SSL Apache site not found

Posted on

SSL Apache site not found – Managing your servers can streamline the performance of your team by allowing them to complete complex tasks faster. Plus, it can enable them to detect problems early on before they get out of hand and compromise your business. As a result, the risk of experiencing operational setbacks is drastically lower.

But the only way to make the most of your server management is to perform it correctly. And to help you do so, this article will share nine tips on improving your server management and fix some problem about apache-2.2, ssl, , , .

I tried to install web2py on our web server but I have to access the admin panel through SSL because there is no graphical interface on the server itself.

I’m not very familiar with setting up an Apache server so I haven’t been able to get this to work. I did run the setup script for web2py which should set the SSL site up, but when I try to connect I just get “This web page is not available”. I can connect to the web2py front page with normal HTTP. I have also tried hacking that a bit but I can’t even see any errors or access attempts in the apache2 logs.

I did run

openssl s_client -state -nbio -connect localhost:443 2>&1 |grep "^SSL"

With the following results

SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:error in SSLv2/v3 read server hello A
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:error in SSLv3 read finished A
SSL_connect:error in SSLv3 read finished A
SSL_connect:SSLv3 read finished A
SSL handshake has read 1435 bytes and written 319 bytes
SSL3 alert read:warning:close notify
SSL3 alert write:warning:close notify

Site in question is and my default-ssl looks like this now:

<IfModule mod_ssl.c>
<VirtualHost _default_:443>
    ServerAdmin webmaster@localhost
    WSGIProcessGroup web2py
    WSGIPassAuthorization On
    WSGIScriptAlias / /home/www-data/web2py/

    <Directory /home/www-data/web2py>
            AllowOverride None
            Order Allow,Deny
                    Allow from all

    AliasMatch ^/([^/]+)/static/(.*) 
    <Directory /home/www-data/web2py/applications/*/static>
            Options -Indexes
            ExpiresActive On
            ExpiresDefault "access plus 1 hour"
            Order Allow,Deny
            Allow from all

    <Directory /var/www/>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride None
            Order allow,deny
            allow from all

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
            AllowOverride None
            Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
            Order allow,deny
            Allow from all

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn
    CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

    #   SSL Engine Switch:
    #   Enable/Disable SSL for this virtual host.
    SSLEngine on

    #   A self-signed (snakeoil) certificate can be created by installing
    #   the ssl-cert package. See
    #   /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
    #   If both key and certificate are stored in the same file, only the
    #   SSLCertificateFile directive is needed.
    SSLCertificateFile    /etc/apache2/ssl/self_signed.cert
    SSLCertificateKeyFile /etc/apache2/ssl/self_signed.key

    <FilesMatch ".(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
    <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars

    BrowserMatch "MSIE [2-6]" 
            nokeepalive ssl-unclean-shutdown 
            downgrade-1.0 force-response-1.0
    # MSIE 7 and newer should be able to use keepalive
    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown


Solution :

OK, the issue was actually the Linux firewall. Adding rules for port 443 fixed my issues. So this question can be closed or deleted.

Leave a Reply

Your email address will not be published. Required fields are marked *