httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From WC -Sx- Jones <li...@insecurity.org>
Subject Re: [users@httpd] Problems with SSL All of a Sudden
Date Sun, 25 May 2003 00:23:28 GMT

On Saturday, May 24, 2003, at 07:05  PM, Daniel R. Blair wrote:

> https://www.juke.biz/content/index.jsp...


I ran a few checks (nmap, Tyrantula, a few Perl SSL scans) and I will 
say that as of Sat 20:10 Eastern, that https server is NOT online -- 
all connect attempts failed (if you are using tripwire or portsentry 
then your logs will show connect attempts from bellsouth and/or 
insecurity.org...)  What version of Unix are you using?  If you are 
using SUN/Solaris - did you check to make sure SunScreen lite is not 
installed and active?

At any rate, it can only be one or more of the following -

1)  A Juke.biz firewall is blocking access to 443.

2)  There is a 443 config error - whether logged or not -- from one or 
more Apache server extension modules:

My scan shows (http checked, could not connect to https) -

HTTP Status:  200 null
Date:  Sun, 25 May 2003 02:26:16 GMT
Server:  Apache/2.0.43 (Unix) mod_ssl/2.0.43 OpenSSL/0.9.6b 
mod_jk/1.2.0 PHP/4.2.3
Set-Cookie:  JSESSIONID=733BDB1F81BB4D3DF0F49801EE3550BB; Path=/
Keep-Alive:  timeout=15, max=100
Connection:  Keep-Alive
Transfer-Encoding:  chunked
Content-Type:  text/html;charset=ISO-8859-1
content-length:  20977

3.  The apachectl startssl command (or -D SSL option) was not used to 
start the server.

4.  The ssl.conf file is not being included, and therefore ignored, 
upon start-up.

I believe the list has exhausted all avenues for resolution, therefore 
(if I were in your shoes) I suggest you contact a third party SSL 
consultant who can troubleshoot and rebuild the SSL portion as 
appropriate.

I mean, if this is a business issue, then it would dictate that a 
proper business resolution be followed at this late date.


HTH/Sx

http://insecurity.org/
_Sx____________________
  ('>    iudicium ferat
  //\   Have Computer -
  v_/_    Will Hack...

               \|/ ____ \|/
               "@'/ .. \`@"
               /_| \__/ |_\
                  \__U_/


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message