IS this an issue with SSL certificate


#1

My domain is:www.molleton.fr

I ran this command:

It produced this output:

My web server is (include version):Apache 2.4

The operating system my web server runs on is (include version):Debian 8

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):YES

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):Virtualmin

Hello, my site is unreachable right now and in the error logs i get this message
[Tue Oct 30 03:29:20.198341 2018] [ssl:error] [pid 13004] AH02032: Hostname www.echocommunity.org provided via SNI and hostname molleton.fr provided via HTTP are different

I google a bit and it seems it is an attack, however the site cannot be reached right now, i am waiting for any explanation that could help me solve this isssue (if it is related to SSL of course)
thanks in advance


#2

Hi,

That error message looks like a attack… (AH02032)

However, I’m not sure how to resolve it…
(If there’s all viewers are categorized as this error… You might need to contact virtualmin support)

Sorry…


#3

Hi @refschool

checking the domain names:

D:\temp>nslookup www.molleton.fr.
Name: www.molleton.fr
Address: 163.172.63.51

D:\temp>nslookup www.echocommunity.org.
Name: www.echocommunity.org
Address: 34.202.2.242

These are different ip addresses. But:

Everyone is able to send a https - GET command to the ip 163.172.63.51 with the hostname www.echocommunity.org or whitehouse.gov or example.com.

But: If I change my server, using a new ip address: If there is an old (now wrong) dns entry to my old server and if someone other uses this ip address: He sees the same error.

So it’s not really a problem.

Sample: I have an unused domain, then I can create a dns entry mydomain -> your ip, then I use a tool like wget or something else -> you see log entries.


#4

Thanks Juergen for your input.
Meanwhile i investigated the apache error log and saw this message
AH00016: Configuration Failed

So the issue is not related to the SSL IMHO


#5

Well that was certainly an issue with an SSL
I just applied an strace (method from this page https://www.randomhacks.co.uk/apache-2-4-failed-to-start-ah00016-configuration-failed/ )
I disabled the site was causing the problem, and restarted apache successfully.
I have to further investigate because some other sites are disabled too.