DEV Community

Philaupatte
Philaupatte

Posted on

How-to make SSL (IONOS cert) Web redirect own apache server

#help

Hi,
I come to you as I don't know what to do more to make SSL working on my domain handle by IONOS with redirection. (IONOS don't support customer running their own server)

On IONOS :

  • I have a domain *.philaupatte.com
  • I have SSL certificate (cer, key and intermediate)
  • I have a redirection to the box of my ISP https://82.67.90.232:34443

On ISP Box :

  • I have port forwarding from any IP source port:3480 to my apache server port:80
  • I have port forwarding from any IP source port:34443 to my apache server port:443

On my APACHE2 server :
I have virtual host definition (quite simple)

ServerAdmin webmaster.administrator@free.fr
ServerName philaupatte.com
DocumentRoot /var/www/philaupatte.com

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    LogLevel debug

    SSLEngine on
    SSLUseStapling off

    <FilesMatch "\.(?:cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars
    </Directory>

    SSLCertificateFile      /etc/ssl/philaupatte.com/philaupatte.com_ssl_certificate.cer
    SSLCertificateKeyFile   /etc/ssl/philaupatte.com/_.philaupatte.com_private_key.key
    SSLCertificateChainFile /etc/ssl/philaupatte.com/_.philaupatte.com_ssl_certificate_INTERMEDIATE.cer
Enter fullscreen mode Exit fullscreen mode

All config is OK and server is starting without any error.

curl -i4 http://philaupatte.com working fine
HTTP/1.1 302 Found
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=15
Date: Sun, 09 Jun 2024 06:57:29 GMT
Server: Apache
Cache-Control: no-cache
Location: https://82.67.90.232:34443

curl -i4 https://philaupatte.com fails
curl: (35) OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error

curl -i4 https://philaupatte.com fails -vvv

  • Trying 217.160.0.238:443...
  • Connected to www.philaupatte.com (217.160.0.238) port 443 (#0)
  • ALPN: offers h2,http/1.1
  • TLSv1.3 (OUT), TLS handshake, Client hello (1):
  • CAfile: /etc/ssl/certs/ca-certificates.crt
  • CApath: /etc/ssl/certs
  • TLSv1.3 (IN), TLS alert, internal error (592):
  • OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error
  • Closing connection 0 curl: (35) OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error

Any suggestion will be more than welcome, I am fully stuck.

Thanks

profile
AWS
 Promoted

AWS Q Developer image

Meet your AI code assistant

Top comments (1)

Collapse
 
leandro_nnz profile image
Leandro Nuñez

I think I can help you but I’m on vacation without my laptop. If you want, go to digitalpollution.com.ar and write me on Wednesday that I’ll be working. Sorry.

profile
Coherence
 Promoted

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

Read next

oliviarizona88 profile image

Figma Tokens Tailwind

oliviarizona -

ahmad_tibibi profile image

gap tailwind

Ahmad Tibibi -

turingvangisms profile image

TS1245: Method '{0}' cannot have an implementation because it is marked abstract

Turing -

turingvangisms profile image

TS1247: A type literal property cannot have an initializer

Turing -