Home / server / Questions / 693437
Accepted
SledgehammerPL
Asked: 2015-05-21 13:40:14 +0800 CST

After upgrade Wheezy to Jessie apache 2 SSL stops working

  • 772

I upgraded server from Wheezy to Jessie, and Apache 2.4 stops working...

Especially on port 443 there's no ssl ....

telnet myhost 443
GET https://myhost
<html><meta http-equiv='Content-Type' content='text/html; charset=utf-8'/><body>Something in /var/www/html/index.html</body></html>>Connection closed by foreign host.

It should be:

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
 Instead use the HTTPS scheme to access this URL, please.<br />
</p>
</body></html>
Connection closed by foreign host.

SSLEngine is on - yesterday everything works properly, but it was Wheezy, not Jessie...

* update * Fresh mind - I found, that connection to :443 is logged to /var/log/apache2/access.log instead of /var/log/apache2-ssl/access.log But why?

ssl

3 Answers

  1. Best Answer

    The solution was very hard to find... Only coincidence helps me to find it.

    The Apache2.4 requires .conf extension....

    I had two files: /etc/apache2/sites-available/http and /etc/apache2/sites-available/https and of course the same symlinks in /etc/apache2/sites-enabled/.

    Trying to find out the solution I took default-ssl.conf and made it a symlink, and it works! So I copied every single line to find where is the difference, and found nothing. I renamed the https into https.conf, made a symlink and it works too!!!

    The biggest mistake is that I create symlinks by myself, not using a2ensite - which will yield that http site doesn't exist - until renaming it into http.conf.

    6 hours of searching nothing... Sigh....But maybe this will help someone else..

    • 10

  2. Have you read the release notes on Apache 2.4?

    "Notably, the access control directives have changed considerably and will need manual migration to the new directives. "

    https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#apache-httpd-incomat

    • 2

  3. I had the same problem to use Authorization configuration. It's delay to discover and change.

        <Directory /var/www/webalizer>
            Options Indexes FollowSymlinks MultiViews
    #       AllowOverride all
    #       Order allow,deny
            Require all granted
    </Directory>

    The old settings is comment (#). Is it work for you?

    • 0