# Question about SSL



## anthony911 (Aug 10, 2009)

I am trying to connect to my spamviewer 
This is a completely fresh install of freebsd with 
spamassassin
postfix
clamav
amavisd-new 

installed

when i edited /usr/local/etc/apache22/httpd.conf
I put listen 8443

I get this error when I put my url

```
Secure Connection Failed
An error occurred during a connection to 172.16.99.43:8443.
SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)
The page you are trying to view can not be shown because the authenticity of the received data could not be verified.

    * Please contact the web site owners to inform them of this problem.
```

Any ideas?
if I put 

```
http://ip
```
I get a page that says 
It Works!
If I put

```
https://ip
```
I get the error message I just posted.
Any Ideas?


----------



## anomie (Aug 10, 2009)

A quick google for that error message yielded: http://www.mozilla.org/projects/security/pki/nss/ref/ssl/sslerr.html



> This generally indicates that the remote peer system has a flawed implementation of SSL, and is violating the SSL specification.



I'm not familiar with spamviewer. Does it provide a SSL private key/cert, or did you generate or otherwise acquire your own?


----------



## anthony911 (Aug 10, 2009)

I followed this URL to do it

```
http://freebsdrocks.net/index.php?option=com_content&task=view&id=17&Itemid=25
```


----------



## anthony911 (Aug 10, 2009)

I may have gone up one step
now I have this as an error 

```
Firefox can't establish a connection to the server at x.x.x.x:8443.
Though the site seems valid, the browser was unable to establish a connection.
    * Could the site be temporarily unavailable? Try again later.
    * Are you unable to browse other sites?  Check the computer's network connection.
    * Is your computer or network protected by a firewall or proxy? Incorrect settings can interfere with Web browsing.
```

When I start my machine I get this error

```
Preforming sanity check on apache22 configuration:
httpd: syntax error on line 133 of /usr/local/etc/apache22/httpd.conf: /usr/local/etc/apache22/httpd.conf:133: <Virtual_Host_default_:8443> was not closed.
Starting apache22.
httpd: syntax error on line 133 of /usr/local/etc/apache22/httpd.conf: /usr/local/etc/apache22/httpd.conf:133: <Virtual_Host_default_:8443> was not closed.
```

What am I doing wrong :s


----------



## anomie (Aug 10, 2009)

httpd is telling you what the problem is, and pointing you to the problem line. It sounds like the VirtualHost container was not closed. Take a look at working examples: http://httpd.apache.org/docs/2.0/mod/core.html#virtualhost


----------



## anthony911 (Aug 11, 2009)

Ok so I did this because I thought i should start over
I did

```
cd /usr/ports/www/apache22
make deinstall
make && make install && make clean
```

everything seems to have went OK. It uninstalled and reinstalled the port.
Now when I start up my FreeBSD box I don't get an error message anymore with apache22 startup however when i put in my https://IP:8443 it still tells me: Though the site seems valid, the browser was unable to establish a connection.

At least I got rid of the error, now I assume it has to do with the configuration of Apache but I have no idea how to do it.

IS IT POSSIBLE I just don't have a certificate installed that is giving this error?


----------



## anomie (Aug 11, 2009)

anthony911 said:
			
		

> ... however when i put in my https://IP:8443 it still tells me: Though the site seems valid, the browser was unable to establish a connection.
> 
> ...
> 
> IS IT POSSIBLE I just don't have a certificate installed that is giving this error?



Nope, that's not what is causing this particular error. It sounds like something is filtering traffic to tcp 443 between you and the host. 

To prove this point, from your client workstation run: 
`% nc -zvw 1 web.host.here 443`

-------

Alternatively, maybe you forgot to start httpd. Make sure it is running and listening.

`% pgrep httpd`

`% sockstat -4l`


----------

