How-to make SSL (IONOS cert) Web redirect own apache server
Philaupatte
Posted on June 9, 2024
Hi,
I come to you as I don't know what to do more to make SSL working on my domain handle by IONOS with redirection. (IONOS don't support customer running their own server)
On IONOS :
- I have a domain *.philaupatte.com
- I have SSL certificate (cer, key and intermediate)
- I have a redirection to the box of my ISP https://82.67.90.232:34443
On ISP Box :
- I have port forwarding from any IP source port:3480 to my apache server port:80
- I have port forwarding from any IP source port:34443 to my apache server port:443
On my APACHE2 server :
I have virtual host definition (quite simple)
ServerAdmin webmaster.administrator@free.fr
ServerName philaupatte.com
DocumentRoot /var/www/philaupatte.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
LogLevel debug
SSLEngine on
SSLUseStapling off
<FilesMatch "\.(?:cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
SSLCertificateFile /etc/ssl/philaupatte.com/philaupatte.com_ssl_certificate.cer
SSLCertificateKeyFile /etc/ssl/philaupatte.com/_.philaupatte.com_private_key.key
SSLCertificateChainFile /etc/ssl/philaupatte.com/_.philaupatte.com_ssl_certificate_INTERMEDIATE.cer
All config is OK and server is starting without any error.
curl -i4 http://philaupatte.com working fine
HTTP/1.1 302 Found
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=15
Date: Sun, 09 Jun 2024 06:57:29 GMT
Server: Apache
Cache-Control: no-cache
Location: https://82.67.90.232:34443
curl -i4 https://philaupatte.com fails
curl: (35) OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error
curl -i4 https://philaupatte.com fails -vvv
- Trying 217.160.0.238:443...
- Connected to www.philaupatte.com (217.160.0.238) port 443 (#0)
- ALPN: offers h2,http/1.1
- TLSv1.3 (OUT), TLS handshake, Client hello (1):
- CAfile: /etc/ssl/certs/ca-certificates.crt
- CApath: /etc/ssl/certs
- TLSv1.3 (IN), TLS alert, internal error (592):
- OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error
- Closing connection 0 curl: (35) OpenSSL/3.0.11: error:0A000438:SSL routines::tlsv1 alert internal error
Any suggestion will be more than welcome, I am fully stuck.
Thanks
Posted on June 9, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.