Mysterious TLS in Oracle HTTP

A little "forget-me-not" from a recent Oracle HTTP server troubleshooting, but it could happen to Apache HTTPD as well. To set up a stage: a work installation of the Oracle HTTP Server, stop presenting certificates on the secured port.

Mysterious TLS in Oracle HTTP
Photo by Georg Eiermann / Unsplash

A little "forget-me-not" from a recent Oracle HTTP server troubleshooting, but it could happen to Apache HTTPD as well. To set up a stage: a work installation of the Oracle HTTP Server, stop presenting certificates on the secured port.

The mystery was - an OHS instance does not complain. There are no issues with startup, there are no logs entries related to TLS/SSL. It opens listen port and accepts plain HTTP requests, but ignores all secured configurations for the virtual host.  

Here is a tip, that would save you and future myself about two hours of life and jump straight to the root cause.

The listen port didn't connect to the virtual host definition.

So, if you would get this from your Apache/OHS check that


# Your secured port
Listen 6888

# Your secured site
# does not match actual port 

<VirtualHost *:6880>
 <IfModule mod_osso>
  ## All the secuirty definitions. 
 </IfModule> 
</VirtualHost>

I've missed this fact because port numbers were quite alike and OHS gives no warning if a virtual host definition does not match any listen port.  The questions how this ever happened and how to improve the architecture - that for a different story.