1

From this answer, I created:

C:\wamp\bin\apache\apache2.4.9\ssl.crt\vhost.crt & C:\wamp\bin\apache\apache2.4.9\ssl.key\vhost.key

I edited:

C:\wamp\bin\apache\apache2.4.9\conf\extra\httpd-ssl to include:

<VirtualHost www.vhost.dev:443>

DocumentRoot "c:/wamp/www/vhostdev"
ServerName www.vhost.dev:443
ErrorLog "c:/wamp/logs/ssl_error.log"
TransferLog "c:/wamp/logs/ssl_error.log"

SSLEngine on

SSLCertificateFile "c:/wamp/bin/apache/apache2.4.9/conf/ssl.crt/vhost.crt"
SSLCertificateKeyFile "c:/wamp/bin/apache/apache2.4.9/conf/ssl.key/vhost.key"

<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>

<Directory "c:/wamp/www/vhostdev">
    SSLOptions +StdEnvVars
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Require local
</Directory>

BrowserMatch "MSIE [2-5]" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog "c:/wamp/logs/ssl_request.log" \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

The SSL Apache module is turned on.

www.vhost.dev is defined in the Windows host file correctly.

When I load https://www.vhost.dev, I receive:

This site can’t be reached
www.vhost.dev refused to connect.
Try:
Reloading the page
Checking the connection
Checking the proxy and the firewall
ERR_CONNECTION_REFUSED

There is nothing in C:\wamp\logs\apache_error.txt

There is nothing in Windows Event Viewer > Application.

Help appreciated.

Update: I created a 2nd .crt & .key for a 2nd vhost and the problem followed me when I tried to load the 2nd vhost over https. This problem has only existed since I reinstalled Windows from fresh.

Update 2: After running netsh int ipv4 install in Windows cmd, the error has changed to:

This site can’t provide a secure connection.
ERR_SSL_PROTOCOL_ERROR

Update 3: In another browser, Firefox, the error is different:

An error occurred during a connection to www.vhost.dev. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.

Update4: SSL_ERROR_RX_RECORD_TOO_LONG has a solution here but none of the solutions in the answer or answer comments applied.

Update 5: I upgraded from WAMPServer 2.5 to WAMPServer 3, and the issue remains.

Update 6: I had found that I had keys and certificates referenced in <VirtualHost> entries in httpd-ssl.conf that were not present in C:\wamp\bin\apache\apache2.4.9\conf\ssl.crt or C:\wamp\bin\apache\apache2.4.9\conf\ssl.key.

These <VirtualHost> entries were from my previous Windows 10 installation.

I commented out the erroneous entries, so that the only <VirtualHost> entries left are those that have valid .crt and .key files. However, the same error SSL_ERROR_RX_RECORD_TOO_LONG remains in Firefox.

Community
  • 1
  • 1
Steve
  • 2,066
  • 13
  • 60
  • 115
  • 1
    Seems apache is not listening to port 443. check this http://serverfault.com/a/475130, might be helpful to you – Rajesh Jun 04 '16 at 07:17
  • Thank you @Rajesh. I've added `Listen 10.1.1.1:443` where `10.1.1.1` is my host IP address. I now receive: `This site can’t provide a secure connection. www.vhost.dev sent an invalid response. ERR_SSL_PROTOCOL_ERROR`. I click diagnose in Chrome, and the Windows Troubleshooter opens, but [can't fix the errors - see screenshot](https://i.imgur.com/7FouvZy.png). – Steve Jun 04 '16 at 07:30
  • I try to reinstall TCP/IP 4, but receive [this error](https://i.imgur.com/Pu97Wql.png). I try to reinstall Winsock using the MajorGeeks tool from this [SuperUser thread](http://superuser.com/questions/1007325/blocked-by-group-policy-trying-to-install-tcp-ipv4-windows-10), but it does not resolve the browser `https` error. – Steve Jun 04 '16 at 08:13
  • Check [One or more network protocols are missing..](http://www.tenforums.com/network-sharing/36238-one-more-network-protocols-missing-solution.html) – Ani Menon Jun 05 '16 at 04:15
  • Try adding `localhost:443` and see – Rajesh Jun 05 '16 at 15:29
  • Thanks @Rajesh. No change unfortunately. – Steve Jun 05 '16 at 17:37
  • Thanks @AniMenon, after running `netsh int ipv4 install` and rebooting, the error has changed (see my edit to the question please), and no network issues are detected when running the network troubleshooter when prompted by Chrome. – Steve Jun 05 '16 at 17:37
  • Have you tried another browser? – RiggsFolly Jun 05 '16 at 22:43
  • Does the request hit APache in the first place (check logs!). YOu sure it isn't a firewall problem? ALso, does the Apache error log say anything? – Johannes H. Jun 06 '16 at 04:07
  • Thanks @RiggsFolly. In Firefox, I receive a different error. See `Update 3` above in the question please. – Steve Jun 06 '16 at 10:53
  • Thanks @JohannesH. No, the access logs have not been updated since the PC started Wampserver 11 hours ago. – Steve Jun 06 '16 at 10:55
  • 1
    I assume thats WAMPServer 2.5! Any reason you dont install WAMPServer3? – RiggsFolly Jun 06 '16 at 13:25
  • Maybe the issue is with your certificate – RiggsFolly Jun 06 '16 at 13:57
  • I upgraded to WAMPServer3 and the issue remains @RiggsFolly. – Steve Jun 07 '16 at 07:00
  • I recreated the certificate and the issue remains (`SSL_ERROR_RX_RECORD_TOO_LONG` in Firefox). – Steve Jun 07 '16 at 07:11

1 Answers1

1

Well following my own tutorial it works just fine.

The only difference I see is in the SSL Virtual Host definition

My httpd-ssl.conf looks like this:

Listen 443

SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4

SSLHonorCipherOrder on 

SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3

SSLPassPhraseDialog  builtin

SSLSessionCache        "shmcb:d:/wamp/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300

##
## SSL Virtual Host Context
##

<VirtualHost _default_:443>

    DocumentRoot "d:/wamp/www/wamphelpers"
    ServerName www.wamphelpers.dev:443
    ServerAdmin nopwd@homemail.net
    ErrorLog "d:/wamp/logs/wamphelpers-error.log"
    TransferLog "d:/wamp/logs/wamphelpers-access.log"

    SSLEngine on

    SSLCertificateFile "d:/wamp/bin/apache/apache2.4.20/conf/ssl.crt/server.crt"
    SSLCertificateKeyFile "d:/wamp/bin/apache/apache2.4.20/conf/ssl.key/server.key"
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>

    <Directory "d:/wamp/www/wamphelpers">
        SSLOptions +StdEnvVars
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Require local
    </Directory>

    BrowserMatch "MSIE [2-5]" \
             nokeepalive ssl-unclean-shutdown \
             downgrade-1.0 force-response-1.0

    CustomLog "d:/wamp/logs/ssl_request.log" \
              "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

and the only REAL difference seems to be that you used 

<VirtualHost www.vhost.dev:443>

and I used 

<VirtualHost _default_:443>

I did have to download a new version of OpenSSL-Win32 which ment that I had to copy the new versions of libaey32.dll and ssleay32.dll into all the versions of PHP that I have available on my system.

If you have to do this remember these 2 files must be copied into 

\wamp\bin\php\php{version}

and NOT the apache\bin folder.

You should then do

wampmanager -> Apache -> Version -> 2.4.9 (click on the version number)

(or whatever version you are currently running)

to cause WAMPServer to set the symlinks correctly to the new files.

Community
  • 1
  • 1
RiggsFolly
  • 93,638
  • 21
  • 103
  • 149
  • Thanks Riggs. I do have several local vhosts, hence I don't think I can use `` for each of these. – Steve Jun 24 '16 at 10:18