After upgrade Wheezy to Jessie apache 2 SSL stops working

Question

I upgraded server from Wheezy to Jessie, and Apache 2.4 stops working...

Especially on port 443 there's no ssl ....

telnet myhost 443
GET https://myhost
<html><meta http-equiv='Content-Type' content='text/html; charset=utf-8'/><body>Something in /var/www/html/index.html</body></html>>Connection closed by foreign host.

It should be:

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
 Instead use the HTTPS scheme to access this URL, please.<br />
</p>
</body></html>
Connection closed by foreign host.

SSLEngine is on - yesterday everything works properly, but it was Wheezy, not Jessie...

* update * Fresh mind - I found, that connection to :443 is logged to /var/log/apache2/access.log instead of /var/log/apache2-ssl/access.log But why?

score 10 · Accepted Answer · edited May 22 '15 at 19:02

10

The solution was very hard to find... Only coincidence helps me to find it.

The Apache2.4 requires .conf extension....

I had two files: /etc/apache2/sites-available/http and /etc/apache2/sites-available/https and of course the same symlinks in /etc/apache2/sites-enabled/.

Trying to find out the solution I took default-ssl.conf and made it a symlink, and it works! So I copied every single line to find where is the difference, and found nothing. I renamed the https into https.conf, made a symlink and it works too!!!

The biggest mistake is that I create symlinks by myself, not using a2ensite - which will yield that http site doesn't exist - until renaming it into http.conf.

6 hours of searching nothing... Sigh....But maybe this will help someone else..

edited May 22 '15 at 19:02

sebix

4,313
2
29
47

answered May 21 '15 at 12:39

SledgehammerPL

773
9
16

solved for me; another sympthom is that, if you try to do a2ensite (or a2dissite) yousite.ext it will tell you your site doesn't exist. After renaming the file adding .conf all worked fine – Riccardo Cossu May 07 '16 at 21:37
You've saved me! I had an opposite problem: Let's Encrypt had generated *.conf files but my normal (non-conf) files with port 80 and SSL rewrite were completely ignored, it was driving me crazy! – Miro Kropacek May 17 '19 at 06:52

score 2 · Answer 2 · answered May 20 '15 at 21:46

2

Have you read the release notes on Apache 2.4?

"Notably, the access control directives have changed considerably and will need manual migration to the new directives. "

https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#apache-httpd-incomat

answered May 20 '15 at 21:46

David Nilson

409
2
5

Yes, few of this changes fits my server, but I _hope_, that changed everything. – SledgehammerPL May 21 '15 at 05:36

score 0 · Answer 3 · answered May 22 '15 at 19:23

0

I had the same problem to use Authorization configuration. It's delay to discover and change.

    <Directory /var/www/webalizer>
            Options Indexes FollowSymlinks MultiViews
    #       AllowOverride all
    #       Order allow,deny
            Require all granted
    </Directory>

The old settings is comment (#). Is it work for you?

answered May 22 '15 at 19:23

Fernando Ike

54
4

Yes, during debian update almost all settings are corrected – SledgehammerPL May 24 '15 at 11:25

After upgrade Wheezy to Jessie apache 2 SSL stops working

3 Answers3