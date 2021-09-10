I’m changing hosts and in the process I’m moving all of my server config and remaking SSL certificates. I just created one with let’s encrypt and it is in my /etc/letsencrypt directory. I have that all set up in my Apache config:

<IfModule mod_ssl.c> <VirtualHost *:443> ServerAdmin trent@riverside.rocks ServerName riverside.rocks ServerAlias https://riverside.rocks DocumentRoot /var/www/new ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined RemoteIPHeader CF-Connecting-IP SSLCertificateFile /etc/letsencrypt/live/riverside.rocks/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/riverside.rocks/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost>

However, when I visit https://riverside.rocks:

ERR_SSL_PROTOCOL_ERROR

I don’t get whats going wrong, I’ve check all on the SSL certificate files (they all exist) and the include file exists. OpenSSL’s checker shows that Apache isn’t serving the cert:

# openssl s_client -connect localhost:443 CONNECTED(00000003) 140380571874688:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 5 bytes and written 283 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) ---

(if you are trying to visit riverisde.rocks now it may be on my other vps and that is why it is working)