unknown protocol

[Tom Bartling]

Hi,   I am new to the list and relatively new to administering SSL, so please forgive me if this is not the right place to ask this question.   I am having trouble getting SSL to work. I'm on FreeBSD 4.5 Stable with apache+mod_ssl-1.3.27+2.8.14 and openssl-0.9.7a_2.   Everything seems to have installed okay and I can run apachectl startssl without any problems, but I can't get SSL to actually work. When I try to go the url via https, it immediately displays the dreaded "this page cannot be displayed" message. When I run apachectl configtest, it spits out the following:   apachectl configtest [Tue May 27 23:20:56 2003] [warn] Loaded DSO libexec/apache/libphp4.so uses plain Apache 1.3 API, this module might crash under EAPI! (please recompile it with -DEAPI) Syntax OK   PHP works without any problems, so I'm not concerned about that at the moment. The manual says to try:   openssl s_client -connect localhost:443 -state -debug   As an alternative, it suggests:   curl https://localhost/   Both display an error message:   SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol   So, I'm thinkin' that the problem is in the httpd.conf file. A few things that are in there of importance (excluding comments and all of the other stuff) include:   Port 80   <IfDefine SSL> Listen 80 Listen 443 </IfDefine>   <IfDefine SSL> #<VirtualHost www.mintecommerce.com:443> #<VirtualHost secure.mintecommerce.com:443> #<VirtualHost mintecommerce.com:443> #<VirtualHost *:443> <VirtualHost _default_:443>   DocumentRoot "/usr/local/www/data" ServerName www.mintecommerce.com ServerAdmin [EMAIL PROTECTED] ErrorLog /var/log/httpd-error.log TransferLog /var/log/httpd-access.log   SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile /usr/local/etc/apache/ssl.crt/server.crt SSLCertificateKeyFile /usr/local/etc/apache/ssl.key/server.key SSLCACertificatePath /usr/local/etc/apache/ssl.crt SSLCARevocationPath /usr/local/etc/apache/ssl.crl SSLVerifyClient require </VirtualHost> </IfDefine>   You can see where I tried different versions of the VirtualHost tag (I did change the ServerName value for each variation). This is a server that hosts several sites, but they all use the same IP, so all of the VirtualHost tags are   <VirtualHost *> ... </VirtualHost>   This seems to get the job done for the few sites on this one computer, but now I need SSL. I'm at a loss and any help would be appreciated.   TIA,   Tom