[Systems] git.sugarlabs.org Secure Connection Failed

Bernie Innocenti bernie at codewiz.org
Mon May 11 20:08:52 EDT 2015 

Jita is listening for plain HTTP connections on port 443 :-/

On first inspection, the Apache virtualhost config seems correct:

<VirtualHost *:443>
	Include "/etc/apache2/sites-available/default-common.inc"
	Include "/etc/apache2/sites-available/ssl-common.inc"

         ServerName src.sugarlabs.org
         ServerAlias src.sugarlabs.*
         DocumentRoot /srv/gitorious/repositories-mirror

         <Directory /srv/gitorious/repositories-mirror>
                 Options FollowSymLinks Indexes
                 AllowOverride Options Indexes FileInfo
         </Directory>

         RedirectMatch permanent ^/(.*)\.git$		/$1
         RedirectMatch permanent ^/(.*)\.git/(.*)$	/$1/$2

	CustomLog /var/log/apache2/src.sugarlabs.org.log combined
</VirtualHost>


On 05/11/2015 07:50 PM, James Cameron wrote:
> Reproduced.
>
> Research:
>
> 0.  wget is reporting
>
> OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
> Unable to establish SSL connection.
>
> 1.  the port 443 is returning an unencrypted response
>
> wget http://git.sugarlabs.org:443/ -O -
>
> 2.  openssl test confirms
>
> $ openssl s_client -connect git.sugarlabs.org:443
> CONNECTED(00000003)
> 140575220627104:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:795:
> ---
> no peer certificate available
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 7 bytes and written 305 bytes
> ---
> New, (NONE), Cipher is (NONE)
> Secure Renegotiation IS NOT supported
> Compression: NONE
> Expansion: NONE
> ---
>
> References:
>
> http://stackoverflow.com/questions/15166950/unable-to-establish-ssl-connection-how-do-i-fix-my-ssl-cert
>


-- 
  _ // Bernie Innocenti
  \X/  http://codewiz.org

More information about the Systems mailing list