httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel R. Blair" <joeca...@realcoders.org>
Subject RE: [users@httpd] Problems with SSL All of a Sudden
Date Sat, 24 May 2003 23:05:05 GMT
On Sat, 24 May 2003, Paul Simon wrote:

> > well, in the VirtualHost for the :443, there is a
> > CustomLog directive,
> > which logs stuff to ssl_request_log, and, when I
> > telnet to port 443, and
> > execute a get request, it does log an error stating
> > that the client isn't
> > communicating in SSL mode.. would there be anything
> > I could do that would
> > help you troubleshoot anymore by telnetting to port
> > 443 and executing
> > anything and sending you the log entries?
> >
> > I beleive the errors it's reporting are simply
> > because I'm not
> > comunicating in SSL, so, I'm not taking them as true
> > errors.. but.. they
> > could be..
>
> Ok. This to me is a good thing. It's saying that the
> SSL server would handle the request if the client was
> communicating using SSL. Is there anything on the
> *localhost* you could try which CAN communicate using
> SSL, successfully?

Unfortunately, lynx nor links is installed, and I'm not aware of anything
else that would establish an SSL connection.. I can ssh to the box, but
that's port 22, not 443.. and I am pretty sure is unrelated to SSL.. is
there anything you know of that I could do to test it using SSL?


> > What is a 504 (gateway timeout) error?  I don't get
> > this using mozilla
> > through a FreeBSD gateway aliasing my DSL IP.. I've
> > tried through lynx and
> > links as well.. does 504 gateway timeout give any
> > indication as to what is
> > the problem?
>
> Do you have a proxy server between the SSL box and the
> web user?

That error was submitted by someone else on the list when attempting to
connect to the server, so, it's possible that they had a proxy in between
and that's why they were getting the error.. the server is "www.juke.biz"
which, once loaded, will allow you to enter a username/pw in the upper
left hand corner, once you click login, it will try to post it to an https
URL and return an error (to me right away) stating that it cannot connect.
I am running a local DNS server, so, it's possible that the DNS is cached,
hence the immediate return.. but, if you'd like to try and see for
yourself, you can see what you get when trying to access
https://www.juke.biz/content/index.jsp...

> > Since we have established that it is listening on
> > 443 by the 0.0.0.0:443
> > LISTEN in the netstat -na output, what does that
> > mean/not mean?  That
> > apache is establishing an SSL listener socket, but
> > it's not being
> > forwarded to Apache?  Or Apache is not responding
> > properly?
> >
>
> Yes, there's a SSL socket listening for requests.
> Whenever I've seen a listening socket, it's been a
> good thing for me during the troubleshooting process.

Ok, that's what I figured, but, wasn't sure due to the 0.0.0.0 part of the
netstat report... wasn't sure if it was confused as to which address to
connect on, or something else that I wasn't aware of.. but.. this confirms
my thoughts on the particular piece of information..

> To me, it seems like your server is listening on the
> correct port. If you could just establish an actual
> SSL conection from the localhost then that would be a
> step in the right direction.

Is there any reason that Apache would just stop responding to SSL requests
for no reason?  Today I even replaced the conf files and included virtual
host files with a backup from a week or two ago, restarted, and am still
getting the same error...  it's totally weird, and it's getting to the
point where it must be fixed.. and I have no clue what to do about it...


Danny


                           = Daniel Blair =
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- dblair@realcoders.org -                   [http://www.realcoders.org]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message