Apache SSL Configuration Error (SSL Connection Error)

I had the same problem as @User39604, and had to follow VARIOUS advices. Since he doesnt remember the precise path he followed, let me list my path:

1. check if you have SSL YES using <?php echo phpinfo();?>

2. if necessary

   A. enable ssl on apache sudo a2enmod ssl

   B. install openssl sudo apt-get install openssl

   C. check if port 443 is open sudo netstat -lp

   D. if necessary, change /etc/apache2/ports.conf, this works

   NameVirtualHost *:80
   Listen 80
   
   <IfModule mod_ssl.c>
       # If you add NameVirtualHost *:443 here, you will also have to change
       # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
       # to <VirtualHost *:443>
       # Server Name Indication for SSL named virtual hosts is currently not
       # supported by MSIE on Windows XP.
       NameVirtualHost *:443
       Listen 443
   </IfModule>
   
   <IfModule mod_gnutls.c>
       Listen 443
   </IfModule>
   

3. acquire a key and a certificate by

   A. paying a Certificating Authority (Comodo, GoDaddy, Verisign) for a pair

   B. generating your own* – see below (testing purposes ONLY)

4. change your configuration (in ubuntu12 /etc/apache2/httpd.conf – default is an empty file) to include a proper <VirtualHost>
   (replace MYSITE.COM as well as key and cert path/name to point to your certificate and key):

   <VirtualHost _default_:443> 
   ServerName MYSITE.COM:443
   SSLEngine on
   SSLCertificateKeyFile /etc/apache2/ssl/MYSITE.COM.key
   SSLCertificateFile /etc/apache2/ssl/MYSITE.COM.cert
   ServerAdmin MYWEBGUY@localhost
   DocumentRoot /var/www
   <Directory />
       Options FollowSymLinks
       AllowOverride None
   </Directory>
   <Directory /var/www/>
       Options Indexes FollowSymLinks MultiViews
       AllowOverride None
       Order allow,deny
       allow from all
   </Directory>
   
   
   ErrorLog ${APACHE_LOG_DIR}/errorSSL.log
   
   # Possible values include: debug, info, notice, warn, error, crit,
   # alert, emerg.
   LogLevel warn
   
   CustomLog ${APACHE_LOG_DIR}/accessSSL.log combined
   
   </VirtualHost>
   

while many other virtualhost configs wil be available in /etc/apache2/sites-enabled/ and in /etc/apache2/sites-available/ it was /etc/apache2/httpd.conf that was CRUCIAL to solving all problems.

for further info:

http://wiki.vpslink.com/Enable_SSL_on_Apache2

http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#selfcert

*generating your own certificate (self-signed) will result in a certificate whose authority the user’s browser will not recognize. therefore, the browser will scream bloody murder and the user will have to “understand the risks” a dozen times before the browser actually opens up the page. so, it only works for testing purposes. having said that, this is the HOW-TO:

5. goto the apache folder (in ubuntu12 /etc/apache2/)
6. create a folder like ssl (or anything that works for you, the name is not a system requirement)
7. goto chosen directory /etc/apache2/ssl
8. run sudo openssl req -new -x509 -nodes -out MYSITE.COM.crt -keyout MYSITE.COM.key
9. use MYSITE.COM.crt and MYSITE.COM.key in your <VirtualHost> tag

name format is NOT under a strict system requirement, must be the same as the file 🙂
– names like 212-MYSITE.COM.crt, june2014-Godaddy-MYSITE.COM.crt should work.