# Apache2 ssl, getting error 12281 in browser.

## hardkaare

Hi

I have a problem with apache and ssl, I can't access my ssl sites anymore. 

everytime I try i get the  12281 error in my browser.

It happned after I have runned etc-update and installed jboss, and restarted apache2.

I have uninstalled jboss, and looked in my config files, but they seems to ok.

I can see that apache is listning on 443, with netstat -nat, and I can also telnet to it, but if I execute a get command it gives me the code from the first  ssl vhost in the list.

I have also tryed to recompile apache2 and openssl, and make new certs, with no luck.

the only error I can produce is this one:

```

openssl s_client -connect emailweb.dk:443 -state -debug

CONNECTED(00000003)

SSL_connect:before/connect initialization

write to 080B17C0 [080B1808] (142 bytes => 142 (0x8E))

0000 - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00   ......c... ..9..

0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0   8..5............

0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00   ..3..2../.....f.

0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00   .............c..

0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40   b..a...........@

0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00   ..e..d..`.......

0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 8e bf   ................

0070 - 52 a9 5d f4 da cf 32 ef-42 ce d2 dd 3c bc e7 a8   R.]...2.B...<...

0080 - 6b 64 b4 61 b0 35 ad 61-44 3a 8d c4 de f9         kd.a.5.aD:....

SSL_connect:SSLv2/v3 write client hello A

read from 080B17C0 [080B6D68] (7 bytes => 7 (0x7))

0000 - 3c 21 44 4f 43 54 59                              <!DOCTY

SSL_connect:error in SSLv2/v3 read server hello A

12314:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:478:

```

App versions:

```
[ebuild   R   ] net-www/apache-2.0.54-r7  +berkdb -debug -doc +gdbm +ipv6 -ldap +ssl -static -threads 0 kB

[ebuild   R   ] dev-libs/openssl-0.9.7e-r1  -bindist -debug -emacs -test 0 kB

[ebuild   R   ] dev-php/php-4.3.11  -X +berkdb +crypt -curl -debug -doc -fdftk -firebird -flash -freetds +gd -gd-external +gdbm -gmp -hardenedphp +imap -informix +ipv6 +java* +jpeg -kerberos -ldap -mcal -memlimit -mssql +mysql +ncurses +nls -oci8 -odbc +pam +pdflib +png -postgres -qt +readline -snmp +spell +ssl +tiff +truetype +xml2 -yaz 0 kB

[ebuild   R   ] dev-php/mod_php-4.3.11  -X +apache2 +berkdb +crypt -curl -debug -doc -fdftk -firebird -flash -freetds +gd -gd-external +gdbm -gmp -hardenedphp +imap -informix +ipv6 +java* +jpeg -kerberos -ldap -mcal -memlimit -mssql +mysql +nls -oci8 -odbc +pam +pdflib +png -postgres -qt -snmp +spell +ssl +tiff +truetype +xml2 -yaz 0 kB
```

Hope someone can help.

Best Regards.

Kaare

[/code]

----------

## tuxmin

I'd say although your apache listens on port 443 it does not speak https on this port.

If you telnet to a https port the first thing you should see is the SSL handshake protocol. You shouldn't get anything human readable when typing GET!

Edit: Do you have "-D SSL" in you /etc/conf.d/apache2?

Hth, Alex!!!

----------

## drax_

As tuxmin said, make sure the SSL stuff is loaded. Look at your /server-info (if you set it up). And the vhost has SSLEngine on, etc.....

What does /var/log/apach.... have to say about this when you request a page?

----------

## hardkaare

HI and thx for the anwsers.

Loks like all vhosts need SSLEngine on, now

Before I could just se the default 443 vhost with SSLEngine one, hmm

So know im putting SSLEngine on in every 443 <virtualhost>

I was told that in apache 2.1 and newver you can just do i like this listen ip:443 https

Thx for helping me out.

----------

