Here’s a really quick post about an issue I’ve encountered recently when using stunnel to connect through to Apache via HTTPS. I set up the connections and then tried to view the end-point using ‘links’ (https://localhost) and received an SSL error. The apache logs listed:
Invalid method in request x80gx01x03
The stunnel config that I was using looked something like this
[web] accept=443 connect=someserver.com:1234 # Apache SSL listing on a non-standard port cert=/path/to/my/cert.pem
It turned out to be a really simple fix. Because I was connecting to stunnel using SSL it was being encrypted by my browser then encrypted by stunnel. At the other end it was being decrypted by stunnel and then left with my original browser encrypted data which Apache couldn’t do anything with and couldn’t understand the request.
The fix was to simply change the config to:
[web] accept=80 connect=someserver.com:1234 # Apache SSL listing on a non-standard port cert=/path/to/my/cert.pem
Then test the connection via ‘links http://localhost’ and let stunnel handle the encryption and certificate negotiation on its own.