Err_ssl_protocol_error

chriss199815 · March 21, 2020, 10:15pm

My domain is: alterblog.net

I ran this command: Tray to open my Site with https

It produced this output: ERR_SSL_PROTOCOL_ERROR

My web server is (include version): Apache/2.4.29

The operating system my web server runs on is (include version): Ubuntu 18.04

My hosting provider, if applicable, is: -

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Webmin 1.941

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.31.0

Hello as the Titel says I get a ERR_SSL_PROTOCOL_ERROR when trying to connect to my site via https. And sadly I haven’t found a solution on the Internet. You can find a copy of my Apache conf here. Just to let you know it is 2020-03-21T22:35:00Z PM here and I am going to sleep soon.

Thanks in Advance
Chriss

Edit: I now also have the Problem that is using the default path ad Root dir eg. /var/www/html/ and not /var/www/alterblog.net it used the correct path before I used a2ensite maybe those a connected?

_az · March 21, 2020, 10:38pm

That method of combining HTTP and HTTPS virtualhosts tends to result in problems based on how Apache parses all the other sites on the same server.

Does splitting them up in the regular way solve the issue?

<VirtualHost *:80>
  ServerName alterblog.net
  DocumentRoot /var/www/alterblog.net
  <Directory "/var/www/alterblog.net">
    allow from all
    Options None
    Require all granted
  </Directory>
</VirtualHost>

<VirtualHost *:443>
  ServerName alterblog.net
  DocumentRoot /var/www/alterblog.net
  <Directory "/var/www/alterblog.net">
    allow from all
    Options None
    Require all granted
  </Directory>

  Include /etc/letsencrypt/options-ssl-apache.conf
  SSLCertificateFile /etc/letsencrypt/live/alterblog.net/fullchain.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/alterblog.net/privkey.pem
</VirtualHost>

chriss199815 · March 22, 2020, 8:46am

Hello,

first, thanks again for your quick help. I have added a redirect Rule to the config you gave me it now looks like this. And it works perfectly.

9peppe · March 22, 2020, 8:48am

If you want you can remove

  Redirect permanent / https://alterblog.net
  <Directory "/var/www/alterblog.net">
    allow from all
    Options None
    Require all granted
  </Directory>

and then run certbot enhance --redirect -d alterblog.net to get a better redirect.

chriss199815 · March 22, 2020, 11:02am

Ok i don't know why it is better but it seams to work fine.
Could you explain why this solution is better?

9peppe · March 22, 2020, 11:18am

because it's automatized and it's been debugged over a long time. what does your config say now?

chriss199815 · March 22, 2020, 12:28pm

It looks like this now:
<VirtualHost *:80>
ServerName alterblog.net
DocumentRoot /var/www/alterblog.net
RewriteEngine on
RewriteCond %{SERVER_NAME} =alterblog.net
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

<VirtualHost *:443>
  ServerName alterblog.net
  DocumentRoot /var/www/alterblog.net
  <Directory "/var/www/alterblog.net">
    allow from all
    Options None
    Require all granted
  </Directory>

  Include /etc/letsencrypt/options-ssl-apache.conf
  SSLCertificateFile /etc/letsencrypt/live/alterblog.net/fullchain.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/alterblog.net/privkey.pem
</VirtualHost>

Edit: Dosnt know why the formating isn’t working.

9peppe · March 22, 2020, 12:29pm

it looks good.

9peppe · March 22, 2020, 12:31pm

``` before and after works every time. otherwise, 4 spaces on the beginning of the line.

system · April 21, 2020, 12:31pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.