On 04/04/2017 11:37 PM, Yehuda Katz wrote:
The first warning is telling you that you are serving regular HTTP
traffic on what is usually an HTTPS port. This is because you do not
have any SSL configuration on the virtual host on port 443. You need
"SSLEngine on" and certificate information at least.
thanks. fixed.
You can ignore the second warning about "server name indication"
unless you specifically want to support really old and insecure browsers.
- Y
On Tue, Apr 4, 2017 at 10:47 PM, Robert Moskowitz <r...@htt-consult.com
<mailto:r...@htt-consult.com>> wrote:
I just noticed the following in error_log on httpd startup:
[Tue Apr 04 21:20:43.030519 2017] [ssl:warn] [pid 15521] AH01916:
Init: (z9m9z.test.htt-consult.com:443
<http://z9m9z.test.htt-consult.com:443>) You configured HTTP(80)
on the standard HTTPS(443) port!
[Tue Apr 04 21:20:43.030759 2017] [ssl:warn] [pid 15521] AH02292:
Init: Name-based SSL virtual hosts only work for clients with TLS
server name indication support (RFC 4366)
What does this mean?
One of my .conf files is:
# cat 00-init.conf
ServerAdmin r...@htt-consult.com <mailto:r...@htt-consult.com>
ServerName z9m9z.test.htt-consult.com
<http://z9m9z.test.htt-consult.com>
<VirtualHost *:80>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require ip 192.168.0.0/16 <http://192.168.0.0/16>
</Directory>
</VirtualHost>
<VirtualHost *:443>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require ip 192.168.0.0/16 <http://192.168.0.0/16>
</Directory>
</VirtualHost>
httpd -S reports:
VirtualHost configuration:
*:80 is a NameVirtualHost
default server z9m9z.test.htt-consult.com
<http://z9m9z.test.htt-consult.com> (/etc/httpd/conf.d/00-init.conf:3)
port 80 namevhost z9m9z.test.htt-consult.com
<http://z9m9z.test.htt-consult.com> (/etc/httpd/conf.d/00-init.conf:3)
port 80 namevhost webmail.test.htt-consult.com
<http://webmail.test.htt-consult.com>
(/etc/httpd/conf.d/roundcubemail.conf:1)
alias webmail
*:443 is a NameVirtualHost
default server z9m9z.test.htt-consult.com
<http://z9m9z.test.htt-consult.com>
(/etc/httpd/conf.d/00-init.conf:10)
port 443 namevhost z9m9z.test.htt-consult.com
<http://z9m9z.test.htt-consult.com>
(/etc/httpd/conf.d/00-init.conf:10)
port 443 namevhost webmail.test.htt-consult.com
<http://webmail.test.htt-consult.com>
(/etc/httpd/conf.d/roundcubemail.conf:16)
alias webmail
port 443 namevhost z9m9z.test.htt-consult.com
<http://z9m9z.test.htt-consult.com> (/etc/httpd/conf.d/ssl.conf:56)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
<mailto:users-unsubscr...@httpd.apache.org>
For additional commands, e-mail: users-h...@httpd.apache.org
<mailto:users-h...@httpd.apache.org>
