Difference between revisions of "Apache2 Invalid method in request \x16\x03\x01"

From Noah.org
Jump to navigationJump to search
 
Line 39: Line 39:
 
== could not bind to address 0.0.0.0:443 ==
 
== could not bind to address 0.0.0.0:443 ==
  
If you get this error on startup then it means that you a configuration problem where the server is trying to listen on all interfaces on port 443 and you have told it to listen to port 443 on a specific interface.
+
If you get this error on startup then it means that you have a configuration problem where the server is trying to listen on all interfaces on port 443 and you have told it to listen to port 443 on a specific interface.
  
 
<pre>
 
<pre>

Latest revision as of 18:29, 5 October 2010


You are testing your SSL certificate on port 443 and your browser displays this message:

Invalid method in request \x16\x03\x01

You may also see SSL_ERROR_RX_RECORD_TOO_LONG or "www.example.com has sent an incorrect or unexpected message. Error Code: -12263".

You can try debugging the problem by telnetting to the server on port 443 and issuing a GET command:

# telnet 192.168.0.1 443
Trying 192.168.0.1...
Connected to 192.168.0.1.
Escape character is '^]'.
GET /

If you get back HTML then you know your server is speaking unencrypted HTTP on port 443, which is bad.

This error is due to a misconfiguration of VirtualHost with SSL. The server is trying to respond to a request on port 443 with unencrypted HTTP. In other words, your browser is expecting SSL, but the server is sending plain HTTP on port 443.

Typically your conf/httpd.conf file will include conf/extra/httpd-ssl.conf:

Include conf/extra/httpd-ssl.conf

The default httpd-ssl.conf file will have a section like this:

<VirtualHost _default_:443>
...
</VirtualHost>

Almost certainly the problem is that your server is using this default or the server is not matching your virtual host's IP at all. For SSL to work you must match the virtual host by IP address not name. [Apache2_mod_vhost_alias_ssl|Named virtual host won't work with SSL].

could not bind to address 0.0.0.0:443

If you get this error on startup then it means that you have a configuration problem where the server is trying to listen on all interfaces on port 443 and you have told it to listen to port 443 on a specific interface.

Address already in use: make_sock: could not bind to address 0.0.0.0:443

Probably you have a section with a specific VirtualHost IP address conflicting with the _default_ VirtualHost. A section something like this "<VirtualHost 192.168.0.1:443>" cannot be used with the default section like this "<VirtualHost _default_:443>".