Problemas ssl apache

Reinaldo Orrego nano en quodvis.net
Vie Dic 23 12:08:50 CLST 2011


Estimados,

Estoy instalando un servidor web con ssl.

Resumiendo y al grano.

Use la conf por defecto de apache (default-ssl) para crear la
maquina. Y no esta funcionando.


# openssl s_client -servername localhost -connect localhost:443 -state -debug
CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 0x8459878 [0x845a8e0] (113 bytes => 113 (0x71))
0000 - 16 03 01 00 6c 01 00 00-68 03 01 4e f4 8c d2 ab   ....l...h..N....
0010 - ef 6e 26 06 c7 24 b3 e4-f4 30 88 5d 79 4d f0 df   .n&..$...0.]yM..
0020 - d4 ab 6d ed ab 2e fb 09-22 c0 b3 00 00 28 00 39   ..m....."....(.9
0030 - 00 38 00 35 00 16 00 13-00 0a 00 33 00 32 00 2f   .8.5.......3.2./
0040 - 00 05 00 04 00 15 00 12-00 09 00 14 00 11 00 08   ................
0050 - 00 06 00 03 00 ff 02 01-00 00 16 00 00 00 0e 00   ................
0060 - 0c 00 00 09 6c 6f 63 61-6c 68 6f 73 74 00 23      ....localhost.#
0071 - <SPACES/NULS>
SSL_connect:SSLv2/v3 write client hello A
read from 0x8459878 [0x845fe40] (7 bytes => 7 (0x7))
0000 - 3c 21 44 4f 43 54 59                              <!DOCTY
SSL_connect:error in SSLv2/v3 read server hello A
17200:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:607:

Firefox me da el siguiente mensaje.

Secure Connection Failed
      
          An error occurred during a connection to ws.cap.msgg.gov.cl.

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long)

  The page you are trying to view can not be shown because the authenticity of the received data could not be verified.
  Please contact the web site owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.

En mi /etc/apache2/ports.conf tengo esto


NameVirtualHost *:80
Listen 80

<IfModule mod_ssl.c>
    # If you add NameVirtualHost *:443 here, you will also have to change
    # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
    # to <VirtualHost *:443>
    # Server Name Indication for SSL named virtual hosts is currently not
    # supported by MSIE on Windows XP.
    Listen 443
</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>

Cuando  escribo la url:443 me sale un error de not found, en el browser.

No tengo muy claro por donde buscar una solución.

Cordialmente
-- 
Reinaldo Orrego
nano en quodvis.net


Más información sobre la lista de distribución Linux