httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Asif Iqbal <vad...@gmail.com>
Subject Re: [users@httpd] failing to access ssl port
Date Wed, 20 Apr 2011 17:53:47 GMT
On Wed, Apr 20, 2011 at 1:41 PM, Mark Montague <mark@catseye.org> wrote:
>  On April 19, 2011 23:27 , Asif Iqbal <vadud3@gmail.com> wrote:
>>
>> [Tue Apr 19 22:34:36 2011] [info] [client 192.168.0.248] Connection to
>> child 1 established (server www.example.net:8443)
>> [Tue Apr 19 22:34:36 2011] [info] Seeding PRNG with 136 bytes of entropy
>> [Tue Apr 19 22:34:36 2011] [info] [client 192.168.0.248] (70014)End of
>> file found: SSL handshake interrupted by system [Hint: Stop button
>> pressed in browser?!]
>> [Tue Apr 19 22:34:36 2011] [info] [client 192.168.0.248] Connection
>> closed to child 1 with abortive shutdown (server www.example.net:8443)
>
>> Any suggestion?
>
>
> You can use "openssl s_client" to see what is happening when you try to
> connect to Apache HTTP Server via HTTPS.  Hopefully there will be a clue to
> what is causing the problem in the "openssl s_client" output.  However, if

CONNECTED(00000004)
depth=0 /C=US/ST=Virginia/L=Arlington/O=MyCompany/OU=IP
Systems/CN=www.example.com/emailAddress=www@example.net
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=US/ST=Virginia/L=Arlington/O=MyCompany/OU=IP
Systems/CN=www.example.com/emailAddress=www@example.net
verify return:1
---
Server certificate
-----BEGIN CERTIFICATE-----
MIID1zCCA0CgAwIBAgIJAL96cIEYeKELMA0GCSqGSIb3DQEBBQUAMIGkMQswCQYD
VQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEjAQBgNVBAcTCUFybGluZ3RvbjEU
MBIGA1UEChMLQ2VudHVyeUxpbmsxEzARBgNVBAsTCklQIFN5c3RlbXMxHzAdBgNV
5UOuONDRKQOJog9k1y1bG1Qd7k7f2wf1q4tVHJzFmDGcfPoV4Jmyvrhf+l3a944f
W7xPESMP8sLaAsOQfG97AU4k1K1NxTnQr4EBu0g4BKsvx/T8Tm2/Bq3Q6UOqUnus
3NiehaHnP2DvGojCNvQ8C6OHGNH0wlYhn0+l
-----END CERTIFICATE-----
subject=/C=US/ST=Virginia/L=Arlington/O=MyCompany/OU=IP
Systems/CN=www.example.com/emailAddress=www@example.net
issuer=/C=US/ST=Virginia/L=Arlington/O=MyCompany/OU=IP
Systems/CN=www.example.com/emailAddress=www@example.net
---
No client certificate CA names sent
---
Ciphers common between both SSL endpoints:
RC4-MD5         EXP-RC4-MD5     RC2-CBC-MD5
EXP-RC2-CBC-MD5 DES-CBC-MD5     DES-CBC3-MD5
---
SSL handshake has read 1136 bytes and written 312 bytes
---
New, SSLv2, Cipher is DES-CBC3-MD5
Server public key is 1024 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : SSLv2
    Cipher    : DES-CBC3-MD5
    Session-ID: A6FB6CDFD07F7352644F9517C46BD0E9
    Session-ID-ctx:
    Master-Key: 650BB947BF1CC0B3DE7F44362D8442BF89F36A8BE38E544F
    Key-Arg   : 017A547D1D49679A
    Start Time: 1303321981
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)


> the handshake is successful, then your might have a problem with the web
> browser or your network rather than with Apache HTTP Server.
>
> If "openssl s_client" does not give any clues as to what is happening, add
> "ssl:debug" to the end of your existing LogLevel directive, restart httpd,
> and reproduce the error using your web browser again.  More information
> should be logged to the Apache error log this time.
>
> If neither of those work, send us all your SSL configuration directives, not
> just the SSLCipherSuite directive, plus any relevant portions of virtual
> host configuration directives.
>
> --
>  Mark Montague
>  mark@catseye.org
>
>



-- 
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message