httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wilda, Jet" <Jet.Wi...@ChasePaymentech.com>
Subject RE: [users@httpd] Packet debugging when using mod_ssl
Date Wed, 18 Jun 2008 15:10:17 GMT
Hi,

	We use ssldump http://www.rtfm.com/ssldump/ to do that sort of
thing.  Though you may need to disable some of the cipher suites (found
that diffie-hellman doesn't work).

~Jet

-----Original Message-----
From: Ian Lord [mailto:mailing-lists@msdi.ca] 
Sent: Wednesday, June 18, 2008 10:48 AM
To: users@httpd.apache.org
Subject: [users@httpd] Packet debugging when using mod_ssl

Hi,

I am dealing with a connexion problem from a custom web browser.

For some reason, one particular user from the custom web browser is
getting
an error 400 (Bad Request) from Apache on a specific page requested by
POST.

I've did a lot of research and can't find what's wrong... I would like
to
see the actual packets for the request to see what's in there to try to
diagnose the product further... The problem is that the connexion is ssl
encrypted with mod_SSL...

A packet analyser gave me the encrypted content so I am not able to
analyse
it.

I found out about mod_log_forensic which dump the request to log file,
but I
am not sure if I can trust the results. Log forensic shows a get request
instead of a post and it's very basic
"
+212e:485861ea:0|GET /
-212e:485861ea:0
"

In there, I expect to see a post, not a get, the host, the referrer, the
"Accept", etc but I see only this...

That's why I presume that the request is so bad apache doesn't log it
correctly using mod_log_forensic...

Is there a way to actually "dump" the content of the request after being
decrypted by mod_ssl but before it is analysed for processing ?

Or can anyone suggest me a way to debug this further ?

Thanks in advance




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
----------
Learn more about Chase Paymentech Solutions,LLC payment processing services at www.chasepaymentech.com.

THIS MESSAGE IS CONFIDENTIAL.  This e-mail message and any attachments are proprietary and
confidential information intended only for the use of the recipient(s) named above.  If you
are not the intended recipient, you may not print, distribute, or copy this message or any
attachments.  If you have received this communication in error, please notify the sender by
return e-mail and delete this message and any attachments from your computer.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message