logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in  RSS Apache Lounge  


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.



Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: SSL Handshake Interrupted
Author
apishdad



Joined: 01 Jul 2019
Posts: 6
Location: Canada, Toronto

PostPosted: Wed 21 Oct '20 9:02    Post subject: SSL Handshake Interrupted Reply with quote

Hi,
I am having some issue when starting Apache. The service starts fine but I keep getting the following in my logs:

AH02007: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]

The SSL certificate loads fine and people can use the site, but this message keeps on coming up.

I have defined my virtual hosts as follows:
<virtualhost *:443>
servername www.abc.com
etc...

and when I change to
<virtualhost www.abc.com:443>

it works fine. Until I have multiple virtualhosts and then it gives the same error again.

Anybody has any ideas?
Whats the proper way to define virtualhosts?

Is it
<virtualhost *:443>
or
<virtualhost www.abc.com:443>

I have tried both cases, and both work, but whats the right way?

Thanks
Afshin
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 6859
Location: Germany, Next to Hamburg

PostPosted: Thu 22 Oct '20 15:40    Post subject: Reply with quote

Please post your current SSL config.
Back to top
tangent



Joined: 16 Aug 2020
Posts: 19
Location: UK

PostPosted: Thu 22 Oct '20 18:02    Post subject: Reply with quote

I would go for the form which listens on all defined interfaces, and then define the ServerName associated with that virtual host, viz.

Code:
<VirtualHost *:443>
  ServerName www.abc.com

  SSLEngine on
  SSLCertificateFile "conf/www.abc.com.crt"
  SSLCertificateKeyFile "conf/www.abc.com.key"

  etc...
</VirtualHost>

Repeat for each virtual host as required, noting your common SSL configuration should be defined before the VirtualHost blocks.

You will need local host/DNS entries which resolve to one of your defined interfaces. Also the first VirtualHost definition is the default one, which will be used if the hostname in the SNI request does not match any of the virtual host ServerName entries.

This setup has worked for me.
Back to top
apishdad



Joined: 01 Jul 2019
Posts: 6
Location: Canada, Toronto

PostPosted: Tue 27 Oct '20 9:09    Post subject: Reply with quote

Thanks for the reply back.
I have combined my virtual host block with my main block in one file.

Here is the whole file


Admin note : moved the whole file to : https://apaste.info/hFl3 , see forum rules.
Back to top
apishdad



Joined: 01 Jul 2019
Posts: 6
Location: Canada, Toronto

PostPosted: Tue 27 Oct '20 9:14    Post subject: Reply with quote

Why does the SSL Configuration needs to be declared before the virtual host block. I have configured few servers where the SSL configuration is defined within the virtual hosts block and they work just fine.

Appreciate your response.

Thanks
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 6859
Location: Germany, Next to Hamburg

PostPosted: Tue 27 Oct '20 16:51    Post subject: Reply with quote

apishdad wrote:
Why does the SSL Configuration needs to be declared before the virtual host block.


There are several places where many option can be defined. For example SSLCipherSuite can be server config, virtual host, directory, .htaccess
SSLHonorCipherOrder can be in server config, virtual host

Most people declare that in Server config / global, to have the same settings for each vhost. And not have redundant config lines.
Back to top
apishdad



Joined: 01 Jul 2019
Posts: 6
Location: Canada, Toronto

PostPosted: Mon 02 Nov '20 6:32    Post subject: Reply with quote

Thanks James, I really appreciate your answer
Afshin
Back to top


Reply to topic   Topic: SSL Handshake Interrupted View previous topic :: View next topic
Post new topic   Forum Index -> Apache