i am working remotely.
The SSL error logs show:
[Tue Oct 02 22:40:32 2012] [error] Hostname linemnt01.tap.pt provided via SNI and hostname moclm.tap.pt provided via HTTP are different
I thought may be the hostname has some issue and have changed the hostname of the server from "linemnt01.tap.pt" to "moclm.tap.pt" but the issue is still there.
I am getting the following error on browser:
Bad Request
Your browser sent a request that this server could not understand.
i have /etc/hosts:
127.0.0.1 localhost.localdomain localhost moclm.tap.pt moclm
and openssl returns:
openssl verify -CAfile cert-CA.cer moclm.cer
moclm.tap.pt.cer: OK
I have been trying to troubleshoot the issue but no luck. Need help
Thanks
Best Answer
If your apache config file does not have a line like this
<VirtualHost 192.168.1.100:443>you need to add that before the relevant directory block(s) inapache2/conf/extra/httpd-ssl.confNote the ip address needs to be available on the server and your website hostname (not necessarily the server hostname!) should have a DNS record pointing to that ip address if you want SSL to work without a warning.Assuming you start apache using apachectl, you should run
apachectl configtestbefore restarting apache to see if there are any warnings or errors.