Hi David, 2018-01-29 19:45 GMT-08:00 David Mehler <dave.meh...@gmail.com>:
> Hello, > > Can someone take a look at the below virtual host configuration? > Whenever I put it in my apache 2.4 the server returns an alert > unexpected network read error connection aborted message. If I take it > out the server behaves normally. Of course nothing is in any of the > logs I've got LogLevel set to warn. An apachectl -t says the files are > syntactically correct. > > Any ideas? > > Thanks. > Dave. > > # > # Virtual host file > # > > # The example.com http and https virtual host > <VirtualHost *:80 *:443> > > SSLCertificateFile "/usr/local/etc/ssl/acme/example.com/fullchain.pem" > SSLCertificateKeyFile "/usr/local/etc/ssl/acme/private/ > example.com/privkey.pem" > SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE- > RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE- > RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA- > AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA128:ECDHE-RSA- > AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA- > AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE- > RSA-AES128-SHA128:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA: > ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM- > SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA128: > AES128-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:! > EXPORT:!DES:!MD5:!PSK:!RC4:!3DES > SSLEngine on > > In this way you are enabling SSL/TLS on both 80 and 443 port, I don't believe that it will work (even if I didn't test it properly). Any reason why you have this settings? Can you try without the "*:80" ? In your case I'd simply create a *:80 Vhost to force a http->https redirect, and then apply SSL/etc.. settings only to *:443. Luca
