Call one of our experts: (202) 602 1426
- KB >>
- SSL Certificates >>
- Troubleshooting >>
- Troubleshooting: Apache servor >>
- Troubleshooting : SSL routines error 140070FC : Unknown Protocol
This message occurs when connecting:
Error: " 000000a3 :SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:28"
Error: "SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol"
Error: "[error] [client 188.8.131.52] Invalid method in request \x80\x80\x01\x03\x01
A unique IP address has not been assigned to the ‘VirtualHost’ directive in the secure virtual host configuration. Extra lines in the httpd.conf file are disabling SSL sessions to Apache. There is a bad configuration for the ip address mapping on the NAT box for the Firewall.
This occurs for 3 reasons and can be fixed with the three steps below:
1. A unique IP address has not been assigned to the ‘VirtualHost’ directive in the secure virtual host configuration.
Please assign a unique IP address to the domain name in question. Please assign the IP address to the ‘VirtualHost’ directive in the secure virtual host container, change the line to (example)
Here is an example of a secure virtual host container for Apache modSSL:
# General setup for the virtual host
ServerAdmin [email protected]
ScriptAlias /cgi-bin/ /home
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A test
# certificate can be generated with ‘make certificate’ under
# built time. Keep in mind that if you’ve both a RSA and a DSA
# certificate you can configure both in parallel (to also allow
# the use of DSA ciphers, etc.)
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you’ve both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
# Note: Inside SSLCACertificatePath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
# Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
# authentication or alternatively one huge file containing all
# of them (file must be PEM encoded)
# Note: Inside SSLCARevocationPath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
# Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a
# number which specifies how deeply to verify the certificate
# issuer chain before deciding the certificate is not valid.
# With SSLRequire you can do per-directory access control based
# on arbitrary complex boolean expressions containing server
# variable checks and other lookup directives. The syntax is a
# mixture between C and Perl. See the mod_ssl documentation
# for more details.
# SSL Engine Options:
# Set various options for the SSL engine.
# Translate the client X.509 into a Basic Authorisation. This means that
# the standard Auth/DBMAuth methods can be used for access control. The
# user name is the ‘one line’ version of the client’s X.509 certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: ‘xxj31ZMTZzkVA’.
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
# server (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates
# into CGI scripts.
# This exports the standard SSL/TLS related ‘SSL_*’ environment variables.
# Per default this exportation is switched off for performance reasons,
# because the extraction step is an expensive operation and is usually
# useless for serving static content. So one usually enables the
# exportation for CGI and SSI requests only.
# This exports obsolete environment variables for backward compatibility
# to Apache-SSL 1.x, mod_ssl 2.0.x, Sioux 1.0 and Stronghold 2.x. Use this
# to provide compatibility to existing CGI scripts.
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
# under a "Satisfy any" situation, i.e. when it applies access is denied
# and no other module can change it.
# This enables optimized SSL connection renegotiation handling when SSL
# directives are used in per-directory context.
#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
# SSL Protocol Adjustments:
# The safe and default but still SSL/TLS standard compliant shutdown
# approach is that mod_ssl sends the close notify alert but doesn’t wait for
# the close notify alert from client. When you need a different shutdown
# approach you can use one of the following variables:
# This forces an unclean shutdown when the connection is closed, i.e. no
# SSL close notify alert is send or allowed to received. This violates
# the SSL/TLS standard but is needed for some brain-dead browsers. Use
# this when you receive I/O errors because of the standard approach where
# mod_ssl sends the close notify alert.
# This forces an accurate shutdown when the connection is closed, i.e. a
# SSL close notify alert is send and mod_ssl waits for the close notify
# alert of the client. This is 100% SSL/TLS standard compliant, but in
# practice often causes hanging connections with brain-dead browsers. Use
# this only for browsers where you know that their SSL implementation
# Notice: Most problems of broken clients are also related to the HTTP
# keep-alive facility, so you usually additionally want to disable
# keep-alive for those clients, too. Use variable "nokeepalive" for this.
# Similarly, one has to force some clients to use HTTP/1.0 to workaround
# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
# "force-response-1.0" for this.
SetEnvIf User-Agent ".*MSIE.*" \
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
2. Extra lines in the httpd.conf file are disabling SSL sessions to Apache.
Please ensure if an extra set of " " references exists in the secure virtual host configuration.
If your secure virtual host container looks like this:
## SSL Virtual Host Context
Please erase the statement and one of the closing statements.
3. The IP address mapping on the NAT box for the Firewall is not well configured.
Please check the NAT mappings for the firewall, if the incorrect IP addresses are being specified you will not be able to connect securely.
Wp http error curl error 28
Please make sure your store meets these basic requirements as these will fix most errors:
1. WooCommerce version 3.0 is installed. Previous versions won’t work.
2. Pretty/Custom Permalinks are enabled
3. API is enabled
Pretty/Custom Permalinks can be enabled in your WordPress Dashboard under Settings > Permalinks
To enable the REST API within WooCommerce, visit the tab and tick the Enable REST API checkbox WooCommerce > Settings > API
Also, make sure the following plugins are disabled as they are known to cause errors with the API:
– JetPack by WordPress.com
– W3 Cache
– Bulk Add Terms
– Akisnet antispam
– Smush Image Compression and Optimization
1. Invalid Signature – provided signature does not match
This error occurs when your Site Address, WordPress Address, and Connected Store address don’t match.
Head over to your WordPress dashboard, select the Settings tab and you will see WordPress Address and Site Address.
Now make sure that the Connected Shop URL in your ShopMaster Settings "Manage Channels" is the same. You can easily edit the WordPress Address and Site Address to match the Connected Store URL.
You will not get the ‘Invalid Signature – provided signature does not match’ error from your server when all the 3 addresses/URLs are same.
2. No Route was found matching the URL
This error occurs when you are not using WooCommerce version 3.0 or newer. Updating your WooCommerce plugin to the latest version will fix this issue.
3. Null Error
This happens because of WP Smush. If you aren’t using WP Smush, disable all plugins except WooCommerce and try again. This way you can be sure if the error is because of a plugin. If it works, enable plugins one by one and you can easily know which plugin is causing the error.
4. Image ID is not valid
This error is caused by the W3 cache plugin. Disabling the plugin should fix the issue.
5. Product Request Error
This error means that ShopMaster had not received your server response or your server has some internal error, you need to check your server log.
Please note , When you publish a WooCommerce listing, the product images amount more than 11 will probably cause server internal errors.
6. Product Request Error: Status message: Not Found. Reference message: Not Found The requested URL /wp-json/wc/v2/products was not found on this server.
This error usually caused by incorrect Permalink setting, please make sure the option ‘Default’ is NOT being selected.
7. Product Request Error: You are not allowed to create resources
This error means the request blocked by your server. Usually caused by some WordPress security plugins or configuration of server settings. Please disable all of the plugins to try again. If you’re still having problems creating products to the WooCommerce this article has some good suggestions for resolving common WooCommerce server configuration issues.
8. Product Request Error: Status message: OK. Reference message: Fatal error: Out of memory
Please try to increase the WordPress PHP memory limit:
10. Product Request Error: woocommerce_product_image_upload_error:Error getting remote image [URL]. Error: cURL error 28: Operation timed out after 10001 milliseconds with [number] out of [number] bytes received.
Increase your server’s ‘max_input_time’ from -1 to 36000 should fix this issue.
11. Product Request Error: Moved Permanently
a. If you have changed the site URL from ‘http’ to ‘https’, you need to reconnect your store to ShopMastere with the ne w site URL.
b. If your store URL on ShopMaster is: https://www.xxx.com, you need to remove ‘www.’ and reconnect your store to ShopMaster with URL: https://xxx.com.
12. Product Request Error: You don’t have permission to access.
This error code is shown when your server permissions don’t allow access to a specific page. Please refer to this article:
How to Fix the 403 Forbidden Error in WordPress
This usually caused by the configuration of your WooCommerce Server, which has prevented access without a web browser. Please contact your host vendor to resolve this issue.
15. Product Request Error: woocommerce_rest_cannot_view: Sorry, you cannot view this resource.
Please reconnect your store to ShopMaster should fix this issue.
Tips for My Personal Computer
I can’t remember all things. So I note down all in this Blog.
Tuesday, January 26, 2016
Solve WP SES Curl Error on Ubuntu
Error Solved: SES Won’t work without Curl
- First Install CURL by typing sudo apt-get install curl
- Then Restart Apache by typing sudo service apache2 restart
- Then Install PHP5 CURL by typing sudo apt-get install php5-curl
- will prompt to install. type y or yes!
- Then Restart Apache by typing sudo service apache2 restart Done!
Thursday, May 7, 2015
Disable All Core Updates + Theme and Plugin Editing Permission for WordPress
Tuesday, April 21, 2015
How to download file using Windows Command Line (CMD)
You can write a VBScript and run it from the command line
Create a file downloadfile.vbs and insert the following contents:
Run it from the command line as follows:
Saturday, March 28, 2015
How To Install Any HUAWEI Modem On UBUNTU 14.04 LTS
Friday, March 27, 2015
AutoManual: Install Netbeans on Ubuntu 14.04 LTS
QuickTip: Right click to open terminal in current directory in Ubuntu
Open your Terminal and type & hit below command
sudo apt-get install nautilus-open-terminal
You may need to restart nautilus for the change to appear.
killall nautilus && nautilus
Thursday, March 26, 2015
Install Simple Screen Recorder on Ubuntu 14.04 LTS
Install the best screen recorder for Ubuntu today!
*Run the codes one at a time*
sudo add-apt-repository ppa:maarten-baert/simplescreenrecorder
sudo apt-get update
sudo apt-get install simplescreenrecorder
For Ubuntu 64bit: whoever wants to record 32bit games
sudo apt-get install simplescreenrecorder-lib:i386