DEV Community

Philaupatte
Philaupatte

Posted on

How-to make SSL (IONOS cert) Web redirect own apache server

#help

Hi,
I come to you as I don't know what to do more to make SSL working on my domain handle by IONOS with redirection. (IONOS don't support customer running their own server)

On IONOS :

  • I have a domain *.philaupatte.com
  • I have SSL certificate (cer, key and intermediate)
  • I have a redirection to the box of my ISP https://82.67.90.232:34443

On ISP Box :

  • I have port forwarding from any IP source port:3480 to my apache server port:80
  • I have port forwarding from any IP source port:34443 to my apache server port:443

On my APACHE2 server :
I have virtual host definition (quite simple)

ServerAdmin webmaster.administrator@free.fr
ServerName philaupatte.com
DocumentRoot /var/www/philaupatte.com

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    LogLevel debug

    SSLEngine on
    SSLUseStapling off

    <FilesMatch "\.(?:cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars
    </Directory>

    SSLCertificateFile      /etc/ssl/philaupatte.com/philaupatte.com_ssl_certificate.cer
    SSLCertificateKeyFile   /etc/ssl/philaupatte.com/_.philaupatte.com_private_key.key
    SSLCertificateChainFile /etc/ssl/philaupatte.com/_.philaupatte.com_ssl_certificate_INTERMEDIATE.cer
Enter fullscreen mode Exit fullscreen mode

All config is OK and server is starting without any error.

curl -i4 http://philaupatte.com working fine
HTTP/1.1 302 Found
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=15
Date: Sun, 09 Jun 2024 06:57:29 GMT
Server: Apache
Cache-Control: no-cache
Location: https://82.67.90.232:34443

curl -i4 https://philaupatte.com fails
curl: (35) OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error

curl -i4 https://philaupatte.com fails -vvv

  • Trying 217.160.0.238:443...
  • Connected to www.philaupatte.com (217.160.0.238) port 443 (#0)
  • ALPN: offers h2,http/1.1
  • TLSv1.3 (OUT), TLS handshake, Client hello (1):
  • CAfile: /etc/ssl/certs/ca-certificates.crt
  • CApath: /etc/ssl/certs
  • TLSv1.3 (IN), TLS alert, internal error (592):
  • OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error
  • Closing connection 0 curl: (35) OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error

Any suggestion will be more than welcome, I am fully stuck.

Thanks

Top comments (1)

Collapse
 
leandro_nnz profile image
Leandro Nuñez

I think I can help you but I’m on vacation without my laptop. If you want, go to digitalpollution.com.ar and write me on Wednesday that I’ll be working. Sorry.

Read next

georgech2 profile image

Try To Use `savepoint` In Spring JPA/Hibernate

georgechou -

tiuwill profile image

Using @Qualifier to Resolve Bean Conflicts in Spring

Willian Ferreira Moya -

vaishnavi_rawool profile image

Creating a Simple RESTful API with Node.js

Vaishnavi Rawool -

wyhasany profile image

Wednesday Links - Edition 2024-06-19

Michał Rowicki -