I’m changing hosts and in the process I’m moving all of my server config and remaking SSL certificates. I just created one with let’s encrypt and it is in my /etc/letsencrypt directory. I have that all set up in my Apache config:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin trent@riverside.rocks
ServerName riverside.rocks
ServerAlias https://riverside.rocks
DocumentRoot /var/www/new
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RemoteIPHeader CF-Connecting-IP
SSLCertificateFile /etc/letsencrypt/live/riverside.rocks/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/riverside.rocks/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
However, when I visit https://riverside.rocks:
ERR_SSL_PROTOCOL_ERROR
I don’t get whats going wrong, I’ve check all on the SSL certificate files (they all exist) and the include file exists. OpenSSL’s checker shows that Apache isn’t serving the cert:
# openssl s_client -connect localhost:443
CONNECTED(00000003)
140380571874688:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 283 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
(if you are trying to visit riverisde.rocks now it may be on my other vps and that is why it is working)