SSL "connection interrupted" apache not listening on 443

httpd and ssl issues.

When I try and run "apache2ctl restart" I get the error

Code:

httpd not running, trying to start

here's the output of error_log from the httpd folder:

Code:

[Tue Jun 24 21:41:13 2008] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Tue Jun 24 21:41:13 2008] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Tue Jun 24 21:41:13 2008] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Tue Jun 24 21:41:13 2008] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Tue Jun 24 21:41:16 2008] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Tue Jun 24 21:41:16 2008] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
du: cannot read directory `/var/www/web3/.subversion/auth': Permission denied
du: cannot read directory `/var/www/web3/user/magento/Maildir': Permission denied
du: cannot read directory `/var/www/web3/user/magento/.spamassassin': Permission denied
du: cannot read directory `/var/www/web3/.subversion/auth': Permission denied
du: cannot read directory `/var/www/web3/user/magento/Maildir': Permission denied
du: cannot read directory `/var/www/web3/user/magento/.spamassassin': Permission denied
[Wed Jun 25 00:35:14 2008] [notice] caught SIGTERM, shutting down
[Wed Jun 25 00:36:39 2008] [notice] Apache configured -- resuming normal operations
[Wed Jun 25 00:36:39 2008] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Wed Jun 25 00:37:38 2008] [notice] caught SIGTERM, shutting down
[Wed Jun 25 00:37:45 2008] [notice] Apache configured -- resuming normal operations
[Wed Jun 25 00:37:45 2008] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Wed Jun 25 00:46:51 2008] [error] mod_ssl: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!] (System error follows)
[Wed Jun 25 00:46:51 2008] [error] System: Connection reset by peer (errno: 104)
[Wed Jun 25 00:53:01 2008] [notice] caught SIGTERM, shutting down
[Wed Jun 25 00:54:18 2008] [notice] Apache configured -- resuming normal operations
[Wed Jun 25 00:54:18 2008] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Wed Jun 25 01:36:24 2008] [notice] caught SIGTERM, shutting down
[Wed Jun 25 01:37:47 2008] [notice] Apache configured -- resuming normal operations
[Wed Jun 25 01:37:47 2008] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Wed Jun 25 09:07:19 2008] [notice] caught SIGTERM, shutting down
[Wed Jun 25 09:08:40 2008] [notice] Apache configured -- resuming normal operations
[Wed Jun 25 09:08:40 2008] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Wed Jun 25 09:12:00 2008] [notice] caught SIGTERM, shutting down

Output of httpd -t

Code:

Syntax OK

output of netstat -tap

Code:

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 *:mysql                 *:*                     LISTEN      4322/mysqld     
tcp        0      0 75-149-58-xxx-SF:domain *:*                     LISTEN      4932/named      
tcp        0      0 75-149-58-xxx-SF:domain *:*                     LISTEN      4932/named      
tcp        0      0 75-149-58-xxx-SF:domain *:*                     LISTEN      4932/named      
tcp        0      0 75-149-58-xxx-SF:domain *:*                     LISTEN      4932/named      
tcp        0      0 web1.xxxxxxxxxx.co:domain *:*                     LISTEN      4932/named      
tcp        0      0 localhost.locald:domain *:*                     LISTEN      4932/named      
tcp        0      0 localhost.localdoma:953 *:*                     LISTEN      4932/named      
tcp        0      0 *:smtp                  *:*                     LISTEN      4885/master     
tcp6       0      0 [::]:imaps              [::]:*                  LISTEN      4443/couriertcpd
tcp6       0      0 [::]:pop3s              [::]:*                  LISTEN      4482/couriertcpd
tcp6       0      0 [::]:pop3               [::]:*                  LISTEN      4462/couriertcpd
tcp6       0      0 [::]:imap2              [::]:*                  LISTEN      4423/couriertcpd
tcp6       0      0 [::]:ftp                [::]:*                  LISTEN      4961/proftpd: (acce
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN      4224/sshd       
tcp6       0      0 ip6-localhost:953       [::]:*                  LISTEN      4932/named      
tcp6       0      0 [::]:smtp               [::]:*                  LISTEN      4885/master     
tcp6       0    720 web1.xxxxxxxxx.com:ssh   192.168.2.134%819:56934 ESTABLISHED 5016/0  

output of df -h

Code:

Filesystem            Size  Used Avail Use% Mounted on
/dev/sda1              36G  2.1G   32G   7% /
varrun                248M   92K  248M   1% /var/run
varlock               248M     0  248M   0% /var/lock
udev                  248M   32K  248M   1% /dev
devshm                248M     0  248M   0% /dev/shm

Now if I "a2dismod ssl" I don't have any problems, but I still don't have ssl!

Code:

root@web1:~/ispconfig/httpd/logs# a2dismod ssl
Module ssl disabled; run /etc/init.d/apache2 force-reload to fully disable.
root@web1:~/ispconfig/httpd/logs# /etc/init.d/apache2 force-reload
 * Reloading web server config apache2
root@web1:~/ispconfig/httpd/logs# apache2ctl restart
httpd not running, trying to start
root@web1:~/ispconfig/httpd/logs# apache2ctl start
httpd (pid 5342) already running
root@web1:~/ispconfig/httpd/logs# apache2ctl restart
root@web1:~/ispconfig/httpd/logs# /etc/init.d/apache2 force-reload
 * Reloading web server config apache2
   ...done.
root@web1:~/ispconfig/httpd/logs# a2enmod ssl
Module ssl installed; run /etc/init.d/apache2 force-reload to enable.
root@web1:~/ispconfig/httpd/logs# /etc/init.d/apache2 force-reload
 * Reloading web server config apache2
   ...done.
root@web1:~/ispconfig/httpd/logs# apache2ctl start
root@web1:~/ispconfig/httpd/logs# apache2ctl restart
httpd not running, trying to start

 

Accidently hit the reply button. ignore this.

 

Seems to be a permissions problem. Are these directories referenced somewhere in your Apache configuration?

 

Hi Folks

I found the same messages on my sys…

Code:

[Tue Oct 14 01:05:07 2008] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error pag
e (OpenSSL library error follows)
[Tue Oct 14 01:05:07 2008] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speakin
g HTTP to HTTPS port!?]
du: cannot read directory `/var/www/web1/user/web1p1/Maildir': Permission denied
du: cannot read directory `/var/www/web1/user/web1p1/.spamassassin': Permission denied
du: cannot read directory `/var/www/web1/user/web1p2/Maildir': Permission denied
du: cannot read directory `/var/www/web1/user/web1p2/.spamassassin': Permission denied
du: cannot read directory `/var/www/web1/user/web1p3/Maildir': Permission denied
du: cannot read directory `/var/www/web1/user/web1p3/.spamassassin': Permission denied
du: cannot read directory `/var/www/web1/user/web1p4/Maildir': Permission denied
du: cannot read directory `/var/www/web1/user/web1p4/.spamassassin': Permission denied
du: cannot read directory `/var/www/web1/user/web1p5/Maildir': Permission denied
du: cannot read directory `/var/www/web1/user/web1p5/.spamassassin': Permission denied
du: cannot read directory `/var/www/web1/user/web1p6/Maildir': Permission denied
du: cannot read directory `/var/www/web1/user/web1p6/.spamassassin': Permission denied
du: cannot read directory `/var/www/web1/user/web1p7/Maildir': Permission denied
du: cannot read directory `/var/www/web1/user/web1p7/.spamassassin': Permission denied
du: cannot read directory `/var/www/web1/user/web1p8/Maildir': Permission denied
du: cannot read directory `/var/www/web1/user/web1p8/.spamassassin': Permission denied
…

It seems to have happened some time before — in May and September, but then usually only with 2-5 entries.

On top of that there are a lot of

Code:

[Tue Oct  7 14:33:38 2008] [error] mod_ssl: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!] (
System error follows)
[Tue Oct  7 14:33:38 2008] [error] System: Connection reset by peer (errno: 104)
[Mon Oct 13 05:35:06 2008] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error pag
e (OpenSSL library error follows)
[Mon Oct 13 05:35:06 2008] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speakin
g HTTP to HTTPS port!?]
[Tue Oct 14 01:05:07 2008] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error pag
e (OpenSSL library error follows)
[Tue Oct 14 01:05:07 2008] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speakin
g HTTP to HTTPS port!?]

in the error_log

This is on Ubuntu 8.04LTS and ISPConfigVersion: 2.2.23

Did you folks come to any conclusions maybe?

Cheers

 

What's the output of

Code:

httpd -t

?
What's in Vhosts_ispconfig.conf?

 

Thanks Falko

Initially httpd -t produced a "httpd: bad user name ${APACHE_RUN_USER}"
So I added this quick fix in apache2.conf

Code:

# These need to be set in /etc/apache2/envvars
#User ${APACHE_RUN_USER}
#Group ${APACHE_RUN_GROUP}
User www-data
Group www-data

and receive a "Syntax OK" now.

As for the "Vhosts_ispconfig.conf"

Code:

###################################
#
# ISPConfig vHost Configuration File
#         Version 1.0
#
###################################
#
NameVirtualHost 88.88.88.8:80
<VirtualHost 88.88.88.8:80>
  ServerName localhost
  ServerAdmin root@localhost
  DocumentRoot /var/www/sharedip
</VirtualHost>
#
#
######################################
# Vhost: www.888888.com:80
######################################
#
#
<VirtualHost 88.88.88.8:80>
ServerName www.888888.com:80
ServerAdmin [email protected]
DocumentRoot /var/www/web1/web
ServerAlias 888888.com
DirectoryIndex index.html index.htm index.php index.php5 index.php4 index.php3 index.shtml index.cgi index.pl index.jsp Default.htm default.htm
Alias  /cgi-bin/ /var/www/web1/cgi-bin/
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
ErrorLog /var/www/web1/log/error.log
AddType application/x-httpd-php .php .php3 .php4 .php5
php_admin_flag safe_mode Off
Alias /error/ "/var/www/web1/web/error/"
ErrorDocument 400 /error/invalidSyntax.html
ErrorDocument 401 /error/authorizationRequired.html
ErrorDocument 403 /error/forbidden.html
ErrorDocument 404 /error/fileNotFound.html
ErrorDocument 405 /error/methodNotAllowed.html
ErrorDocument 500 /error/internalServerError.html
ErrorDocument 503 /error/overloaded.html
AliasMatch ^/~([^/]+)(/(.*))? /var/www/web1/user/$1/web/$3
AliasMatch ^/users/([^/]+)(/(.*))? /var/www/web1/user/$1/web/$3
</VirtualHost>

… and many more alike.

Cheers

 

Are there any SSL vhosts in Vhosts_ispconfig.conf?

 

Just make sure… my error messages are in:

Code:

/root/ispconfig/httpd/logs/error_log

and in

Code:

Vhosts_ispconfig.conf

I do not have any SSL vhosts
Cheers

 

Same result as in earlier post…

Code:

# httpd -t
Syntax OK

 

Can you recreate the ISPConfig SSL certificate?
http://www.howtoforge.com/forums/showthread.php?t=121