Err_ssl_protocol_error

N7JYS · March 14, 2026, 3:58pm

Having problems accessing apache2 server on port 82 even though ist been changed in both ports.conf and site-available/000-defualt.conf. I am running asl3 ver arm64-3.1.2. I cannot access apache2 server across the internet on port 82. Firewall and router is already port forwarded on that port. Wget https://localhost:82 work fine on ssh locally. Ive researched everything online AI has recmoneded with no reselution.This was never a issue with asl3 version 3.0.20 which Im currently running on one of my allstar nodes that is work fine.

N8EI · March 14, 2026, 4:33pm

Using "https" is your problem. If you changed the port from 80 to 82, that's just simply "http". Use http://localhost:82.

N7JYS · March 14, 2026, 7:10pm

Im confused port 443 has to do with HTTPS this was never changed just port 80 which is http.

In a browser if i access my node’s cotpit via http://node:address:82 I get the same error using https.

WD5M · March 14, 2026, 8:13pm

Look at /etc/apache2/ports.conf, If necessary, add or duplicate a Listen line that specifies port 82. Then restart/reload apache2 (systemctl restart apache2.service).

David, WD5M

N8EI · March 15, 2026, 12:42am

You said you were using wget https:// in the earlier post. Doing https against a non-HTTPS service will result in the error you reported.

Elwell · March 15, 2026, 9:05am

Hi @N7JYS - Your original post doesn’t make it clear what you’re trying to achieve.

You say wget https://localhost:82 works OK, but not over the internet, then later you mention cockpit (I think - typos don’t help). If this is the linux web based management, then you should be aware that only works over https by design.

Do you have a SSL certificate you are trying to use?. What is the actual error you’re seeing?

Andrew

N7JYS · March 15, 2026, 12:51pm

David, after alot of trial and error I’m finding that ASL3 ver. 3.1.2 apache is different from ver 3.0.20

Taking your suggestion and leaving the virtal port 80 alone, changing only the <port.config> to 82 worked but then changing it back broke the system. I was restarting apache2 evertime I make changes. Below is the error I get when changing back to 80 after a apache2 restart and reboot of the system.

root@45989:~# wget http://localhost:80
--2026-03-15 07:37:09-- http://localhost/
Resolving localhost (localhost)... ::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://localhost/ [following]
--2026-03-15 07:37:09-- https://localhost/
Connecting to localhost (localhost)|::1|:443... connected.
ERROR: The certificate of ‘localhost’ is not trusted.
ERROR: The certificate of ‘localhost’ doesn't have a known issuer.
The certificate's owner does not match hostname ‘localhost’

<VirtualHost *:80>
ServerName ip-172-31-41-233.local
ServerAdmin webmaster@ip-172-31-41-233.local
DocumentRoot /var/www/html
LogLevel error
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

This is whats in /etc/apache2/sites-available/000-defualt.conf ASL3 ver 3.2.1

This is not there in ver 3.0.20 just <VirtualHost *:80>

Not sure what happened changing back to port 80 in the <ports.conf > file did, but it no longer likes

the certificate of ‘Localhost’ This seems to be a bug to me. So I went back to version 3.0.20 with

no issues.

Eric

N7JYS

N8EI · March 15, 2026, 1:03pm

That is not a bug. You are missing the fact that there were changes to the pi of appliances we made with the release and support of Trixie. Mainly, all web traffic now redirect to the secure connection so you need to use port 443 or change the Apache configuration by hand not to redirect. This was a purposeful change because of how the pi appliance is being used on the Internet. I would suggest that if you have to use an alternative port, that you leave the ports on the appliance itself alone and map them differently in your router.

N7JYS · March 15, 2026, 1:18pm

I and using wget in ssh to test apache2 locally. I understand 80 is an http port not a https port.

However in ALS3 Ver 3.0.20 I have no issues setting VirtualHost to port 82, and <ports.conf> port also to 82, I able to access suppermon and allmon3 using http://42292.asnode.org:82/allmon3 and <http://42292.asnode.org:82/supermon. I also can also access the cockpit with http://42292.asnode.org:82

You might read my response to David WD5M

Eric

N7JYS

N8EI · March 15, 2026, 2:27pm

I, in fact, did read your response, which is why I responded what I did. And you pointed out the fact that the configuration is different and I’m telling you that it is on purpose. If you do not want the redirection to Port 443 then edit the configuration and comment out the lines that all begin with “Rewrite” and restart apache2. You can then change 80 to 82 and it’ll work fine. But it’s not a bug, it’s a design choice.