Apache Server - my HTTPS is not working but HTTP does

English Applications
#1

I have tried to convert my HTTP web to HTTPS.

I get

An error occurred during a connection to ww2.llrainey.us:2080. SSL received a record that exceeded the maximum permissible length.

Error code: SSL_ERROR_RX_RECORD_TOO_LONG

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.

I know that the site is sending the HTTP data not the HTTPS.

I have tried everything that is posted in the internet as how to fix this but nothing seems to work

My SSL key was generated with this and does display


openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out apache-certificate.crt -keyout apache.key

llrainey@VM1:~> openssl s_client -showcerts -servername llr9 -connect llr9:443 > cacert.pem
depth=0 C = US, ST = Missouri, L = Loma Linda, O = LLR, CN = 12.10.107.177, emailAddress = llrainey15@gmail.com
verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, ST = Missouri, L = Loma Linda, O = LLR, CN = 12.10.107.177, emailAddress = llrainey15@gmail.com
verify return:1
llrainey@VM1:~> openssl s_client -showcerts -servername llr9 -connect llr9:443 > cacert.pem
depth=0 C = us, ST = mo, L = loma linda, O = llr, CN = ww2:llrainey.us, emailAddress = llrainey15@gmail.com
verify error:num=18:self signed certificate
verify return:1
depth=0 C = us, ST = mo, L = loma linda, O = llr, CN = ww2:llrainey.us, emailAddress = llrainey15@gmail.com
verify return:1
llrainey@VM1:~> openssl x509 -inform PEM -in cacert.pem -text -out certdata
llrainey@VM1:~> cat certdata
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:1d:b6:ae:6c:aa:c7:66:ef:3f:45:4a:a7:ed:80:71:33:d1:e7:91
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = us, ST = mo, L = loma linda, O = llr, CN = ww2:llrainey.us, emailAddress = llrainey15@gmail.com
        Validity
            Not Before: Oct  8 22:20:27 2021 GMT
            Not After : Oct  8 22:20:27 2022 GMT
        Subject: C = us, ST = mo, L = loma linda, O = llr, CN = ww2:llrainey.us, emailAddress = llrainey15@gmail.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (4096 bit)
                Modulus:
                    00:b1:0a:08:40:3c:08:a8:44:8a:00:59:98:18:49:
                    4d:50:d8:d4:cd:04:61:47:60:98:46:9c:1f:bd:4e:
                    c2:01:96:73:bb:ac:1d:a4:28:dc:18:98:da:a5:21:
                    1e:ae:ed:35:b8:6a:cb:bf:77:f7:85:93:1d:56:4d:
                    db:94:bd:96:80:70:3a:0e:9c:7b:07:42:22:fe:0a:
                    38:62:00:07:ed:ab:fe:70:7e:de:8f:a2:94:be:13:
                    5f:7c:39:e7:85:0a:d2:68:49:e7:a8:d7:42:ff:3f:
                    ec:60:b7:8f:a6:65:2b:2f:5a:3c:e8:5b:32:22:3d:
                    00:24:b0:6e:24:1b:ec:96:9e:17:42:33:98:c6:19:
                    5c:a8:85:14:c7:4f:58:37:84:5d:1f:6b:66:88:32:
                    b4:7f:19:dd:a0:78:4c:4e:b8:0c:29:b1:a1:0b:6f:
                    d2:59:4b:ff:55:97:01:34:bf:6b:1e:a4:02:52:47:
                    43:a7:0d:ad:23:c0:fa:2b:3b:90:6f:08:6b:22:e7:
                    37:10:64:50:1a:de:69:76:2e:76:0e:4f:cb:71:fd:
                    6f:c5:38:8c:fc:cc:f4:fd:6e:df:d8:82:71:a2:16:
                    f3:1f:e0:9d:6b:2b:1b:35:43:4c:f3:29:39:b7:07:
                    7b:6c:8a:ff:f0:d9:ea:0c:3a:47:5f:f2:c8:9f:96:
                    28:8c:a8:95:be:27:5f:4a:35:46:ff:c0:ef:ae:78:
                    14:03:37:7c:65:cc:ac:1f:7b:3d:cb:04:f3:40:c6:
                    f8:70:b1:e5:dd:7a:3c:61:11:50:1c:e6:9a:60:96:
                    59:35:bc:f9:80:c6:e9:ff:85:79:4f:4c:f5:6f:b9:
                    5c:38:0b:90:ad:72:06:26:a7:2a:b0:fe:8e:f9:0a:
                    6c:92:20:84:dc:8c:73:68:7c:fb:cd:82:77:4c:a0:
                    2e:8f:db:23:14:95:c8:f7:bb:f0:2d:bf:a6:23:6c:
                    25:64:00:e8:f3:99:d5:18:35:05:b2:86:30:c2:05:
                    df:01:6a:01:47:47:dd:32:3d:9e:76:29:53:90:29:
                    83:fb:89:b5:64:34:06:73:0a:e7:7b:05:fa:b7:b4:
                    16:10:c7:97:10:36:a2:e8:17:14:25:31:68:9c:fa:
                    d1:5d:0f:74:80:77:17:cd:6d:fd:1f:b4:6b:36:b6:
                    9f:2b:26:b5:80:b9:a9:f2:3e:72:08:70:06:12:a8:
                    15:5c:c4:d4:3d:ed:9a:c4:e3:63:04:f3:fd:57:fd:
                    54:b1:4b:5a:bf:a1:5d:be:8e:dc:ae:5a:8c:77:82:
                    77:7f:51:2a:e9:f6:22:c9:30:e6:e5:fb:2c:1f:5c:
                    8f:3e:62:d1:69:00:4d:81:65:8b:24:85:7c:a1:95:
                    66:ae:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                60:C3:A6:40:50:3B:6E:23:EE:26:98:78:DE:9B:E8:B7:C4:C4:EF:69
            X509v3 Authority Key Identifier: 
                keyid:60:C3:A6:40:50:3B:6E:23:EE:26:98:78:DE:9B:E8:B7:C4:C4:EF:69

            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
         1c:ec:2d:90:3d:56:66:cd:c0:6c:7e:8d:51:06:0c:6c:a0:fa:
         51:c7:62:0e:13:02:08:23:55:d7:bf:5c:3e:58:c4:7b:9a:30:
         fb:e3:4c:a5:70:f7:58:29:89:9f:13:d7:69:78:39:93:98:61:
         a8:ee:67:54:9c:bd:42:a0:e7:50:a0:1a:cd:cc:94:cf:60:8b:
         7f:60:5b:f4:d0:f5:ec:32:70:bf:18:d4:8e:63:d7:08:45:1b:
         17:43:0f:7c:b7:73:b7:63:a0:d5:bc:fa:48:33:d3:95:65:8b:
         39:0c:ac:41:c5:59:26:59:a3:cb:23:8e:df:b8:27:51:1e:d4:
         b4:1c:f7:ba:2b:f2:e3:8e:8d:98:36:d4:dc:ec:8a:cf:c1:52:
         da:ea:bd:9d:25:d7:fc:6a:6f:f7:73:c2:0a:c1:b3:2f:5a:e5:
         9a:f5:1c:75:5b:da:89:c7:3c:7f:b7:a4:a4:62:78:e1:a1:a9:
         15:c9:ff:1a:dd:a3:44:40:c2:3b:d3:a5:67:36:d3:db:0a:2c:
         8c:70:a3:6d:35:68:fc:fd:f1:a9:6e:48:ec:e0:0e:83:03:47:
         39:d9:c7:8d:a9:28:bf:b4:ab:3a:5b:db:12:9a:6d:ab:2b:0a:
         d7:de:10:d5:05:02:2d:5a:21:14:01:b0:43:70:d8:da:e0:c9:
         3f:e9:f4:1b:a1:3d:c8:30:59:6c:cd:a6:73:15:1a:de:69:12:
         c9:1e:e4:cc:93:d8:b4:f3:a8:b3:a4:b6:bd:ae:eb:a0:47:1e:
         38:b3:76:7f:22:f2:10:28:74:3a:ab:86:94:41:9d:2a:0d:99:
         0b:56:cb:84:f3:8c:00:c3:8e:4e:45:42:0c:13:76:00:81:3a:
         7f:2c:ab:bf:63:99:91:d3:12:59:2d:dd:59:a4:e2:00:b6:ff:
         65:b3:b2:0c:4e:d8:d1:8f:35:0d:5c:c7:e9:2d:88:83:ab:ab:
         ef:b9:98:cb:28:2f:7d:02:75:92:b2:d0:db:e4:e1:a1:1d:d4:
         c2:ce:88:14:8f:8c:80:fa:bd:9e:13:d3:a4:6f:0a:76:c7:46:
         24:b9:98:f0:5d:03:1c:07:60:c3:85:bd:12:7e:06:16:58:89:
         83:40:14:b9:b0:11:65:9f:7c:ef:5e:e6:15:60:ac:fa:26:c5:
         45:95:3e:96:de:f8:5c:6e:bc:fc:02:b4:6a:c4:fb:f7:11:5a:
         30:d3:cb:3d:66:d6:93:5e:69:74:27:ca:19:50:a1:0a:b2:85:
         db:6c:fb:da:e8:d1:6d:04:cb:98:77:6f:7a:a8:68:39:dd:a3:
         37:ff:3d:06:11:f6:f4:12:5a:f4:b3:f6:8d:d6:b4:be:66:11:
         22:cd:a3:34:f7:dc:28:1d
-----BEGIN CERTIFICATE-----
MIIF2TCCA8GgAwIBAgIUJx22rmyqx2bvP0VKp+2AcTPR55EwDQYJKoZIhvcNAQEL
BQAwfDELMAkGA1UEBhMCdXMxCzAJBgNVBAgMAm1vMRMwEQYDVQQHDApsb21hIGxp
bmRhMQwwCgYDVQQKDANsbHIxGDAWBgNVBAMMD3d3MjpsbHJhaW5leS51czEjMCEG
CSqGSIb3DQEJARYUbGxyYWluZXkxNUBnbWFpbC5jb20wHhcNMjExMDA4MjIyMDI3
WhcNMjIxMDA4MjIyMDI3WjB8MQswCQYDVQQGEwJ1czELMAkGA1UECAwCbW8xEzAR
BgNVBAcMCmxvbWEgbGluZGExDDAKBgNVBAoMA2xscjEYMBYGA1UEAwwPd3cyOmxs
cmFpbmV5LnVzMSMwIQYJKoZIhvcNAQkBFhRsbHJhaW5leTE1QGdtYWlsLmNvbTCC
AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALEKCEA8CKhEigBZmBhJTVDY
1M0EYUdgmEacH71OwgGWc7usHaQo3BiY2qUhHq7tNbhqy79394WTHVZN25S9loBw
Og6cewdCIv4KOGIAB+2r/nB+3o+ilL4TX3w554UK0mhJ56jXQv8/7GC3j6ZlKy9a
POhbMiI9ACSwbiQb7JaeF0IzmMYZXKiFFMdPWDeEXR9rZogytH8Z3aB4TE64DCmx
oQtv0llL/1WXATS/ax6kAlJHQ6cNrSPA+is7kG8IayLnNxBkUBreaXYudg5Py3H9
b8U4jPzM9P1u39iCcaIW8x/gnWsrGzVDTPMpObcHe2yK//DZ6gw6R1/yyJ+WKIyo
lb4nX0o1Rv/A7654FAM3fGXMrB97PcsE80DG+HCx5d16PGERUBzmmmCWWTW8+YDG
6f+FeU9M9W+5XDgLkK1yBianKrD+jvkKbJIghNyMc2h8+82Cd0ygLo/bIxSVyPe7
8C2/piNsJWQA6POZ1Rg1BbKGMMIF3wFqAUdH3TI9nnYpU5Apg/uJtWQ0BnMK53sF
+re0FhDHlxA2ougXFCUxaJz60V0PdIB3F81t/R+0aza2nysmtYC5qfI+cghwBhKo
FVzE1D3tmsTjYwTz/Vf9VLFLWr+hXb6O3K5ajHeCd39RKun2Iskw5uX7LB9cjz5i
0WkATYFliySFfKGVZq43AgMBAAGjUzBRMB0GA1UdDgQWBBRgw6ZAUDtuI+4mmHje
m+i3xMTvaTAfBgNVHSMEGDAWgBRgw6ZAUDtuI+4mmHjem+i3xMTvaTAPBgNVHRMB
Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQAc7C2QPVZmzcBsfo1RBgxsoPpR
x2IOEwIII1XXv1w+WMR7mjD740ylcPdYKYmfE9dpeDmTmGGo7mdUnL1CoOdQoBrN
zJTPYIt/YFv00PXsMnC/GNSOY9cIRRsXQw98t3O3Y6DVvPpIM9OVZYs5DKxBxVkm
WaPLI47fuCdRHtS0HPe6K/Ljjo2YNtTc7IrPwVLa6r2dJdf8am/3c8IKwbMvWuWa
9Rx1W9qJxzx/t6SkYnjhoakVyf8a3aNEQMI706VnNtPbCiyMcKNtNWj8/fGpbkjs
4A6DA0c52ceNqSi/tKs6W9sSmm2rKwrX3hDVBQItWiEUAbBDcNja4Mk/6fQboT3I
MFlszaZzFRreaRLJHuTMk9i086izpLa9ruugRx44s3Z/IvIQKHQ6q4aUQZ0qDZkL
VsuE84wAw45ORUIME3YAgTp/LKu/Y5mR0xJZLd1ZpOIAtv9ls7IMTtjRjzUNXMfp
LYiDq6vvuZjLKC99AnWSstDb5OGhHdTCzogUj4yA+r2eE9Okbwp2x0YkuZjwXQMc
B2DDhb0SfgYWWImDQBS5sBFln3zvXuYVYKz6JsVFlT6W3vhcbrz8ArRqxPv3EVow
08s9ZtaTXml0J8oZUKEKsoXbbPva6NFtBMuYd296qGg53aM3/z0GEfb0Elr0s/aN
1rS+ZhEizaM099woHQ==
-----END CERTIFICATE-----
llrainey@VM1:~> wget -S http://ww2.llrainey.us:2080/
--2021-10-08 18:49:19--  http://ww2.llrainey.us:2080/
Resolving ww2.llrainey.us (ww2.llrainey.us)... 12.10.107.177
Connecting to ww2.llrainey.us (ww2.llrainey.us)|12.10.107.177|:2080... connected.
HTTP request sent, awaiting response... 
  HTTP/1.1 200 OK
  Date: Fri, 08 Oct 2021 23:49:19 GMT
  Server: Apache
  Last-Modified: Wed, 29 Jul 2015 18:04:01 GMT
  ETag: "1090-51c076953c640"
  Accept-Ranges: bytes
  Content-Length: 4240
  Keep-Alive: timeout=15, max=100
  Connection: Keep-Alive
  Content-Type: text/html
Length: 4240 (4.1K) [text/html]
Saving to: ‘index.html’

index.html          100%===================>]   4.14K  --.-KB/s    in 0s      

2021-10-08 18:49:19 (200 MB/s) - ‘index.html’ saved [4240/4240]

llrainey@VM1:~>
#2

My Apache files


LLR9:/etc/apache2 # cat  sysconfig.d/loadmodule.conf
# File generated from /etc/sysconfig/apache2, do not edit. Edit the sysconfig file instead.
LoadModule actions_module /usr/lib64/apache2-prefork/mod_actions.so
LoadModule alias_module /usr/lib64/apache2-prefork/mod_alias.so
LoadModule auth_basic_module /usr/lib64/apache2-prefork/mod_auth_basic.so
LoadModule authn_file_module /usr/lib64/apache2-prefork/mod_authn_file.so
LoadModule authz_host_module /usr/lib64/apache2-prefork/mod_authz_host.so
LoadModule authz_groupfile_module /usr/lib64/apache2-prefork/mod_authz_groupfile.so
LoadModule authz_core_module /usr/lib64/apache2-prefork/mod_authz_core.so
LoadModule authz_user_module /usr/lib64/apache2-prefork/mod_authz_user.so
LoadModule autoindex_module /usr/lib64/apache2-prefork/mod_autoindex.so
LoadModule cgi_module /usr/lib64/apache2-prefork/mod_cgi.so
LoadModule dir_module /usr/lib64/apache2-prefork/mod_dir.so
LoadModule env_module /usr/lib64/apache2-prefork/mod_env.so
LoadModule expires_module /usr/lib64/apache2-prefork/mod_expires.so
LoadModule include_module /usr/lib64/apache2-prefork/mod_include.so
LoadModule log_config_module /usr/lib64/apache2-prefork/mod_log_config.so
LoadModule mime_module /usr/lib64/apache2-prefork/mod_mime.so
LoadModule negotiation_module /usr/lib64/apache2-prefork/mod_negotiation.so
LoadModule setenvif_module /usr/lib64/apache2-prefork/mod_setenvif.so
LoadModule ssl_module /usr/lib64/apache2-prefork/mod_ssl.so
LoadModule socache_shmcb_module /usr/lib64/apache2-prefork/mod_socache_shmcb.so
LoadModule userdir_module /usr/lib64/apache2-prefork/mod_userdir.so
LoadModule reqtimeout_module /usr/lib64/apache2-prefork/mod_reqtimeout.so
LoadModule authn_core_module /usr/lib64/apache2-prefork/mod_authn_core.so
LoadModule rewrite_module /usr/lib64/apache2-prefork/mod_rewrite.so
LoadModule http2_module /usr/lib64/apache2-prefork/mod_http2.so
LLR9:/etc/apache2 # cat apache2.conf
<Directory />
        Options FollowSymLinks
        AllowOverride None
        Require all denied
</Directory>

<Directory /usr/share>
        AllowOverride None
        Require all granted
</Directory>

<Directory /srv/www/>
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted
</Directory>
        Protocols h2 http/1.1

LLR9:/etc/apache2 # cat httpd.conf
#
# /etc/apache2/httpd.conf 
#
# This is the main Apache server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See <URL:https://httpd.apache.org/docs/2.4/> for detailed information about
# the directives.

# Based upon the default apache configuration file that ships with apache,
# which is based upon the NCSA server configuration files originally by Rob
# McCool. This file was knocked together by Peter Poeml <poeml+apache@suse.de>.

# If possible, avoid changes to this file. It does mainly contain Include
# statements and global settings that can/should be overridden in the
# configuration of your virtual hosts.

# Quickstart guide:
# https://en.opensuse.org/SDB:Apache_installation


# Overview of include files, chronologically:
#
# httpd.conf
#  | 
#  |-- uid.conf  . . . . . . . . . . . . . .  UserID/GroupID to run under
#  |-- server-tuning.conf  . . . . . . . . .  sizing of the server (how many processes to start, ...)
#  |-- loadmodule.conf . . . . . . . . . . .  
[li] load these modules[/li]#  |-- listen.conf . . . . . . . . . . . . .  IP adresses / ports to listen on
#  |-- mod_log_config.conf . . . . . . . . .  define logging formats
#  |-- global.conf . . . . . . . . . . . . .  
[li] server-wide general settings[/li]#  |-- mod_status.conf . . . . . . . . . . .  restrict access to mod_status (server monitoring)
#  |-- mod_info.conf . . . . . . . . . . . .  restrict access to mod_info
#  |-- mod_reqtimeout.conf . . . . . . . . .  set timeout and minimum data rate for receiving requests
#  |-- mod_cgid-timeout.conf . . . . . . . .  set CGIDScriptTimeout if mod_cgid is loaded/active
#  |-- mod_usertrack.conf  . . . . . . . . .  defaults for cookie-based user tracking
#  |-- mod_autoindex-defaults.conf . . . . .  defaults for displaying of server-generated directory listings
#  |-- mod_mime-defaults.conf  . . . . . . .  defaults for mod_mime configuration
#  |-- errors.conf . . . . . . . . . . . . .  customize error responses
#  |-- ssl-global.conf . . . . . . . . . . .  SSL conf that applies to default server _and all_ virtual hosts
#  |-- protocols.conf  . . . . . . . . . . .  Protocol settings that applies to default server _and all_ virtual hosts
#  |
#  |-- default-server.conf . . . . . . . . .  set up the default server that replies to non-virtual-host requests
#  |    |--mod_userdir.conf  . . . . . . . .  enable UserDir (if mod_userdir is loaded)
#  |    `--conf.d/apache2-manual?conf  . . .  add the docs ('?' = if installed)
#  |
#  `-- vhosts.d/ . . . . . . . . . . . . . .  for each virtual host, place one file here
#       `-- *.conf . . . . . . . . . . . . .     (*.conf is automatically included)
#
#
# Files marked 
[li] are NOT read when server is started via systemd service. When server[/li]# is started via service, defaults from /etc/sysconfig/apache2 are taken into account.
#



#  Filesystem layout:
#
# /etc/apache2/
#  |-- charset.conv  . . . . . . . . . . . .  for mod_auth_ldap
#  |-- conf.d/
#  |   |-- apache2-manual.conf . . . . . . .  conf that comes with apache2-doc
#  |   |-- mod_php4.conf . . . . . . . . . .  (example) conf that comes with apache2-mod_php4
#  |   `-- ... . . . . . . . . . . . . . . .  other configuration added by packages
#  |-- default-server.conf
#  |-- errors.conf
#  |-- httpd.conf  . . . . . . . . . . . . .  top level configuration file
#  |-- listen.conf
#  |-- magic
#  |-- mime.types -> ../mime.types
#  |-- mod_autoindex-defaults.conf
#  |-- mod_info.conf
#  |-- mod_log_config.conf
#  |-- mod_mime-defaults.conf
#  |-- mod_perl-startup.pl
#  |-- mod_status.conf
#  |-- mod_userdir.conf
#  |-- mod_usertrack.conf
#  |-- server-tuning.conf
#  |-- ssl-global.conf
#  |-- protocols.conf
#  |-- ssl.crl/  . . . . . . . . . . . . . .  PEM-encoded X.509 Certificate Revocation Lists (CRL)
#  |-- ssl.crt/  . . . . . . . . . . . . . .  PEM-encoded X.509 Certificates
#  |-- ssl.csr/  . . . . . . . . . . . . . .  PEM-encoded X.509 Certificate Signing Requests
#  |-- ssl.key/  . . . . . . . . . . . . . .  PEM-encoded RSA Private Keys
#  |-- ssl.prm/  . . . . . . . . . . . . . .  public DSA Parameter Files
#  |-- global.conf
#  |-- loadmodule.conf
#  |-- uid.conf
#  `-- vhosts.d/ . . . . . . . . . . . . . .  put your virtual host configuration (*.conf) here
#      |-- vhost-ssl.template
#      `-- vhost.template



### Global Environment ######################################################
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests.

# run under this user/group id
Include /etc/apache2/uid.conf

# - how many server processes to start (server pool regulation)
# - usage of KeepAlive
Include /etc/apache2/server-tuning.conf

# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here.  If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog /var/log/apache2/error_log

# generated from default value of APACHE_MODULES in /etc/sysconfig/apache2
<IfDefine !SYSCONFIG>
  Include /etc/apache2/loadmodule.conf
</IfDefine>

# IP addresses / ports to listen on
Include /etc/apache2/listen.conf

# predefined logging formats
Include /etc/apache2/mod_log_config.conf

# generated from default values of global settings in /etc/sysconfig/apache2
<IfDefine !SYSCONFIG>
  Include /etc/apache2/global.conf
</IfDefine>

# optional mod_status, mod_info
Include /etc/apache2/mod_status.conf
Include /etc/apache2/mod_info.conf

# mod_reqtimeout protects the server from the so-called "slowloris"
# attack: The server is not swamped with requests in fast succession,
# but with slowly transmitted request headers and body, thereby filling up
# the request slots until the server runs out of them.
# mod_reqtimeout is lightweight and should deliver good results
# with the configured default values. You shouldn't notice it at all.
Include /etc/apache2/mod_reqtimeout.conf

# Fix for CVE-2014-0231 introduces new configuration parameter 
# CGIDScriptTimeout. This directive and its effect prevent request 
# workers to be eaten until starvation if cgi programs do not send 
# output back to the server within the timout set by CGIDScriptTimeout.
Include /etc/apache2/mod_cgid-timeout.conf

# optional cookie-based user tracking
# read the documentation before using it!!
Include /etc/apache2/mod_usertrack.conf

# configuration of server-generated directory listings
Include /etc/apache2/mod_autoindex-defaults.conf

# associate MIME types with filename extensions
TypesConfig /etc/apache2/mime.types
Include /etc/apache2/mod_mime-defaults.conf

# set up (customizable) error responses
Include /etc/apache2/errors.conf

# global (server-wide) SSL configuration, that is not specific to 
# any virtual host
Include /etc/apache2/ssl-global.conf

# global (server-wide) protocol configuration, that is not specific
# to any virtual host
Include /etc/apache2/protocols.conf

# forbid access to the entire filesystem by default
<Directory />
    Options None
    AllowOverride None
    <IfModule !mod_access_compat.c>
        Require all denied
    </IfModule>
    <IfModule mod_access_compat.c>
        Order deny,allow
        Deny from all
    </IfModule>
</Directory>

# use .htaccess files for overriding,
AccessFileName .htaccess
# and never show them
<Files ~ "^\.ht">
    <IfModule !mod_access_compat.c>
        Require all denied
    </IfModule>
    <IfModule mod_access_compat.c>
        Order allow,deny
        Allow from all
    </IfModule>
</Files>

# List of resources to look for when the client requests a directory
DirectoryIndex index.html index.html.var

### 'Main' server configuration #############################################
#
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition.  These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
#
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
#
Include /etc/apache2/default-server.conf


### Virtual server configuration ############################################
#
# VirtualHost: If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:https://httpd.apache.org/docs/2.4/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.
#
IncludeOptional /etc/apache2/vhosts.d/*.conf


# Note: instead of adding your own configuration here, consider 
#       adding it in your own file (/etc/apache2/httpd.conf.local)
#       putting its name into APACHE_CONF_INCLUDE_FILES in 
#       /etc/sysconfig/apache2 -- this will make system updates 
#       easier :) 
LLR9:/etc/apache2 # cat  sites-enabled/000-default.conf
<VirtualHost *:80>
    ServerAdmin llrainey15@gmail.com
    ServerName ww2.llrainey.us
#    Redirect / https://ww2.llrainey.us:2080/
</Virtualhost>

<VirtualHost *:443>
    Protocols h2 http/1.1
    ServerAdmin llrainey15@gmail.com
    ServerName ww2.llrainey.us
    ServerAlias *.oddsnevens.com
    ErrorLog logs/oddsnevens.com-error_log
    CustomLog logs/oddsnevens.com-access_log common
    DocumentRoot oddsnevens
    Protocols h2 http/1.1

<Directory /srv/www/>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

</VirtualHost>

    SSLProtocol all -SSLv2
    SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
    SSLEngine on
    SSLCertificateFile /etc/apache2/certificate/apache-certificate.crt
    SSLCertificateKeyFile /etc/apache2/certificate/apache.key
LLR9:/etc/apache2 #
#3

I ran these commands in trying to fix it

1198     a2enmod proxy_fcgi
1199     a2enmod setenvif
1200     a2enconf php7.4-fpm
1201     a2dismod php7.4
1202     a2dismod mpm_prefork
1203     a2dismod mpm_worker
1204     a2enmod mpm_event
1205     a2enmod http2

1226     a2dismod php7.4-fpm
1227     a2dismod php7.4

LLR9:/etc/apache2 # cat  /etc/sysconfig/apache2

## Path:       Network/WWW/Apache/SuSEhelp
## Description:       SuSE help doc server configuration
## Type:       yesno
## Default:       no
## Config:         apache
## ServiceRestart: apache
## Command:
#
# Set this to yes on the central documentation server
# or to configure apache for local use of susehelp. 
# Then the online-help-system indices are automatically adjusted
# and access to the help-files is allowed as specified in DOC_ALLOW.
# To run as a client for the central documentation server who's name
# is specified in DOC_HOST, just set DOC_SERVER to no.
# The DOC_HOST and DOC_ALLOW variables are in the file /etc/sysconfig/susehelp.
#
DOC_SERVER="no"
## Path:    Network/WWW/Apache2
## Description:    Configuration for Apache 2
## Type:    string
## Default:    ""
## ServiceRestart: apache2
#
# Here you can name files, separated by spaces, that should be Include'd from 
# httpd.conf. 
#
# This allows you to add e.g. VirtualHost statements without touching 
# /etc/apache2/httpd.conf itself, which makes upgrading easier. 
#
APACHE_CONF_INCLUDE_FILES=""

## Type:    string
## Default:    ""
## ServiceRestart: apache2
#
# Here you can name directories, separated by spaces, that should be Include'd 
# from httpd.conf. 
#
# All files contained in these directories will be recursively included by apache.
# If a pattern like *.conf is appended, apache will use it.
#
# Examples: "/etc/apache2/my_conf/"
#           "/etc/apache2/virtual_hosts/*.conf"
#           "local/*.conf /srv/www/virtual/"
#
APACHE_CONF_INCLUDE_DIRS=""

## Type:    string
## Default:    "actions alias auth_basic authn_file authz_host authz_groupfile authz_core authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl socache_shmcb userdir reqtimeout"
## ServiceRestart: apache2
#
# [It might look silly to not simply edit httpd.conf for the LoadModule statements.
# However, since the LoadModule statements might need an absolute path to the modules,
# switching between MPMs can be quite a hassle. It's easier to just give the names here.]
#
# * list of all modules shipped with the base distribution: 
#   see /usr/lib64/apache2-$MPM
#   see http://httpd.apache.org/docs/2.4/mod/ !
#
# * It pays to use IfDefine statements... like
#    <IfModule mod_xyz.c>
#        ....
#    </IfModule>
#
# * In the APACHE_MODULES variable, you can use mod_xyz or just xyz syntax.
#   You may also name an absolute path if you like.
#
# * NOTES ON SSL: 
#   1. Before you can use mod_ssl, you need a server certificate. 
#      A test certificate can be created by entering e. g.
#
#      $ gensslcert -n a.com -C a.com -e webmaster@a.com
#
#      See gensslcert -h for or gensslcert script itself for details.
#   2. Also, you need to set the ServerName inside the <VirtualHost _default_:443> 
#      block to the fully qualified domain name (see /etc/HOSTNAME).
#   3. If your server certificate is protected by a passphrase you should increase the
#      APACHE_START_TIMEOUT (see above)
#   4. Consider to load also socache_shmcb module, see
#      http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslsessioncache
#      for details.
#   5. To finally enable ssl support, you need to add 'SSL' to APACHE_SERVER_FLAGS 
#      below.
#
# * modules listed here will be ignored if they are not installed
#
#
# EXAMPLES:
#
# fairly minimal
# APACHE_MODULES="authz_host alias auth dir log_config mime setenvif"
#
# apache's default installation
# APACHE_MODULES="authz_host actions alias asis auth autoindex cgi dir imap include log_config mime negotiation setenvif status userdir"
# your settings
#APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile authz_core authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl socache_shmcb userdir reqtimeout authn_core rewrite proxy_fcgi mpm_event http2"
APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile authz_core authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl socache_shmcb userdir reqtimeout authn_core rewrite mpm_event http2"


## Type:    string
## Default:    ""
## ServiceRestart: apache2
#
# Additional server flags:
#
# Put here any server flags ("Defines") that you want to hand over to 
# httpd at start time, or other command line flags.
#
# Background: Any directives within an <IfDefine flag>...</IfDefine>
#             section are only processed if the flag is defined.
#             This allows to write configuration which is active only in a
#             special cases, like during server maintenance, or for testing
#             something temporarily.
#
# Notably, to enable ssl support, 'SSL' needs to be added here.
# To enable the server-status, 'STATUS' needs to be added here.
#
# It does not matter if you write flag1, -D flag1 or -Dflag1.
# Multiple flags can be given as "-D flag1 -D flag2" or simply "flag1 flag2".
#
# Specifying such flags here is equivalent to giving them on the commandline.
# (e.g. via rcapache2 start -DReverseProxy)
#
# Example:
#      "SSL STATUS AWSTATS SVN_VIEWCVS no_subversion_today"
#
APACHE_SERVER_FLAGS="SSL"

## Type:    string
## Default:    ""
## ServiceRestart: apache2
#
# Which config file do you want to use?
# (if not set, /etc/apache2/httpd.conf is used.)
# It is unusual to need to use this setting.
#
APACHE_HTTPD_CONF=""

## Type:    list(prefork,worker,event,itk)
## Default:    ""
## ServiceRestart: apache2
#
# MPM (multi-processing module) to use.
#
# Needed to determine with which MPM apache will run, as well as
# against which header files modules will be built. 
#
# If not set, the system will simply pick one of the installed MPMs.
#
# The implementation of the logic is in /usr/share/apache2/find_mpm,
# a script which can be used standalone as well if needed.
#
APACHE_MPM=""

## Type:    string
## Default:    ""
## ServiceReload: apache2
#
# email address of the server administrator (ServerAdmin directive)
# This address is added to the server's responses if APACHE_SERVERSIGNATURE 
# is set to "email". 
#
# If empty ("") it defaults to webmaster@$FQHOSTNAME, where FQHOSTNAME is
# taken from /etc/HOSTNAME. 
#
# Note that ServerAdmin directives inside VirtualHost statements are not
# changed, even not the one in the stock SSL virtual host block. 
#
APACHE_SERVERADMIN=""

## Type:    string
## Default:    ""
## ServiceReload: apache2
#
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If this is not set to valid DNS name for your host, server-generated
# redirections will not work.  See also the UseCanonicalName directive.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
# You will have to access it by its address anyway, and this will make 
# redirections work in a sensible way.
#
APACHE_SERVERNAME=""

## Type:    integer
## Default:    2
#
# timeout during server startup (seconds)
# after this time, the start script decides wether the httpd process started without error.
#
# Increase it, if you use mod_ssl and your certificate is passphrase protected!
#
APACHE_START_TIMEOUT="2"

## Type:    list(on,off,email)
## Default:    "on"
## ServiceReload: apache2
#
# Configures the footer on server-generated documents 
# This correlates to the ServerSignature directive. 
#
APACHE_SERVERSIGNATURE="off"

## Type:    list(debug,info,notice,warn,error,crit,alert,emerg)
## Default:    "warn"
## ServiceReload: apache2
#
# LogLevel: Control the number of messages logged to the error_log.
#
APACHE_LOGLEVEL="warn"

## Type:    string
## Default:    "/var/log/apache2/access_log combined"
## ServiceRestart: apache2
#
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here.  Contrarywise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
#
# Simply set it to empty, if you configure it yourself somewhere else.
# 
# Examples:
#
# If you would like to have agent and referer logfiles:
#
# setting it to "/var/log/apache2/referer_log referer, /var/log/apache2/agent_log agent"
#   corresponds to 
# CustomLog /var/log/apache2/referer_log referer
# CustomLog /var/log/apache2/agent_log   agent
#
# If you prefer a single logfile with access, agent, and referer information
# (Combined Logfile Format):
#
# setting it to "/var/log/apache2/access_log combined"
#   corresponds to 
# CustomLog /var/log/apache2/access_log combined
#
APACHE_ACCESS_LOG="/var/log/apache2/access_log combined"

## Type:    list(On,Off,DNS)
## Default:    "Off"
## ServiceReload: apache2
#
# UseCanonicalName: Determines how Apache constructs self-referencing 
# URLs and the SERVER_NAME and SERVER_PORT variables.
# When set "Off", Apache will use the Hostname and Port supplied
# by the client.  When set "On", Apache will use the value of the
# ServerName directive.
#
APACHE_USE_CANONICAL_NAME="off"

## Type:    list(Major,Minor,Minimal,ProductOnly,OS,Full)
## Default:    "OS"
## ServiceReload: apache2
#
# How much information the server response header field contains about the server.
# (installed modules, versions, etc.)
# see http://httpd.apache.org/docs/2.4/mod/core.html#servertokens
#
APACHE_SERVERTOKENS="ProductOnly"

## Type:    list(on,off)
## Default:    "off"
## ServiceReload: apache2
#
# If mod_status is used, include extended information about the server, like 
# CPU usage, in the status report. It is a server-wide setting, and it can cost
# some performance!
#
APACHE_EXTENDED_STATUS="off"
LLR9:/etc/apache2 #

Had to delete an entry in

#4

I need to correct my statements.

HTTPS is working but as HTTP

HTTP gives this error and if I redirect http to https everything stops working.

Bad request!

Your browser (or proxy) sent a request that this server could not understand.

If you think this is a server error, please contact the webmaster.
Error 400
ww2.llrainey.us
Apache
#5

On a lark - I tried it on the machine it is running on and it worked.

Figured out the problem was I had the router still pointing to port 80 and not 443. When I changed it - magic - it worked.