Taxii-Push Error: SSL_Wrong_Version_Number

[csoccti]

Hi,

I've been trying to add the MISP-Taxii-Server configuration to my up-and-running Apache MISP server on Ubuntu 20.0.4 LTS.
When I try to do the following:
taxii-push --path https://localhost:9000/services/inbox -f ~/MISP-Taxii-Server/tests/test.xml --dest my_collection --username admin --password admin

I receive the following error:
**HTTPSConnectionPool(hostlocalhost',** port=9000): Max retries exceeded with url: /services/inbox (Caused by SSLError(SSLError(1, '[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1131)')))

Attached are my configuration files (please note - the secret and passwords have all been changed, I'm using the default values for demonstration):

MISP/Taxii-Server/config/config.yaml
`domain: "localhost"
support_basic_auth: yes

persistence_api:
class: opentaxii.persistence.sqldb.SQLDatabaseAPI
parameters:
db_connection: mysql://taxii:some_password@localhost/taxiipersist
create_tables: yes

auth_api:
class: opentaxii.auth.sqldb.SQLDatabaseAPI
parameters:
db_connection: mysql://taxii:some_password@localhost/taxiiauth
create_tables: yes
secret: ILoveTheSecretStringIsIsGreatButNeedsToBeChangedFrienderino

logging:
opentaxii: info
root: info

hooks: misp_taxii_hooks.hooks

zmq:
host: localhost
port: 50000

misp:
url: "https://localhost"
api: APIKEY
dedup: true
collections:
- my_collection
- my_collection2
publish: false

taxii:
auth:
username: admin
password: admin
collections:
- collection

verifySSL: False
`
I've added the verifySSL:False value to try and diagnose the problem, it hadn't changed a thing.

etc/apache2/sites-enabled/misp-ssl.conf
`<VirtualHost *:80>
ServerAdmin [email protected]
ServerName localhost

Header always unset "X-Powered-By"

RewriteEngine On
RewriteCond %{HTTPS}  !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

ServerSignature Off

<VirtualHost *:444>
ServerAdmin [email protected]
ServerName localhost
DocumentRoot /var/www/MISP/app/webroot
<Directory /var/www/MISP/app/webroot>
Options -Indexes
AllowOverride all
Require all granted

SSLEngine On

SSLProtocol All
SSLCipherSuite (values)
SSLHonorCipherOrder off
SSLSessionTickets off

Protocols h2 http/1.1

SSLCertificateFile /usr/local/share/ca-certificates/MISP/localhost+3.pem
SSLCertificateKeyFile /usr/local/share/ca-certificates/MISP/localhost+3-key.pem
SSLCertificateChainFile /usr/local/share/ca-certificates/MISP/rootCA.pem

LogLevel warn
ErrorLog /var/log/apache2/misp.local_error.log
CustomLog /var/log/apache2/misp.local_access.log combined

ServerSignature Off

Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
Header always set X-Content-Type-Options nosniff
Header always set X-Frame-Options SAMEORIGIN
Header always unset "X-Powered-By"

SSLUseStapling On
SSLStaplingCache "shmcb:logs/ssl_stapling(32768)"
`

I am not using a proxy as far as I am aware (tried set | grep -i proxy and got no results).

When I telnet to localhost 9000 and try GET to https://localhost:9000/services/inbox, I receive a 404 error.

However, when I curl -i -v https://localhost:9000/services/inbox, I receive the following output:

*   Trying localhost:9000...
* TCP_NODELAY set
* Connected to localhost port 9000 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* error:1408F10B:SSL routines:ssl3_get_record:wrong version number
* Closing connection 0
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number

What am I doing wrong? And how do I fix this?

Thanks in advance.

[csoccti]

Apache ports.conf file:
`Listen 80

IfModule ssl_module
Listen 443
Listen 9000
/IfModule

IfModule mod_gnutls.c
Listen 443
Listen 9000
/IfModule
`