I'm trying to set up https service on my VirtualBox guest instance running Debian Squeeze and Apache 2.
When trying to load my virtual host's test page in a browser from my Win7 host machine, I'm getting an error "ssl_error_rx_record_too_long". At the same time, the Apache error log says "Invalid method in request \x16\x03\x01" for this request. The issue is probably unrelated to the fact that I'm running Apache inside a VirtualBox guest, but wanted to paint you the whole picture.
The really interesting part is that I already got to the point where the site loads properly, but only for requests coming from localhost (i.e. from within the VirtualBox Debian Guest) . I've verified this with lynx and wget, they work as expected:
wget https://ssltest.intra/ssl.html --2013-09-13 07:26:49-- https://ssltest.intra/ssl.html Resolving ssltest.intra (ssltest.intra)... 127.0.0.1 Connecting to ssltest.intra (ssltest.intra)|127.0.0.1|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 122 [text/html] Saving to: `ssl.html.1' 100%[======================================>] 122 --.-K/s in 0s 2013-09-13 07:26:49 (1.94 MB/s) - `ssl.html.1' saved [122/122] Content of the saved file is exactly as expected. Moreover, if I try to talk to the server via plain text HTTP, it rightfully sends me to a better place:
telnet ssltest.intra 443 Trying 127.0.0.1... Connected to ssltest.intra. Escape character is '^]'. GET /ssl.html <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>400 Bad Request</title> </head><body> <h1>Bad Request</h1> <p>Your browser sent a request that this server could not understand.<br /> Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /> <blockquote>Hint: <a href="https://ssltest.intra/"><b>https://ssltest.intra/</b></a></blockquote></p> <hr> <address>Apache/2.2.22 (Debian) Server at ssltest.intra Port 443</address> </body></html> Connection closed by foreign host. Configuration files below (I've stripped everything from config except the bare minimum for this SSL site to work)
ports.conf:
Listen 443 httpd.conf: empty
ssltest.intra: (the virtualhost configuration)
<VirtualHost *:443> ServerName ssltest.intra ServerAdmin [email protected] SSLEngine On SSLCertificateFile /etc/ssl/certs/ssltest.intra.crt SSLCertificateKeyFile /etc/ssl/certs/ssltest.intra.key DocumentRoot /var/www/ssltest.intra Options FollowSymLinks <Directory /var/www/ssltest.intra/> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> php_value error_log /var/www/ssltest.intra/php_errors.log ErrorLog /var/log/apache2/ssltest.intra.error.log LogLevel warn CustomLog /var/log/apache2/ssltest.intra.access.log combined </VirtualHost> I verified that cert keys are at the indicated location and they are valid (non-expired) keys for the domain. The above virtual host configuration was enabled by a2ensite ssltest.intra. mod_ssl was enabled, apache2 restarted (several times). When I start apache, this is the entry in the log:
Apache/2.2.22 (Debian) PHP/5.3.3-7+squeeze14 with Suhosin-Patch mod_ssl/2.2.22 OpenSSL/1.0.1e mod_perl/2.0.4 Perl/v5.10.1 configured -- resuming normal operations There are no firewall rules that would prevent any communication over 443.
What am I missing?
EDIT Apparently this has something to do with the VirtualBox network setup. When I try reaching the site locally as 127.0.0.1, everything works as expected. When I try to connect (also locally) via the other NAT-ed interface (192.168.56.10), the request is rejected. Any tips on how to resolve that?
