The latest articles on DEV Community by Philaupatte (@philaupatte). https://dev.to/philaupatte https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1597789%2F6683ac44-6cef-405f-9c5d-0963e3200c08.png https://dev.to/philaupatte en Philaupatte Sun, 09 Jun 2024 07:00:48 +0000 https://dev.to/philaupatte/how-to-make-ssl-ionos-cert-web-redirect-own-apache-server-8k1 https://dev.to/philaupatte/how-to-make-ssl-ionos-cert-web-redirect-own-apache-server-8k1 <p>Hi,<br> I come to you as I don't know what to do more to make SSL working on my domain handle by IONOS with redirection. (IONOS don't support customer running their own server)</p> <p><strong>On IONOS :</strong> </p> <ul> <li>I have a domain *.philaupatte.com</li> <li>I have SSL certificate (cer, key and intermediate)</li> <li>I have a redirection to the box of my ISP <a href="https://82.67.90.232:34443">https://82.67.90.232:34443</a> </li> </ul> <p><strong>On ISP Box :</strong></p> <ul> <li>I have port forwarding from any IP source port:3480 to my apache server port:80</li> <li>I have port forwarding from any IP source port:34443 to my apache server port:443</li> </ul> <p><strong>On my APACHE2 server :</strong> <br> I have virtual host definition (quite simple)<br> <br> ServerAdmin <a href="mailto:webmaster.administrator@free.fr">webmaster.administrator@free.fr</a><br> ServerName philaupatte.com<br> DocumentRoot /var/www/philaupatte.com</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined LogLevel debug SSLEngine on SSLUseStapling off &lt;FilesMatch "\.(?:cgi|shtml|phtml|php)$"&gt; SSLOptions +StdEnvVars &lt;/FilesMatch&gt; &lt;Directory /usr/lib/cgi-bin&gt; SSLOptions +StdEnvVars &lt;/Directory&gt; SSLCertificateFile /etc/ssl/philaupatte.com/philaupatte.com_ssl_certificate.cer SSLCertificateKeyFile /etc/ssl/philaupatte.com/_.philaupatte.com_private_key.key SSLCertificateChainFile /etc/ssl/philaupatte.com/_.philaupatte.com_ssl_certificate_INTERMEDIATE.cer </code></pre> </div> <p>All config is OK and server is starting without any error.</p> <p>curl -i4 <a href="http://philaupatte.com">http://philaupatte.com</a> working fine<br> HTTP/1.1 302 Found<br> Content-Type: text/html<br> Content-Length: 0<br> Connection: keep-alive<br> Keep-Alive: timeout=15<br> Date: Sun, 09 Jun 2024 06:57:29 GMT<br> Server: Apache<br> Cache-Control: no-cache<br> Location: <a href="https://82.67.90.232:34443">https://82.67.90.232:34443</a></p> <p>curl -i4 <a href="https://philaupatte.com">https://philaupatte.com</a> fails<br> curl: (35) OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error</p> <p>curl -i4 <a href="https://philaupatte.com">https://philaupatte.com</a> fails -vvv</p> <ul> <li> Trying 217.160.0.238:443...</li> <li>Connected to <a href="http://www.philaupatte.com">www.philaupatte.com</a> (217.160.0.238) port 443 (#0)</li> <li>ALPN: offers h2,http/1.1</li> <li>TLSv1.3 (OUT), TLS handshake, Client hello (1):</li> <li> CAfile: /etc/ssl/certs/ca-certificates.crt</li> <li> CApath: /etc/ssl/certs</li> <li>TLSv1.3 (IN), TLS alert, internal error (592):</li> <li>OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error</li> <li>Closing connection 0 curl: (35) OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error</li> </ul> <p>Any suggestion will be more than welcome, I am fully stuck.</p> <p>Thanks</p> help