Discussion :

[allan71]

bonjour,
J'ai actuellement 2 site web qui fonctionne parfaitement , mais la je voulais simplement en ajouter un 3eme mais cela me bloque les 2 autres site , j'ai simplement ajouter le 3 eme site dans mon Vhost:
Mais Apche bloque et m'indique l'erreur: ssl_error_rx_record_too_long
En http port 80 aucun problème , les 3 site sont accessible , mais pas en Https port 443, voici l'exemple de mon fichier Vhost:

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
Listen 443
<VirtualHost *:443>
            ServerAdmin webmaster@localhost
			ServerName site1
            ServerAlias www.site1.ddns.net
 
            DocumentRoot /var/www/site1
            <Directory />
                    Options FollowSymLinks
                    AllowOverride None
            </Directory>
            <Directory /var/www/site1>
                    Options Indexes FollowSymLinks MultiViews
                    AllowOverride all
                    Order allow,deny
                    allow from all
            </Directory>
 
            ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
            <Directory "/usr/lib/cgi-bin">
                    AllowOverride None
                    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                    Order allow,deny
                    Allow from all
            </Directory>
 
            ErrorLog /var/log/apache2/site1-error.log
 
            # Possible values include: debug, info, notice, warn, error, crit,
            # alert, emerg.
            LogLevel warn
 
            CustomLog /var/log/apache2/site2-access.log combined
 
            #   SSL Engine Switch:
            #   Enable/Disable SSL for this virtual host.
             SSLEngine on
             SSLCertificateFile /etc/letsencrypt/live/site1/fullchain.pem
             SSLCertificateKeyFile /etc/letsencrypt/live/site1/privkey.pem
             Include /etc/letsencrypt/options-ssl-apache.conf
             SSLProtocol all -SSLv2 -SSLv3
             SSLHonorCipherOrder on
             SSLCompression off
             SSLOptions +StrictRequire
             SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
 
 
    </VirtualHost>
 
	<VirtualHost *:443>
            ServerAdmin webmaster@localhost
			ServerName site2
            ServerAlias www.site2.ddns.net
 
            DocumentRoot /var/www/site2
            <Directory />
                    Options FollowSymLinks
                    AllowOverride None
            </Directory>
            <Directory /var/www/site2>
                    Options Indexes FollowSymLinks MultiViews
                    AllowOverride all
                    Order allow,deny
                    allow from all
            </Directory>
 
            ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
            <Directory "/usr/lib/cgi-bin">
                    AllowOverride None
                    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                    Order allow,deny
                    Allow from all
            </Directory>
 
            ErrorLog /var/log/apache2/site2-error.log
 
            # Possible values include: debug, info, notice, warn, error, crit,
            # alert, emerg.
            LogLevel warn
 
            CustomLog /var/log/apache2/site2-access.log combined
 
            #   SSL Engine Switch:
            #   Enable/Disable SSL for this virtual host.
             SSLEngine on
             SSLCertificateFile /etc/letsencrypt/live/site1/fullchain.pem
             SSLCertificateKeyFile /etc/letsencrypt/live/site1/privkey.pem
             Include /etc/letsencrypt/options-ssl-apache.conf
             SSLProtocol all -SSLv2 -SSLv3
             SSLHonorCipherOrder on
             SSLCompression off
             SSLOptions +StrictRequire
             SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
 
    </VirtualHost>
		<VirtualHost *:443>
            ServerAdmin webmaster@localhost
			ServerName site3
            ServerAlias www.site3.ddns.net
 
            DocumentRoot /var/www/site3
            <Directory />
                    Options FollowSymLinks
                    AllowOverride None
            </Directory>
            <Directory /var/www/site3>
                    Options Indexes FollowSymLinks MultiViews
                    AllowOverride all
                    Order allow,deny
                    allow from all
            </Directory>
 
            ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
            <Directory "/usr/lib/cgi-bin">
                    AllowOverride None
                    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                    Order allow,deny
                    Allow from all
            </Directory>
 
            ErrorLog /var/log/apache2/site3-error.log
 
            # Possible values include: debug, info, notice, warn, error, crit,
            # alert, emerg.
            LogLevel warn
 
            CustomLog /var/log/apache2/site3-access.log combined
 
            #   SSL Engine Switch:
            #   Enable/Disable SSL for this virtual host.
             SSLEngine on
             SSLCertificateFile /etc/letsencrypt/live/site1/fullchain.pem
             SSLCertificateKeyFile /etc/letsencrypt/live/site1/privkey.pem
             Include /etc/letsencrypt/options-ssl-apache.conf
             SSLProtocol all -SSLv2 -SSLv3
             SSLHonorCipherOrder on
             SSLCompression off
             SSLOptions +StrictRequire
             SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
 
    </VirtualHost>
	<IfModule mod_ssl.c>
    # SSL name based virtual hosts are not yet supported, therefore no
    # NameVirtualHost statement here
   Listen 443
</IfModule>
		<IfModule mod_headers.c>
  Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains"
</IfModule>

J'ai également essaye de faire 1 Vhost pour chaque site ( site1 site2 site3) mais pareil cela ne change rien y en a que 2 qui fonctionne.
Faut-il ajouter un module?

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Loaded Modules:
 core_module (static)
 so_module (static)
 watchdog_module (static)
 http_module (static)
 log_config_module (static)
 logio_module (static)
 version_module (static)
 unixd_module (static)
 access_compat_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_core_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 deflate_module (shared)
 dir_module (shared)
 dnssd_module (shared)
 env_module (shared)
 filter_module (shared)
 headers_module (shared)
 mime_module (shared)
 mpm_prefork_module (shared)
 negotiation_module (shared)
 php7_module (shared)
 reqtimeout_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 socache_shmcb_module (shared)
 ssl_module (shared)
 status_module (shared)

[mathieu]

et avant d'ajouter le 3e site, les 2 premiers fonctionnaient en HTTP et HTTPS ?

[allan71]

bonjour Mathieu ,
Oui les 2 sites été parfaitement fonctionnel en HTTP et HTTPS, en faite hier soir j'ai trouver la solution, j'ai fait l'erreur de vouloir tester mon 3eme site avant de le faire certifié en ssl par letsencrypt, d’où l'erreur : "ssl_error_rx_record_too_long" je pense, parce-que les 3 site ensemble fonctionnait en HTTP et non en HTTPS.