I'm attempting to configure Apache on my small server to utilize ssl, but each time I visit my website, I recieve the next message during my browser:
SSL connection error. Not able to create a secure link with the server. This might be an issue with the server, or it might be needing a customer authentication certificate you don't have. Error 107 (internet::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.
The mistake message above appears to become indigenous to Google Chrome. However, despite the fact that the messages will vary, ssl for that website is not focusing on any browser.
Some background around the situation: I'm using Ubuntu 10.04 desktop edition. I installed apache by setting up zend server (it installed apache instantly). Then i installed openssl. Non-https pages work fine on the website. I attempted getting trial certificates from multiple certificate sites but there is nothing working (same error). I had been formerly hosting my website on another server which ssl labored all right. I additionally attempted while using key and crt file from that server, however i got exactly the same error. The domain title and IP are the same though. My SSLCertificateFile and SSLCertificateKeyFile are going towards the correct directory and files. I additionally don't have SSLVerifyClient enabled.
If anybody has any suggestions, it might be most appreciated.
I did not understand what I had been doing after i began altering the Apache configuration. I acquired odds and ends think it is working until I went in to the same issue you experienced, particularly Chrome getting this error.
Things I did was comment out all of the site-specific directives that are utilized to configure SSL verification, confirmed that Chrome allow me to in, examined the documentation before directive before re-enabling one, and restarted Apache. By carefully dealing with these you need to have the ability to discover which one(s) are leading to your condition.
During my situation, I went out of this:
SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars +StrictRequire SSLRequireSSL On
<Location /sessions> SSLRequireSSL SSLVerifyClient require </Location>
As you can tell I'd a reasonable quantity of changes to obtain there.
I experienced this problem, also because of misconfiguration. I had been using tomcat as well as in the server.xml had specified my connector as a result:
<Connector port="17443" SSLEnabled="true" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keyAlias="wrong" keystorePass="secret" keystoreFile="/ssl/right.jks" />
After i fixed it thusly:
<Connector port="17443" SSLEnabled="true" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keyAlias="right" keystorePass="secret" keystoreFile="/ssl/right.jks" />
It labored not surprisingly. Quite simply, verify that you simply not just possess the right keystore, but you have specified the right alias beneath it. Just invaluable hint user396404.