Openid Connect SSL_PROTECTION_ERROR on callback url

Question

I'm trying to implement the OIDC login system to my website. I'm using openID connect discovery to gather all the required information from the .well-known/openid-configuration. I have managed to get to the login part and everything, but when the IDP (Identity provider) is trying to redirect to my site to return the user information, I get an SSL_PROTECTION_ERROR. More specifically google chrome returns this

"This site can’t provide a secure connection 10.10.10.10 sent an invalid response. ERR_SSL_PROTOCOL_ERROR"

I'm not sure how to configure my apache server to enable SSL, or I'm guessing thats why the problem occurs.

My redirect url is the following: https://10.10.10.10:3000/secure/redirect

My Apache config file looks like this:

ServerName localhost
Listen 3000

LoadModule auth_openidc_module modules/mod_auth_openidc.so
<VirtualHost *:8080>
  SSLEngine On
  SSLCertificateFile /etc/pki/tls/certs/localhost.crt
  SSLCertificateKeyFile /etc/pki/tls/private/locahost.key
  ServerName localhost
  ErrorLog /var/log/httpd/justus-backend.log
  <Location /api>
    ProxyPass http://localhost:3000
    ProxyPassReverse http://localhost:3000
  </Location>
  <Location /secure/redirect>
    SSLEngine On
    SSLCertificateFile /etc/pki/tls/certs/localhost.crt
    SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
    ServerName 10.10.10.10
    AuthType openid-connect
    Require valid-user
    Listen 3000
  </Location>
</VirtualHost>

{% if environment_id == "vagrant" %}
EnableSendfile Off
{% endif %}

All help is appreciated, I'm quite new to server side stuff and I'm having problems solving this.

Br, Victor

Answer 1

Your redirect URI should point to the "external" URL, i.e. the URL that the browser is accessing, so most probably: https://10.10.10.10:8080/secure/redirect