configure a test SSL

Eric Shubert ejs at shubes.net
Mon Aug 31 18:29:27 MST 2009


Alex Dean wrote:
> 
> On Aug 31, 2009, at 7:08 PM, keith smith wrote:
> 
>> openssl s_client -showcerts
>>
>> returns
>>
>> connect: Connection refused
>> connect:errno=29
>>
> 
> no idea on that one.
> 
>>
>> and when I try to access the site with https I get
>>
>>
>> Secure Connection Failed
>>
>> An error occurred during a connection to newcart.dev.
>>
>> SSL received a record with an unknown content type.
>>
>> (Error code: ssl_error_rx_unknown_record_type)
>>
>> The page you are trying to view can not be shown because the 
>> authenticity of the received data could not be verified.
>>
>>    * Please contact the web site owners to inform them of this problem.
>>
>> ---
>> Any ideas much appreciated.
> 
> It's normal to see the 'authenticity could not be verified' error with a 
> self-signed cert.  If you want to get rid of that error, you have to get 
> your certificate signed by a recognized signing athority like Verisign 
> or GoDaddy.

You could use a commercial service, or you can get a certificate request 
signed for free by someone (like me!) at CAcert.org, then add 
CAcert.org's root certificate to your ca-bundle.crt certificate chain. 
This is slightly better than a self signed cert.

> The 'unknown content type' error may be another issue.  Post your 
> VirtualHost config for your SSL vhost so we can troubleshoot.  Or, you 
> can change LogLevel to 'debug' in your Apache config and watch the error 
> log while you access the server with a browser.
> 
> alex
> 


-- 
-Eric 'shubes'



More information about the PLUG-discuss mailing list