x16\x03\x01 SSL setup problem

[jscjso]

I have Apache 2.0.63 on a Win32, and I have the http working. Then I added a certificate and tried to get https working . Problem started, I have error message as “ invalid method in request \x16\x03\x01”

This Apache has httpd.conf and ssl.conf files, not a combined file.

Here are the key lines in my httpd.conf
****************************************
ServerRoot "C:/Apache Group/Apache2"
PidFile logs/httpd.pid
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
<IfModule mpm_winnt.c>
ThreadsPerChild 250
MaxRequestsPerChild 0
</IfModule>

Listen 80

LoadModule access_module modules/mod_access.so
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_module modules/mod_auth.so
#LoadModule auth_anon_module modules/mod_auth_anon.so
#LoadModule auth_dbm_module modules/mod_auth_dbm.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule cgi_module modules/mod_cgi.so
#LoadModule dav_module modules/mod_dav.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule dir_module modules/mod_dir.so
LoadModule env_module modules/mod_env.so
#LoadModule expires_module modules/mod_expires.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule headers_module modules/mod_headers.so
LoadModule imap_module modules/mod_imap.so
LoadModule include_module modules/mod_include.so
#LoadModule info_module modules/mod_info.so
LoadModule isapi_module modules/mod_isapi.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
#LoadModule mime_magic_module modules/mod_mime_magic.so
#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule negotiation_module modules/mod_negotiation.so
#LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule status_module modules/mod_status.so
#LoadModule unique_id_module modules/mod_unique_id.so
LoadModule userdir_module modules/mod_userdir.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule vhost_alias_module modules/mod_vhost_alias.so

LoadModule ssl_module modules/mod_ssl.so

Listen 443

ServerName localhost:80

UseCanonicalName Off

DocumentRoot "C:/Apache Group/Apache2/htdocs"

<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>

<Directory "C:/Apache Group/Apache2/htdocs">
Options FollowSymLinks ExecCGI Includes
AddHandler server-parsed .html
AllowOverride None
Order allow,deny
Allow from all
</Directory>

UserDir "My Documents/My Website"
DirectoryIndex index.html

<FilesMatch "^\.ht">
Order allow,deny
Deny from all
</FilesMatch>

TypesConfig conf/mime.types
DefaultType text/plain

<IfModule mod_mime_magic.c>
MIMEMagicFile conf/magic
</IfModule>

HostnameLookups Off
ErrorLog logs/error.log
CustomLog logs/access.log common

ServerTokens Full
ServerSignature On

<Directory "C:/Apache Group/Apache2/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>

<IfModule mod_ssl.c>
Include conf/ssl.conf
</IfModule>
*************************************************

Here are the key lines in my ssl.conf
**************************************************

SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

<IfDefine SSL>

Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex default

NameVirtualHost *:443

<VirtualHost *:443>

DocumentRoot "C:/Apache Group/Apache2/htdocs"
ServerName localhost:443

ErrorLog logs/error_log
TransferLog logs/access_log

SSLEngine on

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile conf/ideatodo.crt
SSLCertificateKeyFile conf/ideatodo.key

SSL Protocol all

<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Satisfy all
</Directory>

<FilesMatch "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "C:/Apache Group/Apache2/cgi">
SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

</IfDefine>
************************************************

I am not sure I do this right. I have modified one of my href line to

https://localhost/xxx.html

as a test to switch from http to https. Everytime I click this link, I generated the x16\x03\x01 error in the log file. Any suggestion will be helpful.

 

[elgrandeperro]

As far as I know, NamedVirtualHost and SSL do not work together. The SSL protocol must negotiate initially, but NameVirtualHost requires that the URL string be available which is only available AFTER negotiation. So it is a chicken and egg problem. BTW, I did not inspect your config for other problems.