Fixed it -- I commented out the <VirtualHost _default_:443>...</VirtualHost> section of /etc/httpd/conf.d/ssl.conf and it is now working again.
On 01/17/2016 11:48 AM, Ted To wrote: > So in looking at the differences between ssl.conf and ssl.conf.rpmnew, > in addition to my own additions for selecting cipher suites, etc, I see: > > 92c80 > < SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 > --- >> SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA > > where the 2nd line is from ssl.conf.rpmnew. Could the fact that > ":!SEED:!IDEA" is missing from my ssl.conf be causing this problem? > > On 01/17/2016 11:36 AM, Ted To wrote: >> So having run httpd -S, I can see that for port 443, >> >> default server theo.to (/etc/httpd/conf.d/ssl.conf:68) >> >> shows up (which is not right) but then shows up again: >> >> port 443 namevhost theo.to >> (/etc/httpd/sites-enabled/theo.to.conf:7) >> alias www.theo.to >> >> Looking in /etc/httpd/conf.d, I see that there is an ssl.conf.rpmnew. >> Do I need to merge in changes from the new default configuration? >> >> Thanks, >> Ted >> >> On 01/16/2016 07:44 PM, Yehuda Katz wrote: >>> Maybe the updated openssl doesn't like something about your certificates. >>> >>> Does Apache have any warnings or notices when it starts up? >>> Try running httpd -S which lists all the vhosts Apache has and see if it >>> matches what you expect. >>> You may also see the errors from that command (tested on RHEL 7 - not >>> quite the same as Centos, but should be pretty close). >>> >>> - Y >>> >>> On Sat, Jan 16, 2016 at 3:18 PM, Ted To <t...@theo.to >>> <mailto:t...@theo.to>> wrote: >>> >>> Hi, >>> >>> Up until roughly a week ago, my VPS web server was working properly. >>> From what I can see, the only change is that nss, nss-tools, openssl and >>> gnutls were updated. On Monday, Jan 11, I noticed that I was getting an >>> SSL error when running "svn up". When trying to open the url in a web >>> browser, the page would not open but I could open it with w3m by >>> accepting the certificate -- I was directed to the default CentOS apache >>> start page. The strange thing is that it only happens for a minority of >>> my domains/subdomains. >>> >>> I am running Apache 2.4.6 on a Centos 7 box. >>> >>> Any thoughts/suggestions for what could be going on here? >>> >>> Thanks in advance! >>> >>> Ted To >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >>> <mailto:users-unsubscr...@httpd.apache.org> >>> For additional commands, e-mail: users-h...@httpd.apache.org >>> <mailto:users-h...@httpd.apache.org> >>> >>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >> For additional commands, e-mail: users-h...@httpd.apache.org >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
